Also add options for specifying a certificate and key, which can
be used both when operating as client and as server.
Partially based on a patch by Peter Ross.
Signed-off-by: Martin Storsjö <martin@martin.st>
A file containing the trusted CA certificates needs to be
supplied via the ca_file AVOption, unless the TLS library
has got a system default file/database set up.
This doesn't check the hostname of the peer certificate with
openssl, which requires a non-trivial piece of code for
manually matching the desired hostname to the string provided
by the certificate, not provided as a library function.
That is, with openssl, this only validates that the received
certificate is signed with the right CA, but not that it is
the actual server we think we're talking to.
Verification is still disabled by default since we can't count
on a proper CA database existing at all times.
Signed-off-by: Martin Storsjö <martin@martin.st>
The fact that a different user agent is used is cruicial for getting
publishing authentication working. (When using librtmp, this other
user agent has to be specified manually, but that's not needed
with the libavformat internal RTMP support.)
Signed-off-by: Martin Storsjö <martin@martin.st>
Specifies how the server verifies client SWF files before allowing the
files to connect to an application. Verifying SWF files is a security
measure that prevents someone from creating their own SWF files that can
attempt to stream your resources.
Signed-off-by: Martin Storsjö <martin@martin.st>
This adds two protocols, but one of them is an internal implementation
detail just used as an abstraction layer/generalization in the code. The
RTMPE protocol implementation uses ffrtmpcrypt:// as an alternative to the
tcp:// protocol. This allows moving most of the lower level logic out
from the higher level generic rtmp code.
Signed-off-by: Martin Storsjö <martin@martin.st>
Add a new option 'rtmp_flush_interval' that allows specifying the
number of packets to write before sending it off as a HTTP request.
This is mostly relevant for RTMPT - for plain RTMP, it only controls
how often we check the socket for incoming packets, which shouldn't
affect the performance in any noticeable way.
Signed-off-by: Martin Storsjö <martin@martin.st>
This adds two protocols, but one of them is an internal implementation
detail just used as an abstraction layer/generalization in the code. The
RTMPT protocol implementation uses rtmphttp:// as an alternative to the
tcp:// protocol. This allows moving most of the lower level logic out
from the higher level generic rtmp code.
Signed-off-by: Martin Storsjö <martin@martin.st>
Allow using connection parameters in order to append arbitrary
AMF data like "B:1 S:authMe O:1 NN:code:1.23 NS:flag:ok O:0" to the
Connect message. You can pass these parameters through the -rtmp_conn
option.
Signed-off-by: Martin Storsjö <martin@martin.st>
Keep the old protocol name around for backwards compatibility
until the next bump.
Deprecate the method of implicitly assuming the nested protocol.
For applehttp://server/path, it might have felt logical, but
supporting hls://server/path isn't quite as intuitive. Therefore
only support hls+http://server/path from now on.
Using this protocol at all is discouraged, since the hls demuxer
is more complete and fits into the architecture better. There
have been cases where the protocol implementation worked better
than the demuxer, but this should no longer be the case.
Signed-off-by: Martin Storsjö <martin@martin.st>
Sometimes it makes sense to replace a raw URL with some informative text
that links to the URL instead of using the raw URL itself in the text.
Also transform some mailing list references into links.
If filtered, only packets from the right source address and port
are received.
To test, play back e.g. some mpeg4 video RTSP stream (where the
video stream is the first stream in the presentation) over UDP.
While receiving this stream, send another stream to the same port:
ffmpeg -re -i <whatever> -vcodec mpeg4 -an -f rtp
rtp://127.0.0.1:5000?localport=1234
Normally, the RTSP playback reports lots of errors at this point.
If the RTSP stream has the ?filter_src option enabled, these
interferring packets are ignored.
Originally committed as revision 26246 to svn://svn.ffmpeg.org/ffmpeg/trunk
If the remote address is updated later with this function, the caller
shouldn't set the connect option until in this call.
Originally committed as revision 26245 to svn://svn.ffmpeg.org/ffmpeg/trunk