From 878abbddda4da46811d8709ec90248b9c1b5f569 Mon Sep 17 00:00:00 2001 From: Luke Pulverenti Date: Fri, 29 Sep 2017 15:17:54 -0400 Subject: [PATCH 1/3] fixes #1427 - [Feature Request]: Require Encryption --- .../ApplicationHost.cs | 4 ++-- .../EntryPoints/ExternalPortForwarding.cs | 2 +- .../HttpServer/HttpListenerHost.cs | 19 +++++++++++++++++++ .../Configuration/ServerConfiguration.cs | 2 ++ 4 files changed, 24 insertions(+), 3 deletions(-) diff --git a/Emby.Server.Implementations/ApplicationHost.cs b/Emby.Server.Implementations/ApplicationHost.cs index 6996210435..57c509923a 100644 --- a/Emby.Server.Implementations/ApplicationHost.cs +++ b/Emby.Server.Implementations/ApplicationHost.cs @@ -1931,13 +1931,13 @@ namespace Emby.Server.Implementations { get { - return SupportsHttps && ServerConfigurationManager.Configuration.EnableHttps; + return SupportsHttps && (ServerConfigurationManager.Configuration.EnableHttps || ServerConfigurationManager.Configuration.RequireHttps); } } public bool SupportsHttps { - get { return Certificate != null; } + get { return Certificate != null || ServerConfigurationManager.Configuration.IsBehindProxy; } } public async Task GetLocalApiUrl() diff --git a/Emby.Server.Implementations/EntryPoints/ExternalPortForwarding.cs b/Emby.Server.Implementations/EntryPoints/ExternalPortForwarding.cs index 9b434d606d..2cef468394 100644 --- a/Emby.Server.Implementations/EntryPoints/ExternalPortForwarding.cs +++ b/Emby.Server.Implementations/EntryPoints/ExternalPortForwarding.cs @@ -48,7 +48,7 @@ namespace Emby.Server.Implementations.EntryPoints values.Add(config.PublicPort.ToString(CultureInfo.InvariantCulture)); values.Add(_appHost.HttpPort.ToString(CultureInfo.InvariantCulture)); values.Add(_appHost.HttpsPort.ToString(CultureInfo.InvariantCulture)); - values.Add(config.EnableHttps.ToString()); + values.Add((config.EnableHttps || config.RequireHttps).ToString()); values.Add(_appHost.EnableHttps.ToString()); return string.Join("|", values.ToArray(values.Count)); diff --git a/Emby.Server.Implementations/HttpServer/HttpListenerHost.cs b/Emby.Server.Implementations/HttpServer/HttpListenerHost.cs index 031d1d90b1..acc247e458 100644 --- a/Emby.Server.Implementations/HttpServer/HttpListenerHost.cs +++ b/Emby.Server.Implementations/HttpServer/HttpListenerHost.cs @@ -423,6 +423,19 @@ namespace Emby.Server.Implementations.HttpServer return true; } + private bool ValidateSsl(string remoteIp) + { + if (_config.Configuration.RequireHttps && _appHost.EnableHttps) + { + if (!_networkManager.IsInLocalNetwork(remoteIp)) + { + return false; + } + } + + return true; + } + /// /// Overridable method that can be used to implement a custom hnandler /// @@ -453,6 +466,12 @@ namespace Emby.Server.Implementations.HttpServer return; } + if (!ValidateSsl(httpReq.RemoteIp)) + { + RedirectToUrl(httpRes, urlString.Replace("http://", "https://", StringComparison.OrdinalIgnoreCase)); + return; + } + if (string.Equals(httpReq.Verb, "OPTIONS", StringComparison.OrdinalIgnoreCase)) { httpRes.StatusCode = 200; diff --git a/MediaBrowser.Model/Configuration/ServerConfiguration.cs b/MediaBrowser.Model/Configuration/ServerConfiguration.cs index 7c7358845b..f7fffbf79a 100644 --- a/MediaBrowser.Model/Configuration/ServerConfiguration.cs +++ b/MediaBrowser.Model/Configuration/ServerConfiguration.cs @@ -181,6 +181,8 @@ namespace MediaBrowser.Model.Configuration public string[] CodecsUsed { get; set; } public bool EnableChannelView { get; set; } public bool EnableExternalContentInSuggestions { get; set; } + public bool RequireHttps { get; set; } + public bool IsBehindProxy { get; set; } public int ImageExtractionTimeoutMs { get; set; } From 4e4c145855bb2f58492f62b9bfbb6a3f7c1d232f Mon Sep 17 00:00:00 2001 From: Luke Pulverenti Date: Fri, 29 Sep 2017 16:10:13 -0400 Subject: [PATCH 2/3] update hls query string --- .../MediaEncoding/EncodingHelper.cs | 10 ++++++---- MediaBrowser.Model/Dlna/StreamBuilder.cs | 7 ++++++- MediaBrowser.Model/Dlna/StreamInfo.cs | 8 ++++++-- 3 files changed, 18 insertions(+), 7 deletions(-) diff --git a/MediaBrowser.Controller/MediaEncoding/EncodingHelper.cs b/MediaBrowser.Controller/MediaEncoding/EncodingHelper.cs index 861f4467df..6be68043fd 100644 --- a/MediaBrowser.Controller/MediaEncoding/EncodingHelper.cs +++ b/MediaBrowser.Controller/MediaEncoding/EncodingHelper.cs @@ -346,7 +346,8 @@ namespace MediaBrowser.Controller.MediaEncoding "Constrained High" }; - return Array.FindIndex(list.ToArray(), t => string.Equals(t, profile, StringComparison.OrdinalIgnoreCase)); + // strip spaces because they may be stripped out on the query string + return Array.FindIndex(list.ToArray(), t => string.Equals(t.Replace(" ", ""), profile.Replace(" ", ""), StringComparison.OrdinalIgnoreCase)); } public string GetInputPathArgument(EncodingJobInfo state) @@ -831,7 +832,7 @@ namespace MediaBrowser.Controller.MediaEncoding } // Source and target codecs must match - if (string.IsNullOrEmpty(videoStream.Codec) || !state.SupportedVideoCodecs.Contains(videoStream.Codec, StringComparer.OrdinalIgnoreCase)) + if (string.IsNullOrWhiteSpace(videoStream.Codec) || !state.SupportedVideoCodecs.Contains(videoStream.Codec, StringComparer.OrdinalIgnoreCase)) { return false; } @@ -841,13 +842,14 @@ namespace MediaBrowser.Controller.MediaEncoding // If client is requesting a specific video profile, it must match the source if (requestedProfiles.Length > 0) { - if (string.IsNullOrEmpty(videoStream.Profile)) + if (string.IsNullOrWhiteSpace(videoStream.Profile)) { //return false; } var requestedProfile = requestedProfiles[0]; - if (!string.IsNullOrEmpty(videoStream.Profile) && !string.Equals(requestedProfile, videoStream.Profile, StringComparison.OrdinalIgnoreCase)) + // strip spaces because they may be stripped out on the query string as well + if (!string.IsNullOrWhiteSpace(videoStream.Profile) && !requestedProfiles.Contains(videoStream.Profile.Replace(" ", ""), StringComparer.OrdinalIgnoreCase)) { var currentScore = GetVideoProfileScore(videoStream.Profile); var requestedScore = GetVideoProfileScore(requestedProfile); diff --git a/MediaBrowser.Model/Dlna/StreamBuilder.cs b/MediaBrowser.Model/Dlna/StreamBuilder.cs index 67d9b834f4..95a80c34c0 100644 --- a/MediaBrowser.Model/Dlna/StreamBuilder.cs +++ b/MediaBrowser.Model/Dlna/StreamBuilder.cs @@ -1615,7 +1615,12 @@ namespace MediaBrowser.Model.Dlna if (!string.IsNullOrWhiteSpace(value)) { // change from split by | to comma - item.SetOption(qualifier, "profile", string.Join(",", value.Split(new[] { '|' }, StringSplitOptions.RemoveEmptyEntries))); + + // strip spaces to avoid having to encode + var values = value + .Split(new[] { '|' }, StringSplitOptions.RemoveEmptyEntries); + + item.SetOption(qualifier, "profile", string.Join(",", values)); } break; } diff --git a/MediaBrowser.Model/Dlna/StreamInfo.cs b/MediaBrowser.Model/Dlna/StreamInfo.cs index 2019acd0d2..5a059e91d2 100644 --- a/MediaBrowser.Model/Dlna/StreamInfo.cs +++ b/MediaBrowser.Model/Dlna/StreamInfo.cs @@ -297,7 +297,10 @@ namespace MediaBrowser.Model.Dlna // dlna needs to be update to support the qualified params var profile = item.GetOption("h264", "profile"); - list.Add(new NameValuePair("Profile", profile ?? string.Empty)); + // Avoid having to encode + profile = (profile ?? string.Empty).Replace(" ", ""); + + list.Add(new NameValuePair("Profile", profile)); } // no longer used @@ -372,7 +375,8 @@ namespace MediaBrowser.Model.Dlna continue; } - list.Add(new NameValuePair(pair.Key, pair.Value)); + // strip spaces to avoid having to encode h264 profile names + list.Add(new NameValuePair(pair.Key, pair.Value.Replace(" ", ""))); } } From 9f86ebab28207be22617e165214ba68c35a09b15 Mon Sep 17 00:00:00 2001 From: Luke Pulverenti Date: Fri, 29 Sep 2017 16:11:21 -0400 Subject: [PATCH 3/3] 3.2.32.12 --- SharedVersion.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SharedVersion.cs b/SharedVersion.cs index ea2c949247..62fd1f7ba7 100644 --- a/SharedVersion.cs +++ b/SharedVersion.cs @@ -1,3 +1,3 @@ using System.Reflection; -[assembly: AssemblyVersion("3.2.32.11")] +[assembly: AssemblyVersion("3.2.32.12")]