[vlc-devel] [PATCH 14/14] upnp_server: add the upnp server module
dev.asenat at posteo.net
Thu Mar 25 13:49:39 UTC 2021
We can work on adding a whitelist system based on client's IP. The
could set it up beforehand in a config file or accept incoming access
via UI dialogs ("SomeIP is trying to access your media via upnp do you
accept?"). That might be the best we can offer in term of monitoring
accessing the server unfortunately. Ofc, this technique has flaws:
- It can be bypassed quite easily to say the least.
- It makes it a bit harder for the users that just want a media
server at home
to deploy their server (having to setup static IP on authorized
fill in their ip into the server, ehrr).
> Besides, it's not a problem of *when* UPnP is enabled. It's a
problem of *who*
> can do *what* with it. Stating the obvious here, but authorized and
> unauthorized clients will coexist.
I think it's both. UPNP/DLNA aren't designed around security and data
at all, we will only find tradeoffs on that regard. Being transparent
with the users and making sure the server is enabled only whenever they
to be on is equaly important.
> It looks like this is creating a private player instance (very good)
> main VLC process (very bad). For reliability and stability, separate
> really need to run a separate process, especially if transcode or
> "complex" streaming output filters are involved.
I like the idea. I don't think this will come for the test version as
needs quite a lot of rework. The players could spawn in a separate
output their transcoded data in some shared memory that will be used by
libupnp http server.
Thanks for the suggestion.
More information about the vlc-devel