diff options
| author | DeHackEd <git@dehacked.net> | 2017-08-06 15:10:35 +0800 |
|---|---|---|
| committer | Steven Liu <lq@chinaffmpeg.org> | 2017-08-06 15:10:35 +0800 |
| commit | eabeb9093abe0169a574945760ad3a26bf47cba4 (patch) | |
| tree | b2df573b94fbbaca1201ecfea7373aefa5065a9a | |
| parent | 1e443051b277f73b94a2f660d3fd31a1a7beab52 (diff) | |
avformat/hlsenc: allow dynamic encryption key rotation
Makes behaviour of 805ce25b1d2f optional, re-enables
HLS key rotation feature
Reviewed-by: Steven Liu <lq@onvideo.cn>
Signed-off-by: DHE <git@dehacked.net>
| -rw-r--r-- | doc/muxers.texi | 7 | ||||
| -rw-r--r-- | libavformat/hlsenc.c | 4 |
2 files changed, 9 insertions, 2 deletions
diff --git a/doc/muxers.texi b/doc/muxers.texi index 94472cef44..2bec5f8954 100644 --- a/doc/muxers.texi +++ b/doc/muxers.texi @@ -551,7 +551,7 @@ format. The optional third line specifies the initialization vector (IV) as a hexadecimal string to be used instead of the segment sequence number (default) for encryption. Changes to @var{key_info_file} will result in segment encryption with the new key/IV and an entry in the playlist for the new key -URI/IV. +URI/IV if @code{hls_flags periodic_rekey} is enabled. Key info file format: @example @@ -665,6 +665,11 @@ first segment's information. @item omit_endlist Do not append the @code{EXT-X-ENDLIST} tag at the end of the playlist. +@item periodic_rekey +The file specified by @code{hls_key_info_file} will be checked periodically and +detect updates to the encryption info. Be sure to replace this file atomically, +including the file containing the AES encryption key. + @item split_by_time Allow segments to start on frames other than keyframes. This improves behavior on some players when the time between keyframes is inconsistent, diff --git a/libavformat/hlsenc.c b/libavformat/hlsenc.c index 5cf8c89ee7..74a3249b73 100644 --- a/libavformat/hlsenc.c +++ b/libavformat/hlsenc.c @@ -85,6 +85,7 @@ typedef enum HLSFlags { HLS_SECOND_LEVEL_SEGMENT_DURATION = (1 << 9), // include segment duration (microsec) in segment filenames when use_localtime e.g.: %%09t HLS_SECOND_LEVEL_SEGMENT_SIZE = (1 << 10), // include segment size (bytes) in segment filenames when use_localtime e.g.: %%014s HLS_TEMP_FILE = (1 << 11), + HLS_PERIODIC_REKEY = (1 << 12), } HLSFlags; typedef enum { @@ -1236,7 +1237,7 @@ static int hls_start(AVFormatContext *s) " will use -hls_key_info_file priority\n"); } - if (c->number <= 1) { + if (c->number <= 1 || (c->flags & HLS_PERIODIC_REKEY)) { if (c->key_info_file) { if ((err = hls_encryption_start(s)) < 0) goto fail; @@ -1804,6 +1805,7 @@ static const AVOption options[] = { {"second_level_segment_index", "include segment index in segment filenames when use_localtime", 0, AV_OPT_TYPE_CONST, {.i64 = HLS_SECOND_LEVEL_SEGMENT_INDEX }, 0, UINT_MAX, E, "flags"}, {"second_level_segment_duration", "include segment duration in segment filenames when use_localtime", 0, AV_OPT_TYPE_CONST, {.i64 = HLS_SECOND_LEVEL_SEGMENT_DURATION }, 0, UINT_MAX, E, "flags"}, {"second_level_segment_size", "include segment size in segment filenames when use_localtime", 0, AV_OPT_TYPE_CONST, {.i64 = HLS_SECOND_LEVEL_SEGMENT_SIZE }, 0, UINT_MAX, E, "flags"}, + {"periodic_rekey", "reload keyinfo file periodically for re-keying", 0, AV_OPT_TYPE_CONST, {.i64 = HLS_PERIODIC_REKEY }, 0, UINT_MAX, E, "flags"}, {"use_localtime", "set filename expansion with strftime at segment creation", OFFSET(use_localtime), AV_OPT_TYPE_BOOL, {.i64 = 0 }, 0, 1, E }, {"use_localtime_mkdir", "create last directory component in strftime-generated filename", OFFSET(use_localtime_mkdir), AV_OPT_TYPE_BOOL, {.i64 = 0 }, 0, 1, E }, {"hls_playlist_type", "set the HLS playlist type", OFFSET(pl_type), AV_OPT_TYPE_INT, {.i64 = PLAYLIST_TYPE_NONE }, 0, PLAYLIST_TYPE_NB-1, E, "pl_type" }, |