Archive for June, 2013
Blog moving to blogspot
Posted by rarut in Uncategorized on June 24, 2013
I’ve decided to move the blog to Google Blogspot. The new address is
It looks more consistent and much faster. Moreover wordpress.com is blocked by several major Russian ISPs.
.
Multi-worker statistics and control with nginx “per-worker-listener” patch
Posted by rarut in Uncategorized on June 18, 2013
Today I’ve written a small nginx patch providing a feature that solves many problems in RTMP-HTTP integration namely statistics and control. Statistics and control is known to work bad in multi-worker mode since HTTP request goes to a random worker. So the client receives random worker statistics or performs a control action with a worker that didn’t receive previous actions from user.
The patch is named per-worker-listener. It can be downloaded here. When applied to nginx it opens ports for connecting to the worker you want, not just a random worker. Each worker has its own port number so you can choose the port to connect. The new syntax extends listen directive with a new option per_worker. The port specified in listen directive becomes base port number for worker listeners.
listen 80; # usual listen directive listen 9000 per_worker; # per-worker listener
With the above configuration 1st worker will listen to 9000 port, 2nd to 9001 port, 3rd to 9002 port etc. To make that work please turn off accept_mutex. Listeners with no per_worker work as usual.
events { worker_connections 1024; accept_mutex off; }
The patch is especially useful with stat and control handlers of nginx-rtmp-module.
server { listen 9000 per_worker; location /stat { rtmp_stat all; rtmp_stat_stylesheet stat.xsl; } location /stat.xsl { root /tmp; } location /control { rtmp_control all; } }
Now see 3rd worker stats at the location http://localhost:9002/stat.
Windows support in 1.0.1
Posted by rarut in Uncategorized on June 13, 2013
I’ve updated the nginx-rtmp code to compile and run on MS Windows. The limitations are
- execs are not supported
- static pulls are not supported
- auto_push is not supported
Moreover the code is now much more portable so it can probably compile on uncommon platforms not supported earlier.
UPD: Nginx for Windows compilation guide
Add RTMP module with the usual option –add=module=PATH/TO/nginx-rtmp-module
UPD2: You can use Microsoft Visual C++ 2010 Express to compile nginx. It’s free. Download it from Microsoft web site.
Secure links in nginx-rtmp
Posted by rarut in Uncategorized on June 9, 2013
Many people ask me for secure link support in nginx-rtmp similar to nginx http secure links. The truth is no special support is needed to have that in nginx-rtmp. You can set secure links on on_connect, on_play or on_plubish. I’ll show how to do that for on_play. on_publish is very much the same, on_connect has no name argument, only app.
http { server { listen 8080; server_name localhost; location /on_play { # set connection secure link secure_link $arg_st,$arg_e; secure_link_md5 mysecretkey$arg_app/$arg_name$arg_e; # bad hash if ($secure_link = "") { return 501; } # link expired if ($secure_link = "0") { return 502; } return 200; } } } rtmp { server { listen 1935; # protected application application myapp { live on; on_play http://localhost:8080/on_play; } } }
With the above configuration you cannot play any stream from myapp application without providing the right secure link.
> ffplay 'rtmp://localhost/myapp/mystream' ffplay version 1.0.6 Copyright (c) 2003-2013 the FFmpeg developers ... rtmp://localhost/myapp/mystream: Unknown error occurred
In error.log we have this message
notify: HTTP retcode: 5xx
Now let’s construct valid secure RTMP link. Get current timestamp first and add 1 hour expire time to it.
> date +%s 1370777449 > echo $((1370777449+3600)) 1370781049
Then construct the hash (watch config above for key)
> echo -n "mysecretkeymyapp/mystream1370781049" | openssl dgst -md5 -binary | openssl enc -base64 | tr '+/' '-_' | tr -d '=' Mbjev5ld4mmCN00mwIqD7w
Now we have the hash. It’s easy to construct the valid secure RTMP url.
> ffplay 'rtmp://localhost/myapp/mystream?e=1370781049&st=Mbjev5ld4mmCN00mwIqD7w'
Fixed build in nginx-1.5.1
Posted by rarut in Uncategorized on June 4, 2013
According to nginx 1.5.1 changelist the bug with ssl requiring nginx-http_ssl_module when adding nginx-rtmp-module is now fixed. So nginx with nginx-rtmp-module should now build as before without any additional options. The bug has been introduced in 1.3.14. Thanks to Maxim Dounin for that fix.