[Bug 793441] rtsp-stream: client transport is not updated for multicast clients

GStreamer (GNOME Bugzilla) bugzilla at gnome.org
Tue Jun 26 09:27:38 UTC 2018 

https://bugzilla.gnome.org/show_bug.cgi?id=793441

Sebastian Dröge (slomo) <slomo at coaxion.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #369332|none                        |needs-work
             status|                            |

--- Comment #46 from Sebastian Dröge (slomo) <slomo at coaxion.net> ---
Comment on attachment 369332
  --> https://bugzilla.gnome.org/attachment.cgi?id=369332
Removed test_client_multicast_invalid_transport_specific

It seems like here something is also missing, let's see the spec:

   destination:
          The address to which a stream will be sent. The client may
          specify the multicast address with the destination parameter.
          To avoid becoming the unwitting perpetrator of a remote-
          controlled denial-of-service attack, a server SHOULD
          authenticate the client and SHOULD log such attempts before
          allowing the client to direct a media stream to an address not
          chosen by the server. This is particularly important if RTSP
          commands are issued via UDP, but implementations cannot rely
          on TCP as reliable means of client identification by itself. A
          server SHOULD not allow a client to direct media streams to an
          address that differs from the address commands are coming
          from.

And even more strict with RTSP 2.0:

         perpetrator of a remote-controlled DoS attack, a server MUST
         perform security checks (see Section 21.2.1) and SHOULD log


So we should not just blindly use addresses provided by the client if they
differ from the client's own IP, but need to do some sanity checks. Section
21.2.1 of RTSP 2.0 has some useful guidance for that.

I think the old behaviour of checking the address pool was a poor-man's
solution for that. Only the destinations that are in the pool were allowed to
be selected by the client, not arbitrary ones.

Maybe we need some new API in the server to allow/disallow specific
destinations. A new signal/vfunc. But just allowing everything unconditionally
seems potentially dangerous and wrong for RTSP 2.0 at least.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.

More information about the gstreamer-bugs mailing list