Re: [FFmpeg-devel] [PATCH V3 2/2] lavf/libsrt: enable other encryption parameters
On Wed, Dec 04, 2019 at 10:46:44AM +0100, Moritz Barsnick wrote: > On Wed, Dec 04, 2019 at 10:20:00 +0800, myp...@gmail.com wrote: > > > > +{ "enforced_encryption", "Enforces that both connection > > > > parties have the same passphrase set ", OFFSET(enforced_encryption), > > > > AV_OPT_TYPE_INT, { .i64 = -1 }, -1, 1, .flags = D|E }, > > > > > > is this intended to be INT and not AV_OPT_TYPE_BOOL ? > > > > Now -1 means auto (default value depend on libsrt library itself) , > > this is the reason don't use the AV_OPT_TYPE_BOOL same as other srt > > option in FFmpeg. > > AV_OPT_TYPE_BOOL accepts -1 as a default. Yes, I recall I have sumit a patch to change several flag to BOOL and haven't anybody review yet. I have tested -1 is accetable as default, please confirm it and review my old pending patch also. https://patchwork.ffmpeg.org/patch/15183/ > > Moritz > ___ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe". ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH V3 2/2] lavf/libsrt: enable other encryption parameters
On Wed, Dec 4, 2019 at 5:46 PM Moritz Barsnick wrote: > > On Wed, Dec 04, 2019 at 10:20:00 +0800, myp...@gmail.com wrote: > > > > +{ "enforced_encryption", "Enforces that both connection > > > > parties have the same passphrase set ", OFFSET(enforced_encryption), > > > > AV_OPT_TYPE_INT, { .i64 = -1 }, -1, 1, .flags = D|E }, > > > > > > is this intended to be INT and not AV_OPT_TYPE_BOOL ? > > > > Now -1 means auto (default value depend on libsrt library itself) , > > this is the reason don't use the AV_OPT_TYPE_BOOL same as other srt > > option in FFmpeg. > > AV_OPT_TYPE_BOOL accepts -1 as a default. > Will follow the comments, thx ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH V3 2/2] lavf/libsrt: enable other encryption parameters
On Wed, Dec 04, 2019 at 10:20:00 +0800, myp...@gmail.com wrote: > > > +{ "enforced_encryption", "Enforces that both connection parties > > > have the same passphrase set ", OFFSET(enforced_encryption), > > > AV_OPT_TYPE_INT, { .i64 = -1 }, -1, 1, .flags = D|E }, > > > > is this intended to be INT and not AV_OPT_TYPE_BOOL ? > > Now -1 means auto (default value depend on libsrt library itself) , > this is the reason don't use the AV_OPT_TYPE_BOOL same as other srt > option in FFmpeg. AV_OPT_TYPE_BOOL accepts -1 as a default. Moritz ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH V3 2/2] lavf/libsrt: enable other encryption parameters
On Tue, Dec 3, 2019 at 11:01 PM Michael Niedermayer wrote: > > On Tue, Dec 03, 2019 at 06:57:27PM +0800, Jun Zhao wrote: > > From: Jun Zhao > > > > Enable the SRTO_ENFORCEDENCRYPTION/SRTO_KMREFRESHRATE/ > > SRTO_KMPREANNOUNCE for srt encryption control. > > > > Signed-off-by: Jun Zhao > > --- > > doc/protocols.texi | 16 > > libavformat/libsrt.c | 18 ++ > > 2 files changed, 34 insertions(+), 0 deletions(-) > > > > diff --git a/doc/protocols.texi b/doc/protocols.texi > > index eab6242..04f6e8b 100644 > > --- a/doc/protocols.texi > > +++ b/doc/protocols.texi > > @@ -1282,6 +1282,22 @@ only if @option{pbkeylen} is non-zero. It is used on > > the receiver only if the received data is encrypted. > > The configured passphrase cannot be recovered (write-only). > > > > +@item enforced_encryption=@var{1|0} > > +If true, both connection parties must have the same password > > +set (including empty, that is, with no encryption). If