summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthias Kortstiege <matthias (at) kortstiege (dot) net>2008-12-10 14:51:56 +0100
committerMatthias Kortstiege <matthias (at) kortstiege (dot) net>2008-12-10 14:51:56 +0100
commit4a486de7c9db11591840c451ebb84c3ac1b2e8b9 (patch)
treeccb56ed3b06e1ad6121f04e1cb08418752fa8a12
parent1adde56cbfb3fd20736650c4a35e351272545b0d (diff)
downloadvdr-plugin-live-4a486de7c9db11591840c451ebb84c3ac1b2e8b9.tar.gz
vdr-plugin-live-4a486de7c9db11591840c451ebb84c3ac1b2e8b9.tar.bz2
updated ssl patch
-rw-r--r--README6
-rw-r--r--pages/vlc.ecpp11
-rw-r--r--setup.cpp16
-rw-r--r--setup.h2
-rw-r--r--tntconfig.cpp29
5 files changed, 28 insertions, 36 deletions
diff --git a/README b/README
index 3eaa56d..6edeb8c 100644
--- a/README
+++ b/README
@@ -161,8 +161,10 @@ SSL Commandline options
-s PORT, --sslport=PORT use PORT to listen for incoming ssl connections
(default: 8443)
- -c CERT, --cert=CERT path to a custom ssl certificate
+ -c CERT, --cert=CERT path to a custom ssl certificate file
(default: $CONFIGDIR/live.pem)
+ -k KEY, --cert=CERT path to a custom ssl certificate key file
+ (default: $CONFIGDIR/live-key.pem)
Creating a self-signed SSL server certificate
@@ -172,7 +174,7 @@ To create a self-signed certificate file you`ll have to run this litte
command.
$> cd /put/your/path/here/vdr/plugins/live
- $> openssl req -new -x509 -keyout server.pem -out live.pem -days 365 -nodes
+ $> openssl req -new -x509 -keyout live-key.pem -out live.pem -days 365 -nodes
While generating the certifcate you`ll be asked to answer a couple of
questions. When it prompts to enter the "Common Name" you`ll have to
diff --git a/pages/vlc.ecpp b/pages/vlc.ecpp
index d1afd67..db2a74d 100644
--- a/pages/vlc.ecpp
+++ b/pages/vlc.ecpp
@@ -96,9 +96,7 @@ using namespace vdrlive;
<%cpp>
#if TNTVERSION >= 1606
string server = request.getHost();
- if (Channel != 0) {
- server = server.substr(0, server.rfind(':'));
- }
+ server = server.substr(0, server.rfind(':'));
#else
string server = request.getServerIp();
#endif
@@ -108,12 +106,7 @@ using namespace vdrlive;
videourl = string("http://") + server + ":" + lexical_cast<string,int>(streamdevPort) + "/" + LiveSetup().GetStreamdevType() + "/" + *Channel->GetChannelID().ToString();
}
else {
-#if TNTVERSION >= 1606
-# define SERVER_AND_PORT server
-#else
-# define SERVER_AND_PORT server + ":" + lexical_cast<string,int>(LiveSetup().GetServerPort());
-#endif
- videourl = string("http://") + SERVER_AND_PORT + "/recstream.html?recid=" + recid;
+ videourl = string("http://") + server + ":" + lexical_cast<string,int>(LiveSetup().GetServerPort()) + "/recstream.html?recid=" + recid;
}
</%cpp>
<embed type="application/x-vlc-plugin" pluginspage="http://www.videolan.org/" version="VideoLAN.VLCPlugin.2" id="video1" name="video1" autoplay="yes" loop="no" width="720" height="576" target="<$ videourl $>" />
diff --git a/setup.cpp b/setup.cpp
index 2be03cd..2bdf7bd 100644
--- a/setup.cpp
+++ b/setup.cpp
@@ -26,6 +26,7 @@ Setup::Setup():
#if TNTSSLSUPPORT
m_serverSslPort( 8443 ),
m_serverSslCert(),
+ m_serverSslKey(),
#endif
m_lastChannel( 0 ),
m_screenshotInterval( 1000 ),
@@ -57,6 +58,7 @@ bool Setup::ParseCommandLine( int argc, char* argv[] )
#if TNTSSLSUPPORT
{ "sslport", required_argument, NULL, 's' },
{ "cert", required_argument, NULL, 'c' },
+ { "key", required_argument, NULL, 'k' },
#endif
{ 0 }
};
@@ -71,6 +73,7 @@ bool Setup::ParseCommandLine( int argc, char* argv[] )
#if TNTSSLSUPPORT
case 's': m_serverSslPort = atoi( optarg ); break;
case 'c': m_serverSslCert = optarg; break;
+ case 'k': m_serverSslKey = optarg; break;
#endif
default: return false;
}
@@ -96,6 +99,7 @@ char const* Setup::CommandLineHelp() const
<< " -s PORT, --sslport=PORT use PORT to listen for incoming ssl connections\n"
" (default: " << m_serverSslPort << ")\n"
