external/srs
1
0
Fork 0
mirror of https://github.com/ossrs/srs.git synced 2025-03-09 15:49:59 +00:00
Code Issues Releases Wiki Activity

Security: Support IP whitelist for HTTP-FLV, HLS, WebRTC, and SRT. v5.0.202 v6.0.104 (#3902)

Browse source 
Security is the built-in IP whitelist feature of SRS, which allows and
denies certain IP and IP range users. Previously, it only supported
RTMP, but this PR now supports HTTP-FLV, HLS, WebRTC, SRT, and other
protocols.

See https://ossrs.io/lts/en-us/docs/v6/doc/security as example.

---------

Co-authored-by: john <hondaxiao@tencent.com>
This commit is contained in:
Haibo Chen 2023-12-14 21:36:06 +08:00 committed by GitHub
parent 1b34fc4d4e
commit 6d56c407c6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
12 changed files with 62 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

6
trunk/src/app/srs_app_http_stream.cpp
View file

@ -558,11 +558,13 @@ SrsLiveStream::SrsLiveStream(SrsLiveSource* s, SrsRequest* r, SrsBufferCache* c)
source = s;
cache = c;
req = r->copy()->as_http();
security_ = new SrsSecurity();
}
SrsLiveStream::~SrsLiveStream()
{
srs_freep(req);
srs_freep(security_);
}
srs_error_t SrsLiveStream::update_auth(SrsLiveSource* s, SrsRequest* r)
@ -600,6 +602,10 @@ srs_error_t SrsLiveStream::serve_http(ISrsHttpResponseWriter* w, ISrsHttpMessage
return srs_error_wrap(err, "stat on client");
}
if ((err = security_->check(SrsFlvPlay, req->ip, req)) != srs_success) {
return srs_error_wrap(err, "flv: security check");
}
// We must do hook after stat, because depends on it.
if ((err = http_hooks_on_play(r)) != srs_success) {
return srs_error_wrap(err, "http hook");