the > > +password doesn't match or only one side is unencrypted, > > +the connection is rejected. Default is true. > > + > > +@item kmrefreshrate=@var{n} > > +The number of packets to be transmitted after which the > > +encryption key is switched to a new key. > > + > > +@item kmpreannounce=@var{n} > > +The interval between when a new encryption key is sent and > > +when switchover occurs. This value also applies to the > > +subsequent interval between when switchover occurs and > > +when the old encryption key is decommissioned. > > + > > @item payload_size=@var{bytes} > > Sets the maximum declared size of a packet transferred > > during the single call to the sending function in Live > > diff --git a/libavformat/libsrt.c b/libavformat/libsrt.c > > index 0a748a1..06f2c02 100644 > > --- a/libavformat/libsrt.c > > +++ b/libavformat/libsrt.c > > @@ -62,6 +62,9 @@ typedef struct SRTContext { > > int64_t maxbw; > > int pbkeylen; > > char *passphrase; > > +int enforced_encryption; > > +int kmrefreshrate; > > +int kmpreannounce; > > int mss; > > int ffs; > > int ipttl; > > > @@ -102,6 +105,9 @@ static const AVOption libsrt_options[] = { > > { "maxbw", "Maximum bandwidth (bytes per second) that the > > connection can use", OFFSET(maxbw),AV_OPT_TYPE_INT64,{ > > .i64 = -1 }, -1, INT64_MAX, .flags = D|E }, > > { "pbkeylen", "Crypto key len in bytes {16,24,32} Default: 16 > > (128-bit)", OFFSET(pbkeylen), AV_OPT_TYPE_INT, { > > .i64 = -1 }, -1, 32,.flags = D|E }, > > { "passphrase", "Crypto PBKDF2 Passphrase size[0,10..64] 0:disable > > crypto", OFFSET(passphrase), AV_OPT_TYPE_STRING, { .str > > = NULL }, .flags = D|E }, > > > +{ "enforced_encryption", "Enforces that both connection parties > > have the same passphrase set ", OFFSET(enforced_encryption), > > AV_OPT_TYPE_INT, { .i64 = -1 }, -1, 1, .flags = D|E }, > > is this intended to be INT and not AV_OPT_TYPE_BOOL ? Now -1 means auto (default value depend on libsrt library itself) , this is the reason don't use the AV_OPT_TYPE_BOOL same as other srt option in FFmpeg. > > > > > +{ "kmrefreshrate", "The number of packets to be transmitted > > after which the encryption key is switched to a new key", > > OFFSET(kmrefreshrate), AV_OPT_TYPE_INT, { .i64 = -1 }, -1, > > INT_MAX, .flags = D|E }, > > +{ "kmpreannounce", "The interval between when a new encryption > > key is sent and when switchover occurs", OFFSET(kmpreannounce), > > AV_OPT_TYPE_INT, { .i64 = -1 }, -1, INT_MAX, .flags = D|E }, > > { "mss","The Maximum Segment Size", > > OFFSET(mss), AV_OPT_TYPE_INT, { .i64 > > = -1 }, -1, 1500, .flags = D|E }, > > { "ffs","Flight flag size (window size) (in bytes)", > > OFFSET(ffs), AV_OPT_TYPE_INT, { .i64 > > = -1 }, -1, INT_MAX, .flags = D|E }, > > { "ipttl", "IP Time To Live", > > OFFSET(ipttl),AV_OPT_TYPE_INT, { .i64 > > = -1 }, -1, 255, .flags = D|E }, > > The added options are alot more randomly formated than the surrounding ones Will change the format like others > > > otherwise the patch should be good > > thx ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH V3 2/2] lavf/libsrt: enable other encryption parameters
