You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@openmeetings.apache.org by GitBox <gi...@apache.org> on 2021/03/24 19:55:18 UTC
[GitHub] [openmeetings] sebawagner opened a new pull request #140: OPENMEETINGS-2601 Able to configure which certificate type to use for WebRtcEndpoint
sebawagner opened a new pull request #140:
URL: https://github.com/apache/openmeetings/pull/140
See Jira at https://issues.apache.org/jira/browse/OPENMEETINGS-2601
This config is required in KMS and also when initialising the WebRtcEndpoint via the constructor. Just doing KMS config, will have no effect.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [openmeetings] sebawagner commented on a change in pull request #140: OPENMEETINGS-2601 Able to configure which certificate type to use for WebRtcEndpoint
Posted by GitBox <gi...@apache.org>.
sebawagner commented on a change in pull request #140:
URL: https://github.com/apache/openmeetings/pull/140#discussion_r601006337
##########
File path: openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/AbstractStream.java
##########
@@ -48,8 +49,15 @@ public void release() {
public abstract void release(boolean remove);
- public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv) {
+ public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv,
Review comment:
its not a constructor?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [openmeetings] sebawagner commented on a change in pull request #140: OPENMEETINGS-2601 Able to configure which certificate type to use for WebRtcEndpoint
Posted by GitBox <gi...@apache.org>.
sebawagner commented on a change in pull request #140:
URL: https://github.com/apache/openmeetings/pull/140#discussion_r601006511
##########
File path: openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/AbstractStream.java
##########
@@ -48,8 +49,15 @@ public void release() {
public abstract void release(boolean remove);
- public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv) {
+ public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv,
+ String certificateType) {
WebRtcEndpoint.Builder builder = new WebRtcEndpoint.Builder(pipeline);
+ // See https://doc-kurento.readthedocs.io/en/latest/features/security.html#media-plane-security-dtls
+ if (CertificateKeyType.RSA.name().equals(certificateType)) {
Review comment:
That would mean you need to pass in the entire KHandler into the method ?
AbstractStream is not a bean. It requires parameters to be passed in.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [openmeetings] sebawagner commented on a change in pull request #140: OPENMEETINGS-2601 Able to configure which certificate type to use for WebRtcEndpoint
Posted by GitBox <gi...@apache.org>.
sebawagner commented on a change in pull request #140:
URL: https://github.com/apache/openmeetings/pull/140#discussion_r602618216
##########
File path: openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/AbstractStream.java
##########
@@ -48,8 +49,15 @@ public void release() {
public abstract void release(boolean remove);
- public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv) {
+ public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv,
Review comment:
That is actually not that easy.
The null value is used as a 3rd option to pass in.
In KTestStream::startTestRecording it passes _explicitly_ null into the method so that the stream is not marked as **neither** recv nor send only.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [openmeetings] sebawagner edited a comment on pull request #140: OPENMEETINGS-2601 Able to configure which certificate type to use for WebRtcEndpoint
Posted by GitBox <gi...@apache.org>.
sebawagner edited a comment on pull request #140:
URL: https://github.com/apache/openmeetings/pull/140#issuecomment-807623619
@solomax Please don't merge. Yet. I'm happy with the PR, but I would still like to do a few more tests with an actual certificate to make sure the configuration works.
Thanks
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [openmeetings] solomax commented on a change in pull request #140: OPENMEETINGS-2601 Able to configure which certificate type to use for WebRtcEndpoint
Posted by GitBox <gi...@apache.org>.
solomax commented on a change in pull request #140:
URL: https://github.com/apache/openmeetings/pull/140#discussion_r600977472
##########
File path: openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/KurentoHandler.java
##########
@@ -112,6 +112,8 @@
private int watchThreadCount = 10;
@Value("${kurento.kuid}")
private String kuid;
+ @Value("${kurento.certificateType}")
+ private String certificateType;
Review comment:
This can be `CertificateKeyType`
put `@Value("${kurento.certificateType}")` on setter
and perform conversion :)
the easy way `CertificateKeyType.valueOf(injectedString)`
##########
File path: openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/AbstractStream.java
##########
@@ -48,8 +49,15 @@ public void release() {
public abstract void release(boolean remove);
- public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv) {
+ public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv,
Review comment:
this constructor injection is not necessary
##########
File path: openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/AbstractStream.java
##########
@@ -48,8 +49,15 @@ public void release() {
public abstract void release(boolean remove);
- public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv) {
+ public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv,
+ String certificateType) {
WebRtcEndpoint.Builder builder = new WebRtcEndpoint.Builder(pipeline);
+ // See https://doc-kurento.readthedocs.io/en/latest/features/security.html#media-plane-security-dtls
+ if (CertificateKeyType.RSA.name().equals(certificateType)) {
Review comment:
I would do `if` or `switch` on `kHandler.getCertificateType()` here
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [openmeetings] sebawagner commented on a change in pull request #140: OPENMEETINGS-2601 Able to configure which certificate type to use for WebRtcEndpoint
Posted by GitBox <gi...@apache.org>.
