mirror of
https://github.com/datarhei/core.git
synced 2025-10-06 08:27:08 +08:00
422 lines
8.6 KiB
Go
422 lines
8.6 KiB
Go
package srt
|
|
|
|
import (
|
|
"container/ring"
|
|
"context"
|
|
"fmt"
|
|
"net"
|
|
"strings"
|
|
"sync"
|
|
"time"
|
|
|
|
"github.com/datarhei/core/v16/iam"
|
|
"github.com/datarhei/core/v16/log"
|
|
"github.com/datarhei/core/v16/session"
|
|
"github.com/datarhei/core/v16/srt/url"
|
|
srt "github.com/datarhei/gosrt"
|
|
)
|
|
|
|
// ErrServerClosed is returned by ListenAndServe if the server
|
|
// has been closed regularly with the Close() function.
|
|
var ErrServerClosed = srt.ErrServerClosed
|
|
|
|
// Config for a new SRT server
|
|
type Config struct {
|
|
// The address the SRT server should listen on, e.g. ":1935"
|
|
Addr string
|
|
|
|
// A token that needs to be added to the URL as query string
|
|
// in order push or pull a stream. The key for the query
|
|
// parameter is "token". Optional. By default no token is
|
|
// required.
|
|
Token string
|
|
|
|
Passphrase string
|
|
|
|
// Logger. Optional.
|
|
Logger log.Logger
|
|
|
|
Collector session.Collector
|
|
|
|
SRTLogTopics []string
|
|
|
|
IAM iam.IAM
|
|
}
|
|
|
|
// Server represents a SRT server
|
|
type Server interface {
|
|
// ListenAndServe starts the SRT server
|
|
ListenAndServe() error
|
|
|
|
// Close stops the RTMP server and closes all connections
|
|
Close()
|
|
|
|
// Channels return a list of currently publishing streams
|
|
Channels() Channels
|
|
}
|
|
|
|
// server implements the Server interface
|
|
type server struct {
|
|
addr string
|
|
token string
|
|
passphrase string
|
|
|
|
collector session.Collector
|
|
|
|
server srt.Server
|
|
|
|
// Map of publishing channels and a lock to serialize
|
|
// access to the map.
|
|
channels map[string]*channel
|
|
lock sync.RWMutex
|
|
|
|
logger log.Logger
|
|
|
|
srtlogger srt.Logger
|
|
srtloggerCancel context.CancelFunc
|
|
srtlog map[string]*ring.Ring
|
|
srtlogLock sync.RWMutex
|
|
|
|
iam iam.IAM
|
|
}
|
|
|
|
func New(config Config) (Server, error) {
|
|
s := &server{
|
|
addr: config.Addr,
|
|
token: config.Token,
|
|
passphrase: config.Passphrase,
|
|
collector: config.Collector,
|
|
iam: config.IAM,
|
|
logger: config.Logger,
|
|
}
|
|
|
|
if s.collector == nil {
|
|
s.collector = session.NewNullCollector()
|
|
}
|
|
|
|
if s.logger == nil {
|
|
s.logger = log.New("")
|
|
}
|
|
|
|
s.srtlogger = srt.NewLogger(config.SRTLogTopics)
|
|
|
|
s.srtlogLock.Lock()
|
|
s.srtlog = make(map[string]*ring.Ring)
|
|
s.srtlogLock.Unlock()
|
|
|
|
s.channels = make(map[string]*channel)
|
|
|
|
srtconfig := srt.DefaultConfig()
|
|
|
|
srtconfig.Passphrase = config.Passphrase
|
|
srtconfig.Logger = s.srtlogger
|
|
|
|
s.server.Addr = config.Addr
|
|
s.server.Config = &srtconfig
|
|
s.server.HandleConnect = s.handleConnect
|
|
s.server.HandlePublish = s.handlePublish
|
|
s.server.HandleSubscribe = s.handleSubscribe
|
|
|
|
return s, nil
|
|
}
|
|
|
|
func (s *server) ListenAndServe() error {
|
|
var ctx context.Context
|
|
ctx, s.srtloggerCancel = context.WithCancel(context.Background())
|
|
|
|
go s.srtlogListener(ctx)
|
|
|
|
return s.server.ListenAndServe()
|
|
}
|
|
|
|
func (s *server) Close() {
|
|
s.server.Shutdown()
|
|
|
|
s.srtloggerCancel()
|
|
}
|
|
|
|
type Log struct {
|
|
Timestamp time.Time
