external/srs
1
0
Fork 0
mirror of https://github.com/ossrs/srs.git synced 2025-03-09 15:49:59 +00:00
Code Issues Releases Wiki Activity

For #913, APP support complex error.

Browse source
This commit is contained in:
winlin 2018-01-01 21:20:57 +08:00
parent 6eae93258a
commit e2c1f58674
13 changed files with 423 additions and 536 deletions
Download patch file Download diff file Expand all files Collapse all files

17
trunk/src/app/srs_app_security.cpp
View file

@ -36,35 +36,36 @@ SrsSecurity::~SrsSecurity()
{
}
int SrsSecurity::check(SrsRtmpConnType type, string ip, SrsRequest* req)
srs_error_t SrsSecurity::check(SrsRtmpConnType type, string ip, SrsRequest* req)
{
int ret = ERROR_SUCCESS;
srs_error_t err = srs_success;
// allow all if security disabled.
if (!_srs_config->get_security_enabled(req->vhost)) {
return ret;
return err;
}
// default to deny all when security enabled.
ret = ERROR_SYSTEM_SECURITY;
err = srs_error_new(ERROR_SYSTEM_SECURITY, "allowed");
// rules to apply
SrsConfDirective* rules = _srs_config->get_security_rules(req->vhost);
if (!rules) {
return ret;
return err;
}
// allow if matches allow strategy.
if (allow_check(rules, type, ip) == ERROR_SYSTEM_SECURITY_ALLOW) {
ret = ERROR_SUCCESS;
srs_error_reset(err);
}
// deny if matches deny strategy.
if (deny_check(rules, type, ip) == ERROR_SYSTEM_SECURITY_DENY) {
ret = ERROR_SYSTEM_SECURITY_DENY;
srs_error_reset(err);
return srs_error_new(ERROR_SYSTEM_SECURITY_DENY, "denied");
}
return ret;
return err;
}
int SrsSecurity::allow_check(SrsConfDirective* rules, SrsRtmpConnType type, std::string ip)