[vlc-devel] [PATCH 1/2] cli: remove TCP mode (--rc-host)
Pierre Ynard
linkfanel at yahoo.fr
Sat Nov 21 11:43:34 CET 2020
> There are several issues with TCP mode:
> - It can only handle one client at a time, and will ignore any new
> connection until the current one properly ends, making it as
> unreliable as it comes.
> - Most commands are not acknowledged.
> - It has no security whatsoever.
>
> There is not much point trying to "fix" those issues, as it would
> not provide backward compatibility, which was the only reason to keep
> this.
This is problematic.
The lua CLI handled multiple TCP clients fine. I'd like if you could
please clarify how most commands are unacknowledged, because I'm seeing
messages for them; but at least the lua CLI always returned a new "> "
prompt as acknowledgement. And the lua CLI even had password security
with the telnet mode.
So you broke this by removing the lua CLI, then you refused fixing
broken features, and now you're using the fact that they're broken as
rationale to remove them. This process is problematic.
I'm going to state again what was decided at the last technical meeting
about this:
> Regressions will be fixed by Rémi (or other) if there are track
> issues
But you've wontfix'd several of these trac tickets relevant to this
patchset now, and despite my efforts you have been avoiding frank and
open discussion about them, too often leaving me to infer some rationale
from partial or incorrect statements of yours.
So not only this removal runs counter to earlier agreed-on guidelines,
at least its commit log is wrong and misleading, and this way of going
about it is backwards: we can decide to remove or alter features, but
that should be discussed on the features' own merits beforehand, not on
the basis that this subsystem has started to be dismantled and features
that worked fine in 3.0 are now thrown in a half-broken limbo state: I
mean, cli.lua, as well as host.lua, with proper multiple client support
and even multiple endpoint support, are still in the repository and
still functional with `-I telnet`, so what are we really doing here?
I disagree with this patchset. TCP mode is a good and practical feature,
with valid and secure use cases, for example a custom streaming
application involving controller and streaming components split
across several application servers on a trusted server LAN. I refute
all the issues you point out, which wouldn't even be real motivation
for removal. And I disagree with the direction and process of the
developments of the CLI, and disagree with this kind of feature removal
without resolving this first, and disagree with the ordering of the
dismantling process you're putting forward should we even agree on some
of its substance.
> For remote control, the HTTP interface is much better. It is insecure,
> but at least it handles multiple clients, acknowledges requests and
> requires a password.
The exact same thing can be said about the lua CLI. In fact the lua
CLI is even better because contrary to the HTTP interface, it works
without internet access, doesn't leak or advertise the location of the
VLC instance interface, and doesn't open cross-site attack vectors.
> For reliability and security, a much better approach is to pass the
> CLI commands over SSH (or similar) - which is what people actually do.
Do you have data to back up that assertion about what people do? I can
see how it sounds like a better approach with interactive sessions,
but for non-interactive application interfacing, an SSH channel as
dependency sounds very heavy, and slow especially if you don't keep
it open, also for example can you forward a connection to VLC's Unix
control socket over an SSH tunnel the way you can with a TCP socket?
--
Pierre Ynard
"Une âme dans un corps, c'est comme un dessin sur une feuille de papier."
More information about the vlc-devel
mailing list