update gohlslib (#1684)

2025-11-03 01:43:48 +08:00 · 2023-04-11 22:01:41 +02:00
parent 9571afd715
commit f3a728b918
7 changed files with 206 additions and 103 deletions
--- a/internal/core/hls_source.go
+++ b/internal/core/hls_source.go
@@ -2,6 +2,12 @@ package core

 import (
 	"context"
+	"crypto/sha256"
+	"crypto/tls"
+	"encoding/hex"
+	"fmt"
+	"net/http"
+	"strings"
 	"time"

 	"github.com/bluenviron/gohlslib"
@@ -46,9 +52,33 @@ func (s *hlsSource) run(ctx context.Context, cnf *conf.PathConf, reloadConf chan
 		}
 	}()

+	var tlsConfig *tls.Config
+	if cnf.SourceFingerprint != "" {
+		tlsConfig = &tls.Config{
+			InsecureSkipVerify: true,
+			VerifyConnection: func(cs tls.ConnectionState) error {
+				h := sha256.New()
+				h.Write(cs.PeerCertificates[0].Raw)
+				hstr := hex.EncodeToString(h.Sum(nil))
+				fingerprintLower := strings.ToLower(cnf.SourceFingerprint)
+
+				if hstr != fingerprintLower {
+					return fmt.Errorf("server fingerprint do not match: expected %s, got %s",
+						fingerprintLower, hstr)
+				}
+
+				return nil
+			},
+		}
+	}
+
 	c := &gohlslib.Client{
-		URI:         cnf.Source,
-		Fingerprint: cnf.SourceFingerprint,
+		URI: cnf.Source,
+		HTTPClient: &http.Client{
+			Transport: &http.Transport{
+				TLSClientConfig: tlsConfig,
+			},
+		},
 		Log: func(level gohlslib.LogLevel, format string, args ...interface{}) {
 			s.Log(logger.Level(level), format, args...)
 		},