Discussion:
[Bug 759777] New: Limit number of connecting clients in GstRTSPServer
"GStreamer" (GNOME Bugzilla)
2015-12-22 14:50:06 UTC
Permalink
https://bugzilla.gnome.org/show_bug.cgi?id=759777

Bug ID: 759777
Summary: Limit number of connecting clients in GstRTSPServer
Classification: Platform
Product: GStreamer
Version: git master
OS: All
Status: NEW
Severity: normal
Priority: Normal
Component: gst-rtsp-server
Assignee: gstreamer-***@lists.freedesktop.org
Reporter: ***@hotmail.com
QA Contact: gstreamer-***@lists.freedesktop.org
GNOME version: ---

GstRTSPServer currently has a way of limiting the number of work being done in
parallel by setting the maximum number of threads on the GstRTSPThreadPool
being used. But there is no way to limit the number of connecting clients (some
of which may later be accepted, and some be denied e.g. by the ->prepare()
virtual function denying access). If there is no limit then some resource may
be depleted, e.g. the number of file descriptors that may be open in the
process running GstRTSPServer.

The proposed patch adds a property on GstRTSPServer exposing a max-clients
limit. Once this limit has been reached the server will simply disconnect any
connecting client without letting it send its request and without sending any
RTSP response.

I'm of course available for further discussions concerning this patch.
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
"GStreamer" (GNOME Bugzilla)
2015-12-22 14:59:16 UTC
Permalink
https://bugzilla.gnome.org/show_bug.cgi?id=759777

--- Comment #1 from Sebastian Rasmussen <***@hotmail.com> ---
Created attachment 317788
--> https://bugzilla.gnome.org/attachment.cgi?id=317788&action=edit
Proposed patch.
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
"GStreamer" (GNOME Bugzilla)
2015-12-22 15:03:42 UTC
Permalink
https://bugzilla.gnome.org/show_bug.cgi?id=759777

Tim-Philipp Müller <***@zen.co.uk> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |***@zen.co.uk
Summary|Limit number of connecting |Add "max-clients" property
|clients in GstRTSPServer |to limit number of
| |connecting clients in
| |GstRTSPServer
Severity|normal |enhancement

--- Comment #2 from Tim-Philipp Müller <***@zen.co.uk> ---
FWIW, you can already limit the number of clients by implementing
GstRTSPServer::create_client() and returning NULL from there if the max number
of clients is reached.
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
"GStreamer" (GNOME Bugzilla)
2015-12-22 16:20:57 UTC
Permalink
https://bugzilla.gnome.org/show_bug.cgi?id=759777

--- Comment #3 from Sebastian Rasmussen <***@hotmail.com> ---
That's indeed true. Do you prefer that rate limiting is kept outside of
gst-rtsp-server and then implemented by each project as it sees fit? Perhaps
there are other ways that projects would like to decide whether a client should
be denied? Can't think of any of the bat though.
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
"GStreamer" (GNOME Bugzilla)
2016-01-12 18:26:13 UTC
Permalink
https://bugzilla.gnome.org/show_bug.cgi?id=759777

Olivier Crête <***@ocrete.ca> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |***@ocrete.ca

--- Comment #4 from Olivier Crête <***@ocrete.ca> ---
I like the idea of having a generic max-clients, but I'd like better to return
a meaningful error. Maybe set it to reject DESCRIBE/PLAY requests with a "453
Not Enough Bandwidth" and an explanatory message. It will make users life
easier when their cameras start rejecting clients for no clear reason!
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
"GStreamer" (GNOME Bugzilla)
2016-01-12 18:29:11 UTC
Permalink
https://bugzilla.gnome.org/show_bug.cgi?id=759777

--- Comment #5 from Sebastian Rasmussen <***@hotmail.com> ---
Actually when you have even more clients than your hardware can handle you
can't even bother to read the request and responde with a 453 or a 503 because
doing so would consume more of those precious resources that you don't have
enough of. Also 453 seems to be related to bandwidth reservation which is not
really what I'm trying to get at here. The scenario is a pure denial of service
attack using RTSP-clients that basically attempt to do DESCRIBE and then
disconnect.
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
"GStreamer" (GNOME Bugzilla)
2016-02-10 06:57:55 UTC
Permalink
https://bugzilla.gnome.org/show_bug.cgi?id=759777

Anders Jonsson <***@norsjovallen.se> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |***@norsjovallen
| |.se

--- Comment #6 from Anders Jonsson <***@norsjovallen.se> ---
Comment on attachment 317788
--> https://bugzilla.gnome.org/attachment.cgi?id=317788
Proposed patch.

+ * The maximum number of connected clients that the server can handle. If
+ * this number of exceeded the server will being to close connections to
+ * connecting clients as a means of rate limiting the number of clients.

The second sentence was hard to parse for me. Is it "If this number is exceeded
the server will begin to close connections" that is intended?
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
"GStreamer" (GNOME Bugzilla)
2016-02-10 10:06:49 UTC
Permalink
https://bugzilla.gnome.org/show_bug.cgi?id=759777

Sebastian Rasmussen <***@hotmail.com> changed:

What |Removed |Added
----------------------------------------------------------------------------
Attachment #317788|0 |1
is obsolete| |

--- Comment #7 from Sebastian Rasmussen <***@hotmail.com> ---
Created attachment 320776
--> https://bugzilla.gnome.org/attachment.cgi?id=320776&action=edit
Proposed patch.
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
"GStreamer" (GNOME Bugzilla)
2016-02-10 10:18:02 UTC
Permalink
https://bugzilla.gnome.org/show_bug.cgi?id=759777

--- Comment #8 from Sebastian Rasmussen <***@hotmail.com> ---
Anders, thanks for checking not my Swedish translations for other projects, but
also my code comments here! I wasn't really expecting this. :)
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
"GStreamer" (GNOME Bugzilla)
2018-11-03 15:39:27 UTC
Permalink
https://bugzilla.gnome.org/show_bug.cgi?id=759777

GStreamer system administrator <***@gstreamer.net> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |OBSOLETE

--- Comment #9 from GStreamer system administrator <***@gstreamer.net> ---
-- GitLab Migration Automatic Message --

This bug has been migrated to freedesktop.org's GitLab instance and has been
closed from further activity.

You can subscribe and participate further through the new bug through this link
to our GitLab instance:
https://gitlab.freedesktop.org/gstreamer/gst-rtsp-server/issues/17.
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
Loading...