Archive for June, 2013

Blog moving to blogspot

Posted by rarut in Uncategorized on June 24, 2013

I’ve decided to move the blog to Google Blogspot. The new address is

nginx-rtmp.blogspot.com

It looks more consistent and much faster. Moreover wordpress.com is blocked by several major Russian ISPs.

.

Leave a comment

Multi-worker statistics and control with nginx “per-worker-listener” patch

Posted by rarut in Uncategorized on June 18, 2013

Today I’ve written a small nginx patch providing a feature that solves many problems in RTMP-HTTP integration namely statistics and control. Statistics and control is known to work bad in multi-worker mode since HTTP request goes to a random worker. So the client receives random worker statistics or performs a control action with a worker that didn’t receive previous actions from user.

The patch is named per-worker-listener. It can be downloaded here. When applied to nginx it opens ports for connecting to the worker you want, not just a random worker. Each worker has its own port number so you can choose the port to connect. The new syntax extends listen directive with a new option per_worker. The port specified in listen directive becomes base port number for worker listeners.

listen 80; # usual listen directive
listen 9000 per_worker; # per-worker listener


With the above configuration 1st worker will listen to 9000 port, 2nd to 9001 port, 3rd to 9002 port etc. To make that work please turn off accept_mutex. Listeners with no per_worker work as usual.

events {
    worker_connections  1024;
    accept_mutex off;
}

The patch is especially useful with stat and control handlers of nginx-rtmp-module.

server {
    listen   9000 per_worker;
    location /stat {
        rtmp_stat all;
        rtmp_stat_stylesheet stat.xsl;
    }
    location /stat.xsl {
        root /tmp;
    }
    location /control {
        rtmp_control all;
    }
}

Now see 3rd worker stats at the location http://localhost:9002/stat.

Leave a comment

Windows support in 1.0.1

Posted by rarut in Uncategorized on June 13, 2013

I’ve updated the nginx-rtmp code to compile and run on MS Windows. The limitations are

  • execs are not supported
  • static pulls are not supported
  • auto_push is not supported

Moreover the code is now much more portable so it can probably compile on uncommon platforms not supported earlier.

UPD: Nginx for Windows compilation guide
Add RTMP module with the usual option –add=module=PATH/TO/nginx-rtmp-module

UPD2: You can use Microsoft Visual C++ 2010 Express to compile nginx. It’s free. Download it from Microsoft web site.

Leave a comment

Secure links in nginx-rtmp

Posted by rarut in Uncategorized on June 9, 2013

Many people ask me for secure link support in nginx-rtmp similar to nginx http secure links. The truth is no special support is needed to have that in nginx-rtmp. You can set secure links on on_connect, on_play or on_plubish. I’ll show how to do that for on_play. on_publish is very much the same, on_connect has no name argument, only app.

http {
    server {
        listen 8080;
        server_name localhost;

        location /on_play {

            # set connection secure link
            secure_link $arg_st,$arg_e;
            secure_link_md5 mysecretkey$arg_app/$arg_name$arg_e;

            # bad hash
            if ($secure_link = "") {
                return 501;
            }

            # link expired
            if ($secure_link = "0") {
                return 502;
            }

            return 200;
        }
    }
}
rtmp {
    server {
        listen 1935;

        # protected application
        application myapp {
            live on;
            on_play http://localhost:8080/on_play;
        }
    }
}

With the above configuration you cannot play any stream from myapp application without providing the right secure link.

> ffplay 'rtmp://localhost/myapp/mystream'
ffplay version 1.0.6 Copyright (c) 2003-2013 the FFmpeg developers
...
rtmp://localhost/myapp/mystream: Unknown error occurred

In error.log we have this message

notify: HTTP retcode: 5xx

Now let’s construct valid secure RTMP link. Get current timestamp first and add 1 hour expire time to it.

> date +%s
1370777449
> echo $((1370777449+3600))
1370781049


Then construct the hash (watch config above for key)

> echo -n "mysecretkeymyapp/mystream1370781049" | openssl dgst -md5 -binary | 
         openssl enc -base64 | tr '+/' '-_' | tr -d '='
Mbjev5ld4mmCN00mwIqD7w

Now we have the hash. It’s easy to construct the valid secure RTMP url.


> ffplay 'rtmp://localhost/myapp/mystream?e=1370781049&st=Mbjev5ld4mmCN00mwIqD7w'

2 Comments

Fixed build in nginx-1.5.1

Posted by rarut in Uncategorized on June 4, 2013

According to nginx 1.5.1 changelist the bug with ssl requiring nginx-http_ssl_module when adding nginx-rtmp-module is now fixed. So nginx with nginx-rtmp-module should now build as before without any additional options. The bug has been introduced in 1.3.14. Thanks to Maxim Dounin for that fix.

3 Comments