support special characters in usernames and passwords
This commit is contained in:
aler9
parent
42ba83245b
commit
c0d282ab42
|
|
@ -10,6 +10,10 @@ import (
|
|||
"github.com/aler9/gortsplib"
|
||||
)
|
||||
|
||||
var reUserPass = regexp.MustCompile("^[a-zA-Z0-9!\\$\\(\\)\\*\\+\\.;<=>\\[\\]\\^_\\-\\{\\}]+$")
|
||||
|
||||
const userPassSupportedChars = "A-Z,0-9,!,$,(,),*,+,.,;,<,=,>,[,],^,_,-,{,}"
|
||||
|
||||
type PathConf struct {
|
||||
Regexp *regexp.Regexp `yaml:"-" json:"-"`
|
||||
Source string `yaml:"source"`
|
||||
|
|
@ -130,14 +134,14 @@ func (pconf *PathConf) fillAndCheck(name string) error {
|
|||
}
|
||||
|
||||
if pconf.PublishUser != "" {
|
||||
if !regexp.MustCompile("^[a-zA-Z0-9]+$").MatchString(pconf.PublishUser) {
|
||||
return fmt.Errorf("publish username must be alphanumeric")
|
||||
if !reUserPass.MatchString(pconf.PublishUser) {
|
||||
return fmt.Errorf("publish username contains unsupported characters (supported are %s)", userPassSupportedChars)
|
||||
}
|
||||
}
|
||||
|
||||
if pconf.PublishPass != "" {
|
||||
if !regexp.MustCompile("^[a-zA-Z0-9]+$").MatchString(pconf.PublishPass) {
|
||||
return fmt.Errorf("publish password must be alphanumeric")
|
||||
if !reUserPass.MatchString(pconf.PublishPass) {
|
||||
return fmt.Errorf("publish password contains unsupported characters (supported are %s)", userPassSupportedChars)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -156,13 +160,13 @@ func (pconf *PathConf) fillAndCheck(name string) error {
|
|||
return fmt.Errorf("read username and password must be both filled")
|
||||
}
|
||||
if pconf.ReadUser != "" {
|
||||
if !regexp.MustCompile("^[a-zA-Z0-9]+$").MatchString(pconf.ReadUser) {
|
||||
return fmt.Errorf("read username must be alphanumeric")
|
||||
if !reUserPass.MatchString(pconf.ReadUser) {
|
||||
return fmt.Errorf("read username contains unsupported characters (supported are %s)", userPassSupportedChars)
|
||||
}
|
||||
}
|
||||
if pconf.ReadPass != "" {
|
||||
if !regexp.MustCompile("^[a-zA-Z0-9]+$").MatchString(pconf.ReadPass) {
|
||||
return fmt.Errorf("read password must be alphanumeric")
|
||||
if !reUserPass.MatchString(pconf.ReadPass) {
|
||||
return fmt.Errorf("read password contains unsupported characters (supported are %s)", userPassSupportedChars)
|
||||
}
|
||||
}
|
||||
if pconf.ReadUser != "" && pconf.ReadPass == "" || pconf.ReadUser == "" && pconf.ReadPass != "" {
|
||||
|
|
|
|||
13
main_test.go
13
main_test.go
|
|
@ -440,7 +440,7 @@ func TestAuth(t *testing.T) {
|
|||
p, err := testProgram("paths:\n" +
|
||||
" all:\n" +
|
||||
" publishUser: testuser\n" +
|
||||
" publishPass: testpass\n" +
|
||||
" publishPass: test!$()*+.;<=>[]^_-{}\n" +
|
||||
" publishIps: [172.17.0.0/16]\n")
|
||||
require.NoError(t, err)
|
||||
defer p.close()
|
||||
|
|
@ -454,7 +454,7 @@ func TestAuth(t *testing.T) {
|
|||
"-c", "copy",
|
||||
"-f", "rtsp",
|
||||
"-rtsp_transport", "udp",
|
||||
"rtsp://testuser:testpass@" + ownDockerIp + ":8554/teststream",
|
||||
"rtsp://testuser:test!$()*+.;<=>[]^_-{}@" + ownDockerIp + ":8554/teststream",
|
||||
})
|
||||
require.NoError(t, err)
|
||||
defer cnt1.close()
|
||||
|
|
@ -483,7 +483,7 @@ func TestAuth(t *testing.T) {
|
|||
p, err := testProgram("paths:\n" +
|
||||
" all:\n" +
|
||||
" readUser: testuser\n" +
|
||||
" readPass: testpass\n" +
|
||||
" readPass: test!$()*+.;<=>[]^_-{}\n" +
|
||||
" readIps: [172.17.0.0/16]\n")
|
||||
require.NoError(t, err)
|
||||
defer p.close()
|
||||
|
|
@ -507,7 +507,7 @@ func TestAuth(t *testing.T) {
|
|||
if soft == "ffmpeg" {
|
||||
cnt2, err := newContainer("ffmpeg", "dest", []string{
|
||||
"-rtsp_transport", "udp",
|
||||
"-i", "rtsp://testuser:testpass@" + ownDockerIp + ":8554/teststream",
|
||||
"-i", "rtsp://testuser:test!$()*+.;<=>[]^_-{}@" + ownDockerIp + ":8554/teststream",
|
||||
"-vframes", "1",
|
||||
"-f", "image2",
|
||||
"-y", "/dev/null",
|
||||
|
|
@ -519,8 +519,9 @@ func TestAuth(t *testing.T) {
|
|||
require.Equal(t, 0, code)
|
||||
|
||||
} else {
|
||||
cnt2, err := newContainer("vlc", "dest",
|
||||
[]string{"rtsp://testuser:testpass@" + ownDockerIp + ":8554/teststream"})
|
||||
cnt2, err := newContainer("vlc", "dest", []string{
|
||||
"rtsp://testuser:test!$()*+.;<=>[]^_-{}@" + ownDockerIp + ":8554/teststream",
|
||||
})
|
||||
require.NoError(t, err)
|
||||
defer cnt2.close()
|
||||
|
||||
|
|
|
|||
|
|
@ -8,4 +8,8 @@ RUN adduser -D -H -s /bin/sh -u 9337 user
|
|||
COPY start.sh /
|
||||
RUN chmod +x /start.sh
|
||||
|
||||
RUN mkdir /out \
|
||||
&& chown user:user /out
|
||||
|
||||
USER user
|
||||
ENTRYPOINT [ "/start.sh" ]
|
||||
|
|
|
|||
|
|
@ -1,10 +1,6 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
mkdir /out
|
||||
chown user:user /out
|
||||
|
||||
CMD="cvlc --play-and-exit --no-audio --no-video --sout file/ts:/out/stream.ts -vvv $@"
|
||||
su - user -c "$CMD" 2>&1 &
|
||||
cvlc --play-and-exit --no-audio --no-video --sout file/ts:/out/stream.ts -vvv $@ 2>&1 &
|
||||
|
||||
COUNTER=0
|
||||
while true; do
|
||||
|
|
|
|||
Loading…
Reference in New Issue