|
|
Message []string
|
|
}
|
|
|
|
type Connection struct {
|
|
Log map[string][]Log
|
|
Stats srt.Statistics
|
|
}
|
|
|
|
type Channels struct {
|
|
Publisher map[string]uint32
|
|
Subscriber map[string][]uint32
|
|
Connections map[uint32]Connection
|
|
Log map[string][]Log
|
|
}
|
|
|
|
func (s *server) Channels() Channels {
|
|
st := Channels{
|
|
Publisher: map[string]uint32{},
|
|
Subscriber: map[string][]uint32{},
|
|
Connections: map[uint32]Connection{},
|
|
Log: map[string][]Log{},
|
|
}
|
|
|
|
s.lock.RLock()
|
|
for id, ch := range s.channels {
|
|
socketId := ch.publisher.conn.SocketId()
|
|
st.Publisher[id] = socketId
|
|
|
|
stats := &srt.Statistics{}
|
|
ch.publisher.conn.Stats(stats)
|
|
|
|
st.Connections[socketId] = Connection{
|
|
Stats: *stats,
|
|
Log: map[string][]Log{},
|
|
}
|
|
|
|
for _, c := range ch.subscriber {
|
|
socketId := c.conn.SocketId()
|
|
st.Subscriber[id] = append(st.Subscriber[id], socketId)
|
|
|
|
stats := &srt.Statistics{}
|
|
c.conn.Stats(stats)
|
|
|
|
st.Connections[socketId] = Connection{
|
|
Stats: *stats,
|
|
Log: map[string][]Log{},
|
|
}
|
|
}
|
|
}
|
|
s.lock.RUnlock()
|
|
|
|
s.srtlogLock.RLock()
|
|
for topic, buf := range s.srtlog {
|
|
|
|
buf.Do(func(l interface{}) {
|
|
if l == nil {
|
|
return
|
|
}
|
|
|
|
ll := l.(srt.Log)
|
|
|
|
log := Log{
|
|
Timestamp: ll.Time,
|
|
Message: strings.Split(ll.Message, "\n"),
|
|
}
|
|
|
|
if ll.SocketId != 0 {
|
|
if _, ok := st.Connections[ll.SocketId]; ok {
|
|
st.Connections[ll.SocketId].Log[topic] = append(st.Connections[ll.SocketId].Log[topic], log)
|
|
}
|
|
} else {
|
|
st.Log[topic] = append(st.Log[topic], log)
|
|
}
|
|
})
|
|
}
|
|
s.srtlogLock.RUnlock()
|
|
|
|
return st
|
|
}
|
|
|
|
func (s *server) srtlogListener(ctx context.Context) {
|
|
for {
|
|
select {
|
|
case <-ctx.Done():
|
|
return
|
|
case l := <-s.srtlogger.Listen():
|
|
s.srtlogLock.Lock()
|
|
if buf := s.srtlog[l.Topic]; buf == nil {
|
|
s.srtlog[l.Topic] = ring.New(100)
|
|
}
|
|
s.srtlog[l.Topic].Value = l
|
|
s.srtlog[l.Topic] = s.srtlog[l.Topic].Next()
|
|
s.srtlogLock.Unlock()
|
|
}
|
|
}
|
|
}
|
|
|
|
func (s *server) log(handler, action, resource, message string, client net.Addr) {
|
|
s.logger.Info().WithFields(log.Fields{
|
|
"handler": handler,
|
|
"status": action,
|
|
"resource": resource,
|
|
"client": client.String(),
|
|
}).Log(message)
|
|
}
|
|
|
|
func (s *server) handleConnect(req srt.ConnRequest) srt.ConnType {
|
|
mode := srt.REJECT
|
|
client := req.RemoteAddr()
|
|
streamId := req.StreamId()
|
|
|
|
si, err := url.ParseStreamId(streamId)
|
|
if err != nil {
|
|
s.log("CONNECT", "INVALID", "", err.Error(), client)
|
|
return srt.REJECT
|
|
}
|
|
|
|
if len(si.Resource) == 0 {
|
|
s.log("CONNECT", "INVALID", "", "stream resource not provided", client)
|
|
return srt.REJECT
|
|
}
|
|
|
|
if si.Mode == "publish" {
|
|
mode = srt.PUBLISH
|
|
} else if si.Mode == "request" {
|
|
mode = srt.SUBSCRIBE
|
|
} else {
|
|
s.log("CONNECT", "INVALID", si.Resource, "invalid connection mode", client)
|
|
return srt.REJECT
|
|
}
|
|
|
|
if len(s.passphrase) != 0 {
|
|
if !req.IsEncrypted() {
|
|
s.log("CONNECT", "FORBIDDEN", si.Resource, "connection has to be encrypted", client)
|
|
return srt.REJECT
|
|
}
|
|
|
|
if err := req.SetPassphrase(s.passphrase); err != nil {
|
|
