[FFmpeg-devel] [PATCH 3/3] Update demuxers and protocols for protocol whitelist support
Michael Niedermayer
michael at niedermayer.cc
Sat Jan 30 01:58:28 CET 2016
On Sat, Jan 30, 2016 at 12:03:48AM +0100, Andreas Cadhalpun wrote:
> On 28.01.2016 23:49, Michael Niedermayer wrote:
> > From: Michael Niedermayer <michael at niedermayer.cc>
> >
> > Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> > ---
> > libavdevice/lavfi.c | 7 ++++++-
> > libavformat/async.c | 2 +-
> > libavformat/cache.c | 3 ++-
> > libavformat/concat.c | 5 +++--
> > libavformat/crypto.c | 5 +++--
> > libavformat/dashenc.c | 9 +++++----
> > libavformat/file.c | 2 ++
> > libavformat/ftp.c | 10 ++++++----
> > libavformat/gopher.c | 4 ++--
> > libavformat/hdsenc.c | 13 +++++++------
> > libavformat/hls.c | 8 +++++---
> > libavformat/hlsenc.c | 29 +++++++++++++++--------------
> > libavformat/hlsproto.c | 11 +++++++----
> > libavformat/http.c | 18 ++++++++++++------
> > libavformat/icecast.c | 3 ++-
> > libavformat/md5proto.c | 5 +++--
> > libavformat/mmst.c | 5 +++--
> > libavformat/movenc.c | 2 +-
> > libavformat/rtmpcrypt.c | 5 +++--
> > libavformat/rtmpproto.c | 10 ++++++----
> > libavformat/rtpproto.c | 10 +++++++---
> > libavformat/rtsp.c | 20 ++++++++++----------
> > libavformat/rtspdec.c | 10 ++++++----
> > libavformat/sapdec.c | 5 +++--
> > libavformat/sapenc.c | 9 ++++++---
> > libavformat/segment.c | 17 +++++++++--------
> > libavformat/smoothstreamingenc.c | 19 +++++++++++--------
> > libavformat/srtpproto.c | 3 ++-
> > libavformat/subfile.c | 3 ++-
> > libavformat/tee.c | 5 ++++-
> > libavformat/tls.c | 5 +++--
> > libavformat/tls_securetransport.c | 5 +++--
> > libavformat/webm_chunk.c | 8 +++++---
> > 33 files changed, 165 insertions(+), 110 deletions(-)
>
> This looks mostly fine. I tested a few protocols and it worked as intended.
> However, it doesn't forward the whitelist when ffurl_connect is called directly, which
> happens in the hls demuxer and the mmsh, rtmphttp and rtsp protocols.
> I think that should be done, too.
fixed hls, others left to volunteers, i have no testcases for them
>
> Also there is avio_check, which calls ffurl_connect, but doesn't have a way to forward
> the whitelist. I'm not sure if that is a big problem, though.
>
> A few suggestions for the default_whitelist of some protocols:
> - concat: "concat,file"
> - subfile: "file"
> - ftp: "tcp"
>
> > diff --git a/libavformat/http.c b/libavformat/http.c
> > index a1f1807..26eacea 100644
> > --- a/libavformat/http.c
> > +++ b/libavformat/http.c
> [...]
> > @@ -1519,6 +1522,7 @@ URLProtocol ff_http_protocol = {
> > .priv_data_size = sizeof(HTTPContext),
> > .priv_data_class = &http_context_class,
> > .flags = URL_PROTOCOL_FLAG_NETWORK,
> > + .default_whitelist = "http,https,tcp"
> > };
> > #endif /* CONFIG_HTTP_PROTOCOL */
> >
> > @@ -1537,6 +1541,7 @@ URLProtocol ff_https_protocol = {
> > .priv_data_size = sizeof(HTTPContext),
> > .priv_data_class = &https_context_class,
> > .flags = URL_PROTOCOL_FLAG_NETWORK,
> > + .default_whitelist = "http,https,tls,tcp"
>
> These two default whitelists should probably identical, since one protocol
> is allowed to open the other.
fixed
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
While the State exists there can be no freedom; when there is freedom there
will be no State. -- Vladimir Lenin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20160130/1ff361ef/attachment.sig>
More information about the ffmpeg-devel
mailing list