deblan
/
nextcloud-spreed-signaling
mirror of https://github.com/strukturag/nextcloud-spreed-signaling
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Add option to allow subscribing of any streams (disabled by default).

pull/133/head
Joachim Bauch 4 months ago
parent
b398591447
commit
a663dd43f9
No known key found for this signature in database GPG Key ID: 77C1D22D53E15F02
2 changed files with 15 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 11
      hub.go
  2. 5
      server.conf.in

11
hub.go
View File

@ -135,6 +135,8 @@ type Hub struct {
mcuTimeout time.Duration
internalClientsSecret []byte
allowSubscribeAnyStream bool
expiredSessions map[Session]bool
expectHelloClients map[*Client]time.Time
anonymousClients map[*Client]time.Time
@ -197,6 +199,11 @@ func NewHub(config *goconf.ConfigFile, nats NatsClient, r *mux.Router, version s
}
mcuTimeout := time.Duration(mcuTimeoutSeconds) * time.Second
allowSubscribeAnyStream, _ := config.GetBool("app", "allowsubscribeany")
if allowSubscribeAnyStream {
log.Printf("WARNING: Allow subscribing any streams, this is insecure and should only be enabled for testing")
}
decodeCaches := make([]*LruCache, 0, numDecodeCaches)
for i := 0; i < numDecodeCaches; i++ {
decodeCaches = append(decodeCaches, NewLruCache(decodeCacheSize))
@ -313,6 +320,8 @@ func NewHub(config *goconf.ConfigFile, nats NatsClient, r *mux.Router, version s
mcuTimeout: mcuTimeout,
internalClientsSecret: []byte(internalClientsSecret),
allowSubscribeAnyStream: allowSubscribeAnyStream,
expiredSessions: make(map[Session]bool),
anonymousClients: make(map[*Client]time.Time),
expectHelloClients: make(map[*Client]time.Time),
@ -1705,7 +1714,7 @@ func (h *Hub) processMcuMessage(senderSession *ClientSession, session *ClientSes
// A user is only allowed to subscribe a stream if she is in the same room
// as the other user and both have their "inCall" flag set.
if !h.isInSameCall(senderSession, message.Recipient.SessionId) {
if !h.allowSubscribeAnyStream && !h.isInSameCall(senderSession, message.Recipient.SessionId) {
log.Printf("Session %s is not in the same call as session %s, not requesting offer", session.PublicId(), message.Recipient.SessionId)
sendNotAllowed(senderSession, client_message, "Not allowed to request offer.")
return

5
server.conf.in
View File

@ -29,6 +29,11 @@ key = /etc/nginx/ssl/server.key
# See "https://golang.org/pkg/net/http/pprof/" for further information.
debug = false
# Set to "true" to allow subscribing any streams. This is insecure and should
# only be enabled for testing. By default only streams of users in the same
# room and call can be subscribed.
#allowsubscribeany = false
[sessions]
# Secret value used to generate checksums of sessions. This should be a random
# string of 32 or 64 bytes.

Write Preview
Loading…
Cancel
Save