sebawagner commented on a change in pull request #140:
URL: https://github.com/apache/openmeetings/pull/140#discussion_r602618216
##########
File path: openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/AbstractStream.java
##########
@@ -48,8 +49,15 @@ public void release() {
public abstract void release(boolean remove);
- public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv) {
+ public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv,
Review comment:
That is actually not that easy.
The null value is used as a 3rd option to pass in.
In KTestStream::startTestRecording it passes _explicitly_ null into the method so that the stream is not marked as **neither** recv or send only.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [openmeetings] solomax commented on a change in pull request #140: OPENMEETINGS-2601 Able to configure which certificate type to use for WebRtcEndpoint
Posted by GitBox <gi...@apache.org>.
solomax commented on a change in pull request #140:
URL: https://github.com/apache/openmeetings/pull/140#discussion_r601923454
##########
File path: openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/AbstractStream.java
##########
@@ -48,8 +49,15 @@ public void release() {
public abstract void release(boolean remove);
- public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv) {
+ public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv,
Review comment:
the code will be cleaner if this `Boolean` will be `boolean` :)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [openmeetings] sebawagner commented on pull request #140: OPENMEETINGS-2601 Able to configure which certificate type to use for WebRtcEndpoint
Posted by GitBox <gi...@apache.org>.
sebawagner commented on pull request #140:
URL: https://github.com/apache/openmeetings/pull/140#issuecomment-807623619
Please don't merge. I'm happy with the PR, but I would still like to do a few more tests with an actual certificate to make sure the configuration works.
Thanks
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [openmeetings] solomax commented on a change in pull request #140: OPENMEETINGS-2601 Able to configure which certificate type to use for WebRtcEndpoint
Posted by GitBox <gi...@apache.org>.
solomax commented on a change in pull request #140:
URL: https://github.com/apache/openmeetings/pull/140#discussion_r601029774
##########
File path: openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/AbstractStream.java
##########
@@ -48,8 +49,15 @@ public void release() {
public abstract void release(boolean remove);
- public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv) {
+ public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv,
+ String certificateType) {
WebRtcEndpoint.Builder builder = new WebRtcEndpoint.Builder(pipeline);
+ // See https://doc-kurento.readthedocs.io/en/latest/features/security.html#media-plane-security-dtls
+ if (CertificateKeyType.RSA.name().equals(certificateType)) {
Review comment:
yep
this should be
I would do if or switch on passed `CertificateKeyType` here :)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [openmeetings] sebawagner commented on a change in pull request #140: OPENMEETINGS-2601 Able to configure which certificate type to use for WebRtcEndpoint
Posted by GitBox <gi...@apache.org>.
sebawagner commented on a change in pull request #140:
URL: https://github.com/apache/openmeetings/pull/140#discussion_r602602200
##########
File path: openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/AbstractStream.java
##########
@@ -48,8 +49,15 @@ public void release() {
public abstract void release(boolean remove);
- public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv) {
+ public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv,
Review comment:
I can change it. Wasn't my change to introduce this parameter.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [openmeetings] sebawagner merged pull request #140: OPENMEETINGS-2601 Able to configure which certificate type to use for WebRtcEndpoint
Posted by GitBox <gi...@apache.org>.
sebawagner merged pull request #140:
URL: https://github.com/apache/openmeetings/pull/140
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [openmeetings] solomax commented on a change in pull request #140: OPENMEETINGS-2601 Able to configure which certificate type to use for WebRtcEndpoint
Posted by GitBox <gi...@apache.org>.
solomax commented on a change in pull request #140:
URL: https://github.com/apache/openmeetings/pull/140#discussion_r601029330
##########
File path: openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/AbstractStream.java
##########
@@ -48,8 +49,15 @@ public void release() {
public abstract void release(boolean remove);
- public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv) {
+ public static WebRtcEndpoint createWebRtcEndpoint(MediaPipeline pipeline, Boolean recv,
Review comment:
you are right, parameter here is required
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org