diff options
| author | Matthias Kortstiege <matthias (at) kortstiege (dot) net> | 2008-12-10 14:51:56 +0100 |
|---|---|---|
| committer | Matthias Kortstiege <matthias (at) kortstiege (dot) net> | 2008-12-10 14:51:56 +0100 |
| commit | 4a486de7c9db11591840c451ebb84c3ac1b2e8b9 (patch) | |
| tree | ccb56ed3b06e1ad6121f04e1cb08418752fa8a12 | |
| parent | 1adde56cbfb3fd20736650c4a35e351272545b0d (diff) | |
| download | vdr-plugin-live-4a486de7c9db11591840c451ebb84c3ac1b2e8b9.tar.gz vdr-plugin-live-4a486de7c9db11591840c451ebb84c3ac1b2e8b9.tar.bz2 | |
updated ssl patch
| -rw-r--r-- | README | 6 | ||||
| -rw-r--r-- | pages/vlc.ecpp | 11 | ||||
| -rw-r--r-- | setup.cpp | 16 | ||||
| -rw-r--r-- | setup.h | 2 | ||||
| -rw-r--r-- | tntconfig.cpp | 29 |
5 files changed, 28 insertions, 36 deletions
@@ -161,8 +161,10 @@ SSL Commandline options -s PORT, --sslport=PORT use PORT to listen for incoming ssl connections (default: 8443) - -c CERT, --cert=CERT path to a custom ssl certificate + -c CERT, --cert=CERT path to a custom ssl certificate file (default: $CONFIGDIR/live.pem) + -k KEY, --cert=CERT path to a custom ssl certificate key file + (default: $CONFIGDIR/live-key.pem) Creating a self-signed SSL server certificate @@ -172,7 +174,7 @@ To create a self-signed certificate file you`ll have to run this litte command. $> cd /put/your/path/here/vdr/plugins/live - $> openssl req -new -x509 -keyout server.pem -out live.pem -days 365 -nodes + $> openssl req -new -x509 -keyout live-key.pem -out live.pem -days 365 -nodes While generating the certifcate you`ll be asked to answer a couple of questions. When it prompts to enter the "Common Name" you`ll have to diff --git a/pages/vlc.ecpp b/pages/vlc.ecpp index d1afd67..db2a74d 100644 --- a/pages/vlc.ecpp +++ b/pages/vlc.ecpp @@ -96,9 +96,7 @@ using namespace vdrlive; <%cpp> #if TNTVERSION >= 1606 string server = request.getHost(); - if (Channel != 0) { - server = server.substr(0, server.rfind(':')); - } + server = server.substr(0, server.rfind(':')); #else string server = request.getServerIp(); #endif @@ -108,12 +106,7 @@ using namespace vdrlive; videourl = string("http://") + server + ":" + lexical_cast<string,int>(streamdevPort) + "/" + LiveSetup().GetStreamdevType() + "/" + *Channel->GetChannelID().ToString(); } else { -#if TNTVERSION >= 1606 -# define SERVER_AND_PORT server -#else -# define SERVER_AND_PORT server + ":" + lexical_cast<string,int>(LiveSetup().GetServerPort()); -#endif - videourl = string("http://") + SERVER_AND_PORT + "/recstream.html?recid=" + recid; + videourl = string("http://") + server + ":" + lexical_cast<string,int>(LiveSetup().GetServerPort()) + "/recstream.html?recid=" + recid; } </%cpp> <embed type="application/x-vlc-plugin" pluginspage="http://www.videolan.org/" version="VideoLAN.VLCPlugin.2" id="video1" name="video1" autoplay="yes" loop="no" width="720" height="576" target="<$ videourl $>" /> @@ -26,6 +26,7 @@ Setup::Setup(): #if TNTSSLSUPPORT m_serverSslPort( 8443 ), m_serverSslCert(), + m_serverSslKey(), #endif m_lastChannel( 0 ), m_screenshotInterval( 1000 ), @@ -57,6 +58,7 @@ bool Setup::ParseCommandLine( int argc, char* argv[] ) #if TNTSSLSUPPORT { "sslport", required_argument, NULL, 's' }, { "cert", required_argument, NULL, 'c' }, + { "key", required_argument, NULL, 'k' }, #endif { 0 } }; @@ -71,6 +73,7 @@ bool Setup::ParseCommandLine( int argc, char* argv[] ) #if TNTSSLSUPPORT case 's': m_serverSslPort = atoi( optarg ); break; case 'c': m_serverSslCert = optarg; break; + case 'k': m_serverSslKey = optarg; break; #endif default: return false; } @@ -96,6 +99,7 @@ char const* Setup::CommandLineHelp() const << " -s PORT, --sslport=PORT use PORT to listen for incoming ssl connections\n" " (default: " << m_serverSslPort << ")\n" << " -c CERT, --cert=CERT full path to a custom ssl certificate file\n" + << " -k KEY, --key=KEY full path to a custom ssl certificate key file\n" #endif << " -l level, --log=level log level for tntnet (values: INFO, DEBUG,...)