<< " -c CERT, --cert=CERT full path to a custom ssl certificate file\n"
+ << " -k KEY, --key=KEY full path to a custom ssl certificate key file\n"
#endif
<< " -l level, --log=level log level for tntnet (values: INFO, DEBUG,...)\n"
<< " -e <dir>, --epgimages=<dir> directory for epgimages\n";
@@ -153,16 +157,20 @@ bool Setup::CheckServerSslPort()
bool Setup::CheckServerIps()
{
+ struct in6_addr buf;
+
if ( m_serverIps.empty() ) {
- m_serverIps.push_back( "0.0.0.0" );
+ m_serverIps.push_back( "::" );
return true;
}
for ( IpList::const_iterator ip = m_serverIps.begin(); ip != m_serverIps.end(); ++ip ) {
if ( inet_addr( ip->c_str() ) == static_cast< in_addr_t >( -1 ) ) {
- esyslog( "ERROR: live server ip %s is not a valid ip address", ip->c_str() );
- cerr << "ERROR: live server ip " << *ip << " is not a valid ip address" << endl;
- return false;
+ if ( ! inet_pton( AF_INET6, ip->c_str(), &buf ) ) {
+ esyslog( "ERROR: live server ip %s is not a valid ip address", ip->c_str() );
+ cerr << "ERROR: live server ip " << *ip << " is not a valid ip address" << endl;
+ return false;
+ }
}
}
return true;
diff --git a/setup.h b/setup.h
index 1cf153f..dd315c1 100644
--- a/setup.h
+++ b/setup.h
@@ -34,6 +34,7 @@ class Setup
#if TNTSSLSUPPORT
int GetServerSslPort() const { return m_serverSslPort; }
std::string GetServerSslCert() const { return m_serverSslCert; }
+ std::string GetServerSslKey() const { return m_serverSslKey; }
#endif
IpList const& GetServerIps() const { return m_serverIps; }
// vdr-setup
@@ -106,6 +107,7 @@ class Setup
#if TNTSSLSUPPORT
int m_serverSslPort;
std::string m_serverSslCert;
+ std::string m_serverSslKey;
static std::string m_configDirectory;
#endif
IpList m_serverIps;
diff --git a/tntconfig.cpp b/tntconfig.cpp
index 71bee4d..23943a5 100644
--- a/tntconfig.cpp
+++ b/tntconfig.cpp
@@ -128,24 +128,6 @@ namespace vdrlive {
for ( Setup::IpList::const_iterator ip = ips.begin(); ip != ips.end(); ++ip ) {
file << "Listen " << *ip << " " << port << endl;
}
-
-// not used any more see below: #ifdef TNTVERS7
-// not used any more see below: int s_port = LiveSetup().GetServerSslPort();
-// not used any more see below: string s_cert = LiveSetup().GetServerSslCert();
-// not used any more see below:
-// not used any more see below: if (s_cert.empty()) {
-// not used any more see below: s_cert = configDir + "/live.pem";
-// not used any more see below: }
-// not used any more see below:
-// not used any more see below: if ( ifstream( s_cert.c_str() ) ) {
-// not used any more see below: for ( Setup::IpList::const_iterator ip = ips.begin(); ip != ips.end(); ++ip ) {
-// not used any more see below: file << "SslListen " << *ip << " " << s_port << " " << s_cert << endl;
-// not used any more see below: }
-// not used any more see below: }
-// not used any more see below: else {
-// not used any more see below: esyslog( "ERROR: %s: %s", s_cert.c_str(), strerror( errno ) );
-// not used any more see below: }
-// not used any more see below: #endif
}
#endif
@@ -277,18 +259,23 @@ namespace vdrlive {
#if TNTSSLSUPPORT
int s_port = LiveSetup().GetServerSslPort();
string s_cert = LiveSetup().GetServerSslCert();
+ string s_key = LiveSetup().GetServerSslKey();
if (s_cert.empty()) {
s_cert = configDir + "/live.pem";
}
- if ( ifstream( s_cert.c_str() ) ) {
+ if (s_key.empty()) {
+ s_key = configDir + "/live-key.pem";
+ }
+
+ if ( ifstream( s_cert.c_str() ) && ifstream( s_key.c_str() ) ) {
for ( Setup::IpList::const_iterator ip = ips.begin(); ip != ips.end(); ++ip ) {
- app.sslListen(s_cert, s_cert, *ip, s_port);
+ app.sslListen(s_cert, s_key, *ip, s_port);
}
}
else {
- esyslog( "ERROR: %s: %s", s_cert.c_str(), strerror( errno ) );
+ esyslog( "ERROR: Unable to load cert/key (%s/%s): %s", s_cert.c_str(), s_key.c_str(), strerror( errno ) );
}
#endif // TNTSSLSUPPORT