On Tue, Dec 03, 2019 at 06:57:27PM +0800, Jun Zhao wrote: > From: Jun Zhao > > Enable the SRTO_ENFORCEDENCRYPTION/SRTO_KMREFRESHRATE/ > SRTO_KMPREANNOUNCE for srt encryption control. > > Signed-off-by: Jun Zhao > --- > doc/protocols.texi | 16 > libavformat/libsrt.c | 18 ++ > 2 files changed, 34 insertions(+), 0 deletions(-) > > diff --git a/doc/protocols.texi b/doc/protocols.texi > index eab6242..04f6e8b 100644 > --- a/doc/protocols.texi > +++ b/doc/protocols.texi > @@ -1282,6 +1282,22 @@ only if @option{pbkeylen} is non-zero. It is used on > the receiver only if the received data is encrypted. > The configured passphrase cannot be recovered (write-only). > > +@item enforced_encryption=@var{1|0} > +If true, both connection parties must have the same password > +set (including empty, that is, with no encryption). If the > +password doesn't match or only one side is unencrypted, > +the connection is rejected. Default is true. > + > +@item kmrefreshrate=@var{n} > +The number of packets to be transmitted after which the > +encryption key is switched to a new key. > + > +@item kmpreannounce=@var{n} > +The interval between when a new encryption key is sent and > +when switchover occurs. This value also applies to the > +subsequent interval between when switchover occurs and > +when the old encryption key is decommissioned. > + > @item payload_size=@var{bytes} > Sets the maximum declared size of a packet transferred > during the single call to the sending function in Live > diff --git a/libavformat/libsrt.c b/libavformat/libsrt.c > index 0a748a1..06f2c02 100644 > --- a/libavformat/libsrt.c > +++ b/libavformat/libsrt.c > @@ -62,6 +62,9 @@ typedef struct SRTContext { > int64_t maxbw; > int pbkeylen; > char *passphrase; > +int enforced_encryption; > +int kmrefreshrate; > +int kmpreannounce; > int mss; > int ffs; > int ipttl; > @@ -102,6 +105,9 @@ static const AVOption libsrt_options[] = { > { "maxbw", "Maximum bandwidth (bytes per second) that the > connection can use", OFFSET(maxbw),AV_OPT_TYPE_INT64,{ > .i64 = -1 }, -1, INT64_MAX, .flags = D|E }, > { "pbkeylen", "Crypto key len in bytes {16,24,32} Default: 16 > (128-bit)", OFFSET(pbkeylen), AV_OPT_TYPE_INT, { > .i64 = -1 }, -1, 32,.flags = D|E }, > { "passphrase", "Crypto PBKDF2 Passphrase size[0,10..64] 0:disable > crypto", OFFSET(passphrase), AV_OPT_TYPE_STRING, { .str = > NULL }, .flags = D|E }, > +{ "enforced_encryption", "Enforces that both connection parties > have the same passphrase set ", OFFSET(enforced_encryption), > AV_OPT_TYPE_INT, { .i64 = -1 }, -1, 1, .flags = D|E }, is this intended to be INT and not AV_OPT_TYPE_BOOL ? > +{ "kmrefreshrate", "The number of packets to be transmitted > after which the encryption key is switched to a new key", > OFFSET(kmrefreshrate), AV_OPT_TYPE_INT, { .i64 = -1 }, -1, > INT_MAX, .flags = D|E }, > +{ "kmpreannounce", "The interval between when a new encryption > key is sent and when switchover occurs", OFFSET(kmpreannounce), > AV_OPT_TYPE_INT, { .i64 = -1 }, -1, INT_MAX, .flags = D|E }, > { "mss","The Maximum Segment Size", >OFFSET(mss), AV_OPT_TYPE_INT, { .i64 = > -1 }, -1, 1500, .flags = D|E }, > { "ffs","Flight flag size (window size) (in bytes)", >OFFSET(ffs), AV_OPT_TYPE_INT, { .i64 = > -1 }, -1, INT_MAX, .flags = D|E }, > { "ipttl", "IP Time To Live", >OFFSET(ipttl),AV_OPT_TYPE_INT, { .i64 = > -1 }, -1, 255, .flags = D|E }, The added options are alot more randomly formated than the surrounding ones otherwise the patch should be good thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB When you are offended at any man's fault, turn to yourself and study your own failings. Then you will forget your anger. -- Epictetus signature.asc Description: PGP signature ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".