\n" << " -e <dir>, --epgimages=<dir> directory for epgimages\n"; @@ -153,16 +157,20 @@ bool Setup::CheckServerSslPort() bool Setup::CheckServerIps() { + struct in6_addr buf; + if ( m_serverIps.empty() ) { - m_serverIps.push_back( "0.0.0.0" ); + m_serverIps.push_back( "::" ); return true; } for ( IpList::const_iterator ip = m_serverIps.begin(); ip != m_serverIps.end(); ++ip ) { if ( inet_addr( ip->c_str() ) == static_cast< in_addr_t >( -1 ) ) { - esyslog( "ERROR: live server ip %s is not a valid ip address", ip->c_str() ); - cerr << "ERROR: live server ip " << *ip << " is not a valid ip address" << endl; - return false; + if ( ! inet_pton( AF_INET6, ip->c_str(), &buf ) ) { + esyslog( "ERROR: live server ip %s is not a valid ip address", ip->c_str() ); + cerr << "ERROR: live server ip " << *ip << " is not a valid ip address" << endl; + return false; + } } } return true; @@ -34,6 +34,7 @@ class Setup #if TNTSSLSUPPORT int GetServerSslPort() const { return m_serverSslPort; } std::string GetServerSslCert() const { return m_serverSslCert; } + std::string GetServerSslKey() const { return m_serverSslKey; } #endif IpList const& GetServerIps() const { return m_serverIps; } // vdr-setup @@ -106,6 +107,7 @@ class Setup #if TNTSSLSUPPORT int m_serverSslPort; std::string m_serverSslCert; + std::string m_serverSslKey; static std::string m_configDirectory; #endif IpList m_serverIps; diff --git a/tntconfig.cpp b/tntconfig.cpp index 71bee4d..23943a5 100644 --- a/tntconfig.cpp +++ b/tntconfig.cpp @@ -128,24 +128,6 @@ namespace vdrlive { for ( Setup::IpList::const_iterator ip = ips.begin(); ip != ips.end(); ++ip ) { file << "Listen " << *ip << " " << port << endl; } - -// not used any more see below: #ifdef TNTVERS7 -// not used any more see below: int s_port = LiveSetup().GetServerSslPort(); -// not used any more see below: string s_cert = LiveSetup().GetServerSslCert(); -// not used any more see below: -// not used any more see below: if (s_cert.empty()) { -// not used any more see below: s_cert = configDir + "/live.pem"; -// not used any more see below: } -// not used any more see below: -// not used any more see below: if ( ifstream( s_cert.c_str() ) ) { -// not used any more see below: for ( Setup::IpList::const_iterator ip = ips.begin(); ip != ips.end(); ++ip ) { -// not used any more see below: file << "SslListen " << *ip << " " << s_port << " " << s_cert << endl; -// not used any more see below: } -// not used any more see below: } -// not used any more see below: else { -// not used any more see below: esyslog( "ERROR: %s: %s", s_cert.c_str(), strerror( errno ) ); -// not used any more see below: } -// not used any more see below: #endif } #endif @@ -277,18 +259,23 @@ namespace vdrlive { #if TNTSSLSUPPORT int s_port = LiveSetup().GetServerSslPort(); string s_cert = LiveSetup().GetServerSslCert(); + string s_key = LiveSetup().GetServerSslKey(); if (s_cert.empty()) { s_cert = configDir + "/live.pem"; } - if ( ifstream( s_cert.c_str() ) ) { + if (s_key.empty()) { + s_key = configDir + "/live-key.pem"; + } + + if ( ifstream( s_cert.c_str() ) && ifstream( s_key.c_str() ) ) { for ( Setup::IpList::const_iterator ip = ips.begin(); ip != ips.end(); ++ip ) { - app.sslListen(s_cert, s_cert, *ip, s_port); + app.sslListen(s_cert, s_key, *ip, s_port); } } else { - esyslog( "ERROR: %s: %s", s_cert.c_str(), strerror( errno ) ); + esyslog( "ERROR: Unable to load cert/key (%s/%s): %s", s_cert.c_str(), s_key.c_str(), strerror( errno ) ); } #endif // TNTSSLSUPPORT |