You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openmeetings.apache.org by se...@apache.org on 2021/03/24 19:54:15 UTC
[openmeetings] 01/01: OPENMEETINGS-2601 Able to configure which
certificate type to use for WebRtcEndpoint.
This is an automated email from the ASF dual-hosted git repository.
sebawagner pushed a commit to branch feature/OPENMEETINGS-2601-configure-certificate-type-for-webrtcendpoint
in repository https://gitbox.apache.org/repos/asf/openmeetings.git
commit b2fca8e65031dc10d14c31a76dda2249ad168a5d
Author: Sebastian Wagner <se...@gmail.com>
AuthorDate: Thu Mar 25 08:53:50 2021 +1300
OPENMEETINGS-2601 Able to configure which certificate type to use for WebRtcEndpoint.
---
.../org/apache/openmeetings/core/remote/AbstractStream.java | 10 +++++++++-
.../main/java/org/apache/openmeetings/core/remote/KStream.java | 2 +-
.../java/org/apache/openmeetings/core/remote/KTestStream.java | 4 ++--
.../org/apache/openmeetings/core/remote/KurentoHandler.java | 6 ++++++
.../org/apache/openmeetings/core/remote/BaseMockedTest.java | 2 +-
.../src/main/webapp/WEB-INF/classes/openmeetings.properties | 3 +++
6 files changed, 22 insertions(+), 5 deletions(-)
diff --git a/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/AbstractStream.java b/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/AbstractStream.java
index 64ac599..e741346 100644
--- a/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/AbstractStream.java
+++ b/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/AbstractStream.java
@@ -18,6 +18,7 @@
*/
package org.apache.openmeetings.core.remote;
+import org.kurento.client.CertificateKeyType;
import org.kurento.client.MediaPipeline;
import org.kurento.client.MediaProfileSpecType;
import org.kurento.client.PlayerEndpoint;
@@ -48,8 +49,15 @@ public abstract class AbstractStream {
public abstract void release(boolean remove);
- public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv) {
+ public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv,
+ String certificateType) {
WebRtcEndpoint.Builder builder = new WebRtcEndpoint.Builder(pipeline);
+ // See https://doc-kurento.readthedocs.io/en/latest/features/security.html#media-plane-security-dtls
+ if (CertificateKeyType.RSA.name().equals(certificateType)) {
+ builder.withCertificateKeyType(CertificateKeyType.RSA);
+ } else if (CertificateKeyType.ECDSA.name().equals(certificateType)) {
+ builder.withCertificateKeyType(CertificateKeyType.ECDSA);
+ }
if (recv != null) {
if (recv) {
builder.recvonly();
diff --git a/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/KStream.java b/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/KStream.java
index f461c6d..d639bb5 100644
--- a/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/KStream.java
+++ b/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/KStream.java
@@ -319,7 +319,7 @@ public class KStream extends AbstractStream implements ISipCallbacks {
}
private WebRtcEndpoint createEndpoint(String sid, String uid, boolean recv) {
- WebRtcEndpoint endpoint = createWebRtcEndpoint(pipeline, recv);
+ WebRtcEndpoint endpoint = createWebRtcEndpoint(pipeline, recv, kHandler.getCertificateType());
setTags(endpoint, uid);
reApplyIceCandiates(endpoint, recv);
diff --git a/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/KTestStream.java b/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/KTestStream.java
index 57111ed..a4f0f85 100644
--- a/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/KTestStream.java
+++ b/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/KTestStream.java
@@ -80,7 +80,7 @@ public class KTestStream extends AbstractStream {
}
private void startTestRecording(IWsClient c, JSONObject msg) {
- webRtcEndpoint = createWebRtcEndpoint(pipeline, null);
+ webRtcEndpoint = createWebRtcEndpoint(pipeline, null, kHandler.getCertificateType());
webRtcEndpoint.connect(webRtcEndpoint);
MediaProfileSpecType profile = getProfile(msg);
@@ -142,7 +142,7 @@ public class KTestStream extends AbstractStream {
public void play(final IWsClient inClient, JSONObject msg) {
createPipeline(() -> {
- webRtcEndpoint = createWebRtcEndpoint(pipeline, true);
+ webRtcEndpoint = createWebRtcEndpoint(pipeline, true, kHandler.getCertificateType());
player = createPlayerEndpoint(pipeline, recPath);
player.connect(webRtcEndpoint);
webRtcEndpoint.addMediaSessionStartedListener(evt -> {
diff --git a/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/KurentoHandler.java b/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/KurentoHandler.java
index a301dce..6227163 100644
--- a/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/KurentoHandler.java
+++ b/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/KurentoHandler.java
@@ -112,6 +112,8 @@ public class KurentoHandler {
private int watchThreadCount = 10;
@Value("${kurento.kuid}")
private String kuid;
+ @Value("${kurento.certificateType}")
+ private String certificateType;
private KurentoClient client;
private final AtomicBoolean connected = new AtomicBoolean(false);
private final Map<Long, KRoom> rooms = new ConcurrentHashMap<>();
@@ -391,6 +393,10 @@ public class KurentoHandler {
return kuid;
}
+ public String getCertificateType() {
+ return certificateType;
+ }
+
static int getFlowoutTimeout() {
return flowoutTimeout;
}
diff --git a/openmeetings-core/src/test/java/org/apache/openmeetings/core/remote/BaseMockedTest.java b/openmeetings-core/src/test/java/org/apache/openmeetings/core/remote/BaseMockedTest.java
index 86f0211..a6b433b 100644
--- a/openmeetings-core/src/test/java/org/apache/openmeetings/core/remote/BaseMockedTest.java
+++ b/openmeetings-core/src/test/java/org/apache/openmeetings/core/remote/BaseMockedTest.java
@@ -114,7 +114,7 @@ public class BaseMockedTest {
return null;
}
});
- streamMock.when(() -> AbstractStream.createWebRtcEndpoint(any(MediaPipeline.class), anyBoolean())).thenReturn(mock(WebRtcEndpoint.class));
+ streamMock.when(() -> AbstractStream.createWebRtcEndpoint(any(MediaPipeline.class), anyBoolean(), anyString())).thenReturn(mock(WebRtcEndpoint.class));
streamMock.when(() -> AbstractStream.createRecorderEndpoint(any(MediaPipeline.class), anyString(), any(MediaProfileSpecType.class))).thenReturn(mock(RecorderEndpoint.class));
streamMock.when(() -> AbstractStream.createPlayerEndpoint(any(MediaPipeline.class), anyString())).thenReturn(mock(PlayerEndpoint.class));
diff --git a/openmeetings-web/src/main/webapp/WEB-INF/classes/openmeetings.properties b/openmeetings-web/src/main/webapp/WEB-INF/classes/openmeetings.properties
index 37315c4..41727a7 100644
--- a/openmeetings-web/src/main/webapp/WEB-INF/classes/openmeetings.properties
+++ b/openmeetings-web/src/main/webapp/WEB-INF/classes/openmeetings.properties
@@ -51,6 +51,9 @@ kurento.flowout.timeout=5
kurento.kuid=df992960-e7b0-11ea-9acd-337fb30dd93d
## this list can be space and/or comma separated
kurento.ignored.kuids=
+## See https://doc-kurento.readthedocs.io/en/latest/features/security.html#media-plane-security-dtls
+## possible values: RSA, or ECDSA (capital-case)
+kurento.certificateType=
################## NetTest ##################
nettest.max.clients=50