diff --git a/trunk/conf/https.flv.live.conf b/trunk/conf/https.flv.live.conf new file mode 100644 index 000000000..98a68c4c6 --- /dev/null +++ b/trunk/conf/https.flv.live.conf @@ -0,0 +1,25 @@ +# the config for srs to remux rtmp to flv live stream. +# @see https://github.com/ossrs/srs/issues/1657#issuecomment-722971676 +# @see full.conf for detail config. + +listen 1935; +max_connections 1000; +daemon off; +srs_log_tank console; +http_server { + enabled on; + listen 8080; + dir ./objs/nginx/html; + https { + enabled on; + listen 8088; + key ./conf/server.key; + cert ./conf/server.crt; + } +} +vhost __defaultVhost__ { + http_remux { + enabled on; + mount [vhost]/[app]/[stream].flv; + } +} diff --git a/trunk/conf/https.hls.conf b/trunk/conf/https.hls.conf new file mode 100644 index 000000000..bfd6e6a6f --- /dev/null +++ b/trunk/conf/https.hls.conf @@ -0,0 +1,29 @@ +# the config for srs to delivery hls +# @see https://github.com/ossrs/srs/issues/1657#issuecomment-722971676 +# @see full.conf for detail config. + +listen 1935; +max_connections 1000; +daemon off; +srs_log_tank console; +http_server { + enabled on; + listen 8080; + dir ./objs/nginx/html; + https { + enabled on; + listen 8088; + key ./conf/server.key; + cert ./conf/server.crt; + } +} +vhost __defaultVhost__ { + hls { + enabled on; + hls_fragment 10; + hls_window 60; + hls_path ./objs/nginx/html; + hls_m3u8_file [app]/[stream].m3u8; + hls_ts_file [app]/[stream]-[seq].ts; + } +} diff --git a/trunk/conf/https.hooks.callback.conf b/trunk/conf/https.hooks.callback.conf new file mode 100644 index 000000000..2714ce274 --- /dev/null +++ b/trunk/conf/https.hooks.callback.conf @@ -0,0 +1,19 @@ +# http-hooks or https-callbacks config for srs. +# @see https://github.com/ossrs/srs/issues/1657#issuecomment-720889906 +# @see full.conf for detail config. + +listen 1935; +max_connections 1000; +daemon off; +srs_log_tank console; +vhost __defaultVhost__ { + http_hooks { + enabled on; + on_connect https://127.0.0.1:443/api/v1/clients; + on_close https://127.0.0.1:443/api/v1/clients; + on_publish https://127.0.0.1:443/api/v1/streams; + on_unpublish https://127.0.0.1:443/api/v1/streams; + on_play https://127.0.0.1:443/api/v1/sessions; + on_stop https://127.0.0.1:443/api/v1/sessions; + } +} diff --git a/trunk/conf/https.rtc.conf b/trunk/conf/https.rtc.conf new file mode 100644 index 000000000..ea9bc8d82 --- /dev/null +++ b/trunk/conf/https.rtc.conf @@ -0,0 +1,50 @@ + +listen 1935; +max_connections 1000; +daemon off; +srs_log_tank console; + +http_server { + enabled on; + listen 8080; + dir ./objs/nginx/html; + https { + enabled on; + listen 8088; + key ./conf/server.key; + cert ./conf/server.crt; + } +} + +http_api { + enabled on; + listen 1985; + https { + enabled on; + listen 1990; + key ./conf/server.key; + cert ./conf/server.crt; + } +} +stats { + network 0; +} +rtc_server { + enabled on; + # Listen at udp://8000 + listen 8000; + # + # The $CANDIDATE means fetch from env, if not configed, use * as default. + # + # The * means retrieving server IP automatically, from all network interfaces, + # @see https://github.com/ossrs/srs/issues/307#issuecomment-599028124 + candidate $CANDIDATE; +} + +vhost __defaultVhost__ { + rtc { + enabled on; + bframe discard; + } +} + diff --git a/trunk/src/protocol/srs_service_http_client.cpp b/trunk/src/protocol/srs_service_http_client.cpp index 57f5ac5f0..cb3cee276 100644 --- a/trunk/src/protocol/srs_service_http_client.cpp +++ b/trunk/src/protocol/srs_service_http_client.cpp @@ -193,34 +193,46 @@ srs_error_t SrsSslClient::read(void* plaintext, size_t nn_plaintext, ssize_t* nr { srs_error_t err = srs_success; - // TODO: Can we avoid copy? - int nn_cipher = nn_plaintext; - char* cipher = new char[nn_cipher]; - SrsAutoFreeA(char, cipher); + while (true) { + int r0 = SSL_read(ssl, plaintext, nn_plaintext); int r1 = SSL_get_error(ssl, r0); + int r2 = BIO_ctrl_pending(bio_in); int r3 = SSL_is_init_finished(ssl); - ssize_t nn = 0; - // Read the cipher from SSL. - if ((err = transport->read(cipher, nn_cipher, &nn)) != srs_success) { - return srs_error_wrap(err, "https: read"); + // OK, got data. + if (r0 > 0) { + srs_assert(r0 <= nn_plaintext); + if (nread) { + *nread = r0; + } + return err; + } + + // Need to read more data to feed SSL. + if (r0 == -1 && r1 == SSL_ERROR_WANT_READ) { + // TODO: Can we avoid copy? + int nn_cipher = nn_plaintext; + char* cipher = new char[nn_cipher]; + SrsAutoFreeA(char, cipher); + + // Read the cipher from SSL. + ssize_t nn = 0; + if ((err = transport->read(cipher, nn_cipher, &nn)) != srs_success) { + return srs_error_wrap(err, "https: read"); + } + + int r0 = BIO_write(bio_in, cipher, nn); + if (r0 <= 0) { + // TODO: 0 or -1 maybe block, use BIO_should_retry to check. + return srs_error_new(ERROR_HTTPS_READ, "BIO_write r0=%d, cipher=%p, size=%d", r0, cipher, nn); + } + continue; + } + + // Fail for error. + if (r0 <= 0) { + return srs_error_new(ERROR_HTTPS_READ, "SSL_read r0=%d, r1=%d, r2=%d, r3=%d", + r0, r1, r2, r3); + } } - - int r0 = BIO_write(bio_in, cipher, nn); - if (r0 <= 0) { - // TODO: 0 or -1 maybe block, use BIO_should_retry to check. - return srs_error_new(ERROR_HTTPS_READ, "BIO_write r0=%d, cipher=%p, size=%d", r0, cipher, nn); - } - - r0 = SSL_read(ssl, plaintext, nn); - if (r0 <= 0) { - return srs_error_new(ERROR_HTTPS_READ, "SSL_read r0=%d, cipher=%p, size=%d", r0, cipher, nn); - } - - srs_assert(r0 <= nn_plaintext); - if (nread) { - *nread = r0; - } - - return err; } srs_error_t SrsSslClient::write(void* plaintext, size_t nn_plaintext, ssize_t* nwrite)