s.log("CONNECT", "FORBIDDEN", si.Resource, err.Error(), client)
|
|
return srt.REJECT
|
|
}
|
|
} else {
|
|
if req.IsEncrypted() {
|
|
s.log("CONNECT", "INVALID", si.Resource, "connection must not be encrypted", client)
|
|
return srt.REJECT
|
|
}
|
|
}
|
|
|
|
identity, err := s.findIdentityFromToken(si.Token)
|
|
if err != nil {
|
|
s.logger.Debug().WithError(err).Log("invalid token")
|
|
s.log("PUBLISH", "FORBIDDEN", si.Resource, "invalid token", client)
|
|
return srt.REJECT
|
|
}
|
|
|
|
domain := s.findDomainFromPlaypath(si.Resource)
|
|
resource := "srt:" + si.Resource
|
|
action := "PLAY"
|
|
if mode == srt.PUBLISH {
|
|
action = "PUBLISH"
|
|
}
|
|
|
|
if !s.iam.Enforce(identity, domain, resource, action) {
|
|
s.log("PUBLISH", "FORBIDDEN", si.Resource, "access denied", client)
|
|
return srt.REJECT
|
|
}
|
|
|
|
return mode
|
|
}
|
|
|
|
func (s *server) handlePublish(conn srt.Conn) {
|
|
streamId := conn.StreamId()
|
|
client := conn.RemoteAddr()
|
|
|
|
si, _ := url.ParseStreamId(streamId)
|
|
|
|
// Look for the stream
|
|
s.lock.Lock()
|
|
ch := s.channels[si.Resource]
|
|
if ch == nil {
|
|
ch = newChannel(conn, si.Resource, false, s.collector)
|
|
s.channels[si.Resource] = ch
|
|
} else {
|
|
ch = nil
|
|
}
|
|
s.lock.Unlock()
|
|
|
|
if ch == nil {
|
|
s.log("PUBLISH", "CONFLICT", si.Resource, "already publishing", client)
|
|
conn.Close()
|
|
return
|
|
}
|
|
|
|
s.log("PUBLISH", "START", si.Resource, "", client)
|
|
|
|
ch.pubsub.Publish(conn)
|
|
|
|
s.lock.Lock()
|
|
delete(s.channels, si.Resource)
|
|
s.lock.Unlock()
|
|
|
|
ch.Close()
|
|
|
|
s.log("PUBLISH", "STOP", si.Resource, "", client)
|
|
|
|
conn.Close()
|
|
}
|
|
|
|
func (s *server) handleSubscribe(conn srt.Conn) {
|
|
streamId := conn.StreamId()
|
|
client := conn.RemoteAddr()
|
|
|
|
si, _ := url.ParseStreamId(streamId)
|
|
|
|
// Look for the stream
|
|
s.lock.RLock()
|
|
ch := s.channels[si.Resource]
|
|
s.lock.RUnlock()
|
|
|
|
if ch == nil {
|
|
s.log("SUBSCRIBE", "NOTFOUND", si.Resource, "no publisher for this resource found", client)
|
|
conn.Close()
|
|
return
|
|
}
|
|
|
|
s.log("SUBSCRIBE", "START", si.Resource, "", client)
|
|
|
|
id := ch.AddSubscriber(conn, si.Resource)
|
|
|
|
ch.pubsub.Subscribe(conn)
|
|
|
|
s.log("SUBSCRIBE", "STOP", si.Resource, "", client)
|
|
|
|
ch.RemoveSubscriber(id)
|
|
|
|
conn.Close()
|
|
}
|
|
|
|
func (s *server) findIdentityFromToken(key string) (string, error) {
|
|
if len(key) == 0 {
|
|
return "$anon", nil
|
|
}
|
|
|
|
var identity iam.IdentityVerifier
|
|
var err error
|
|
|
|
var token string
|
|
|
|
elements := strings.Split(key, ":")
|
|
if len(elements) == 1 {
|
|
identity, err = s.iam.GetDefaultVerifier()
|
|
token = elements[0]
|
|
} else {
|
|
identity, err = s.iam.GetVerifier(elements[0])
|
|
token = elements[1]
|
|
}
|
|
|
|
if err != nil {
|
|
return "$anon", nil
|
|
}
|
|
|
|
if ok, err := identity.VerifyServiceToken(token); !ok {
|
|
return "$anon", fmt.Errorf("invalid token: %w", err)
|
|
}
|
|
|
|
return identity.Name(), nil
|
|
}
|
|
|
|
func (s *server) findDomainFromPlaypath(path string) string {
|
|
elements := strings.Split(path, "/")
|
|
if len(elements) == 1 {
|
|
return "$none"
|
|
}
|
|
|
|
domain := elements[0]
|
|
|
|
if s.iam.HasDomain(domain) {
|
|
return domain
|
|
}
|
|
|
|
return "$none"
|
|
}
|