TCP Plugins w/ OpenSSL
Locked
TCP Plugins w/ OpenSSL
 
|
Re: TCP Plugins w/ OpenSSL
|
|
On Thu, 2011-01-20 at 11:58 -0500, Jim Muchow wrote:
> We’ve implemented OpenSSL in the TCP portion of the Base Plugins. We > would like to contribute this code to the Gstreamer project, but we > don’t know how. We also have some questions/concerns and some > unfinished work. > > Rather than dive into the technical details, I’ll just leave it here. > > Comments? Questions? You mean to tcpserver{sink,src} and tcpclient{sink,src}? I guess that's a good idea in general but the problem here is, that the OpenSSL license is not GPL compatible and as such this code can't live in gst-plugins-base. As alternative you could add a compile-time option to use either OpenSSL or GnuTLS. Apart from that it might make sense to create new elements for this in -base, that share a lot of code with the TCP elements... instead of having a enable-SSL/TLS property on the elements. ------------------------------------------------------------------------------ Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ gstreamer-devel mailing list [hidden email] https://lists.sourceforge.net/lists/listinfo/gstreamer-devel |
signature.asc (205 bytes)
Re: TCP Plugins w/ OpenSSL
|
|
RE: TCP Plugins w/ OpenSSL
|
|
We feel obligated to return the changes we've to the Gstreamer
community. We understand that there is a licensing mismatch between Gstreamer and OpenSSL. That said, based on a little research, the solution here, the approach, would seem to work for GnuTLS as well as OpenSSL. We hope that this can be of help should someone else need this functionality. This update contains the README file and the patch file we use. Thanks, Jim Muchow -----Original Message----- From: Jim Muchow [mailto:[hidden email]] Sent: Thursday, January 20, 2011 12:26 To: Discussion of the development of GStreamer Subject: Re: [gst-devel] TCP Plugins w/ OpenSSL > From: Sebastian Dröge [mailto:[hidden email]] > Sent: Thursday, January 20, 2011 11:30 > > On Thu, 2011-01-20 at 11:58 -0500, Jim Muchow wrote: > > We’ve implemented OpenSSL in the TCP portion of the Base > Plugins. We > > would like to contribute this code to the Gstreamer project, but > we > > don’t know how. We also have some questions/concerns and some > > unfinished work. > > > > Rather than dive into the technical details, I’ll just leave it > here. > > > > Comments? Questions? > > You mean to tcpserver{sink,src} and tcpclient{sink,src}? I guess We've implemented and tested the changes to tcpclientsink & tcpserversrc. Each of the functions in gsttcp.c now have an OpenSSL analog. > that's a good idea in general but the problem here is, that the > OpenSSL license is not GPL compatible and as such this code can't > live in gst-plugins-base. > > As alternative you could add a compile-time option to use either > OpenSSL or GnuTLS. The code has been implemented (in the 0.10.29 release) using a conditional compile. If not included, a resulting build binary is identical to one prior to this feature addition. If included in a build, however, the use of OpenSSL can be enabled or disabled via the set_property mechanism. > Apart from that it might make sense to create new elements for > this in -base, that share a lot of code with the TCP elements... > instead of having a enable-SSL/TLS property on the elements. There at least a couple of approaches to how integrate with TCP. One is to use the OpenSSL BIO abstraction. The other way is to let a sockets-based environment "do its thing" (socket(), listen(), accept(), connect()) and then bolt on an SSL session. We chose the latter. If former is preferred, then yes, a whole new set of elements would make sense. ------------------------------------------------------------------------------ Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ gstreamer-devel mailing list [hidden email] https://lists.sourceforge.net/lists/listinfo/gstreamer-devel _______________________________________________ gstreamer-devel mailing list [hidden email] http://lists.freedesktop.org/mailman/listinfo/gstreamer-devel |
RE: TCP Plugins w/ OpenSSL
|
|
On Mon, 2011-02-14 at 16:58 -0500, Jim Muchow wrote:
> We feel obligated to return the changes we've to the Gstreamer > community. > > We understand that there is a licensing mismatch between > Gstreamer and OpenSSL. That said, based on a little research, > the solution here, the approach, would seem to work for GnuTLS > as well as OpenSSL. We hope that this can be of help should > someone else need this functionality. > > This update contains the README file and the patch file we use. sorry for not getting back to you earlier. First of all thanks for the patch but please create a bugreport at http://bugzilla.gnome.org with the patch against GStreamer (or if you want I can do that for you). I discussed this with some others some time ago and we came to the conclusion that it might be better to use the GLib TLS support instead of relying on a single TLS implementation. That way GnuTLS, OpenSSL or whatever is available (like a Windows TLS implementation) can be used without GStreamer changes. But I guess your patch is a good starting point for this. _______________________________________________ gstreamer-devel mailing list [hidden email] http://lists.freedesktop.org/mailman/listinfo/gstreamer-devel |
| Free forum by Nabble | Edit this page |