From a1adc1a75a21f698b338c5b4c268d90be58ee9a3 Mon Sep 17 00:00:00 2001 From: Jonas Kvinge Date: Sun, 19 Mar 2023 23:02:17 +0100 Subject: [PATCH] Add option for strict SSL mode in backend settings --- src/engine/enginebase.cpp | 3 +++ src/engine/enginebase.h | 1 + src/engine/gstengine.cpp | 1 + src/engine/gstenginepipeline.cpp | 9 +++++++-- src/engine/gstenginepipeline.h | 2 ++ src/settings/backendsettingspage.cpp | 2 ++ src/settings/backendsettingspage.ui | 9 ++++++++- 7 files changed, 24 insertions(+), 3 deletions(-) diff --git a/src/engine/enginebase.cpp b/src/engine/enginebase.cpp index dde583734..815394b4f 100644 --- a/src/engine/enginebase.cpp +++ b/src/engine/enginebase.cpp @@ -70,6 +70,7 @@ Engine::Base::Base(const EngineType type, QObject *parent) channels_(0), bs2b_enabled_(false), http2_enabled_(true), + strict_ssl_enabled_(false), about_to_end_emitted_(false) {} Engine::Base::~Base() = default; @@ -156,6 +157,8 @@ void Engine::Base::ReloadSettings() { qLog(Debug) << "SOUP_FORCE_HTTP1:" << (http2_enabled_ ? "OFF" : "ON"); } + strict_ssl_enabled_ = s.value("strict_ssl", false).toBool(); + s.endGroup(); s.beginGroup(NetworkProxySettingsPage::kSettingsGroup); diff --git a/src/engine/enginebase.h b/src/engine/enginebase.h index 0b47eeaaf..8c730b1ad 100644 --- a/src/engine/enginebase.h +++ b/src/engine/enginebase.h @@ -215,6 +215,7 @@ class Base : public QObject { // Options bool bs2b_enabled_; bool http2_enabled_; + bool strict_ssl_enabled_; private: bool about_to_end_emitted_; diff --git a/src/engine/gstengine.cpp b/src/engine/gstengine.cpp index c9cbb941b..c7ab84b48 100644 --- a/src/engine/gstengine.cpp +++ b/src/engine/gstengine.cpp @@ -802,6 +802,7 @@ std::shared_ptr GstEngine::CreatePipeline() { ret->set_proxy_settings(proxy_address_, proxy_authentication_, proxy_user_, proxy_pass_); ret->set_channels(channels_enabled_, channels_); ret->set_bs2b_enabled(bs2b_enabled_); + ret->set_strict_ssl_enabled(strict_ssl_enabled_); ret->set_fading_enabled(fadeout_enabled_ || autocrossfade_enabled_ || fadeout_pause_enabled_); ret->AddBufferConsumer(this); diff --git a/src/engine/gstenginepipeline.cpp b/src/engine/gstenginepipeline.cpp index 19386256a..9d9786f66 100644 --- a/src/engine/gstenginepipeline.cpp +++ b/src/engine/gstenginepipeline.cpp @@ -86,6 +86,7 @@ GstEnginePipeline::GstEnginePipeline(QObject *parent) channels_enabled_(false), channels_(0), bs2b_enabled_(false), + strict_ssl_enabled_(false), segment_start_(0), segment_start_received_(false), end_offset_nanosec_(-1), @@ -262,6 +263,10 @@ void GstEnginePipeline::set_bs2b_enabled(const bool enabled) { bs2b_enabled_ = enabled; } +void GstEnginePipeline::set_strict_ssl_enabled(const bool enabled) { + strict_ssl_enabled_ = enabled; +} + void GstEnginePipeline::set_fading_enabled(const bool enabled) { fading_enabled_ = enabled; } @@ -808,8 +813,8 @@ void GstEnginePipeline::SourceSetupCallback(GstElement *playbin, GstElement *sou } if (g_object_class_find_property(G_OBJECT_GET_CLASS(source), "ssl-strict")) { - qLog(Debug) << "Turning off strict ssl"; - g_object_set(source, "ssl-strict", FALSE, nullptr); + qLog(Debug) << "Turning" << (instance->strict_ssl_enabled_ ? "on" : "off") << "strict SSL"; + g_object_set(source, "ssl-strict", instance->strict_ssl_enabled_ ? TRUE : FALSE, nullptr); } if (!instance->proxy_address_.isEmpty() && g_object_class_find_property(G_OBJECT_GET_CLASS(source), "proxy")) { diff --git a/src/engine/gstenginepipeline.h b/src/engine/gstenginepipeline.h index ec5dd0fbf..ad1b9adaa 100644 --- a/src/engine/gstenginepipeline.h +++ b/src/engine/gstenginepipeline.h @@ -74,6 +74,7 @@ class GstEnginePipeline : public QObject { void set_proxy_settings(const QString &address, const bool authentication, const QString &user, const QString &pass); void set_channels(const bool enabled, const int channels); void set_bs2b_enabled(const bool enabled); + void set_strict_ssl_enabled(const bool enabled); void set_fading_enabled(const bool enabled); // Creates the pipeline, returns false on error @@ -229,6 +230,7 @@ class GstEnginePipeline : public QObject { // Options bool bs2b_enabled_; + bool strict_ssl_enabled_; // These get called when there is a new audio buffer available QList buffer_consumers_; diff --git a/src/settings/backendsettingspage.cpp b/src/settings/backendsettingspage.cpp index cbf8d73ad..dbc322360 100644 --- a/src/settings/backendsettingspage.cpp +++ b/src/settings/backendsettingspage.cpp @@ -161,6 +161,7 @@ void BackendSettingsPage::Load() { ui_->checkbox_bs2b->setChecked(s.value("bs2b", false).toBool()); ui_->checkbox_http2->setChecked(s.value("http2", false).toBool()); + ui_->checkbox_strict_ssl->setChecked(s.value("strict_ssl", false).toBool()); ui_->spinbox_bufferduration->setValue(s.value("bufferduration", kDefaultBufferDuration).toInt()); ui_->spinbox_low_watermark->setValue(s.value("bufferlowwatermark", kDefaultBufferLowWatermark).toDouble()); @@ -473,6 +474,7 @@ void BackendSettingsPage::Save() { s.setValue("bs2b", ui_->checkbox_bs2b->isChecked()); s.setValue("http2", ui_->checkbox_http2->isChecked()); + s.setValue("strict_ssl", ui_->checkbox_strict_ssl->isChecked()); s.setValue("bufferduration", ui_->spinbox_bufferduration->value()); s.setValue("bufferlowwatermark", ui_->spinbox_low_watermark->value()); diff --git a/src/settings/backendsettingspage.ui b/src/settings/backendsettingspage.ui index fec2b8c74..772dd74fd 100644 --- a/src/settings/backendsettingspage.ui +++ b/src/settings/backendsettingspage.ui @@ -7,7 +7,7 @@ 0 0 583 - 1080 + 1097 @@ -259,6 +259,13 @@ + + + + Use strict SSL mode + + +