From b1d1c7abe5a865450b808d19c5980e36cf1fd4d4 Mon Sep 17 00:00:00 2001
From: Winlin <winlinvip@gmail.com>
Date: Sat, 1 Jul 2023 19:08:21 +0800
Subject: [PATCH] WHIP: Improve WHIP deletion by token verification. v5.0.164,
 v6.0.58 (#3595)

------

Co-authored-by: chundonglinlin <chundonglinlin@163.com>
---
 trunk/doc/CHANGELOG.md                      |  2 ++
 trunk/src/app/srs_app_rtc_api.cpp           | 15 +++++++++++++--
 trunk/src/app/srs_app_rtc_conn.cpp          |  6 ++++++
 trunk/src/app/srs_app_rtc_conn.hpp          |  4 ++++
 trunk/src/app/srs_app_rtc_server.hpp        |  1 +
 trunk/src/core/srs_core_version5.hpp        |  2 +-
 trunk/src/core/srs_core_version6.hpp        |  2 +-
 trunk/src/kernel/srs_kernel_error.hpp       |  3 ++-
 trunk/src/protocol/srs_protocol_raw_avc.cpp |  4 ++--
 9 files changed, 32 insertions(+), 7 deletions(-)

diff --git a/trunk/doc/CHANGELOG.md b/trunk/doc/CHANGELOG.md
index 3758469137..2b611c2341 100644
--- a/trunk/doc/CHANGELOG.md
+++ b/trunk/doc/CHANGELOG.md
@@ -8,6 +8,7 @@ The changelog for SRS.
 
 ## SRS 6.0 Changelog
 
+* v6.0, 2023-07-01, Merge [#3595](https://github.com/ossrs/srs/pull/3595): WHIP: Improve WHIP deletion by token verification. v6.0.58 (#3595)
 * v6.0, 2023-07-01, Merge [#3605](https://github.com/ossrs/srs/pull/3605): BugFix: Resolve the problem of srs_error_t memory leak. v6.0.57 (#3605)
 * v6.0, 2023-06-30, Merge [#3596](https://github.com/ossrs/srs/pull/3596): Improve the usage of "transcode" in the "full.conf" file. v6.0.56 (#3596)
 * v6.0, 2023-06-21, Merge [#3551](https://github.com/ossrs/srs/pull/3551): H264: Fix H.264 ISOM reserved bit value. v6.0.55 (#3551)
@@ -71,6 +72,7 @@ The changelog for SRS.
 
 ## SRS 5.0 Changelog
 
+* v5.0, 2023-07-01, Merge [#3595](https://github.com/ossrs/srs/pull/3595): WHIP: Improve WHIP deletion by token verification. v5.0.164 (#3595)
 * v5.0, 2023-07-01, Merge [#3605](https://github.com/ossrs/srs/pull/3605): BugFix: Resolve the problem of srs_error_t memory leak. v5.0.163 (#3605)
 * v5.0, 2023-06-30, Merge [#3596](https://github.com/ossrs/srs/pull/3596): Improve the usage of "transcode" in the "full.conf" file. v5.0.162 (#3596)
 * v5.0, 2023-06-21, Merge [#3551](https://github.com/ossrs/srs/pull/3551): H264: Fix H.264 ISOM reserved bit value. v5.0.161 (#3551)
diff --git a/trunk/src/app/srs_app_rtc_api.cpp b/trunk/src/app/srs_app_rtc_api.cpp
index f552e10f51..09534e614b 100644
--- a/trunk/src/app/srs_app_rtc_api.cpp
+++ b/trunk/src/app/srs_app_rtc_api.cpp
@@ -241,6 +241,7 @@ srs_error_t SrsGoApiRtcPlay::serve_http(ISrsHttpResponseWriter* w, ISrsHttpMessa
 
     ruc->local_sdp_str_ = local_sdp_str;
     ruc->session_id_ = session->username();
+    ruc->token_ = session->token();
 
     srs_trace("RTC username=%s, dtls=%u, srtp=%u, offer=%dB, answer=%dB", session->username().c_str(),
         ruc->dtls_, ruc->srtp_, ruc->remote_sdp_str_.length(), local_sdp_escaped.length());
@@ -510,6 +511,7 @@ srs_error_t SrsGoApiRtcPublish::serve_http(ISrsHttpResponseWriter* w, ISrsHttpMe
 
     ruc->local_sdp_str_ = local_sdp_str;
     ruc->session_id_ = session->username();
+    ruc->token_ = session->token();
 
     srs_trace("RTC username=%s, offer=%dB, answer=%dB", session->username().c_str(),
         ruc->remote_sdp_str_.length(), local_sdp_escaped.length());
@@ -603,7 +605,16 @@ srs_error_t SrsGoApiRtcWhip::serve_http(ISrsHttpResponseWriter* w, ISrsHttpMessa
     // TODO: FIXME: Stop and cleanup the RTC session.
     if (r->method() == SRS_CONSTS_HTTP_DELETE) {
         string username = r->query_get("session");
+        string token = r->query_get("token");
+        if (token.empty()) {
+            return srs_error_new(ERROR_RTC_INVALID_SESSION, "token empty");
+        }
+
         SrsRtcConnection* session = server_->find_session_by_username(username);
+        if (session && token != session->token()) {
+            return srs_error_new(ERROR_RTC_INVALID_SESSION, "token %s not match", token.c_str());
+        }
+
         if (session) session->expire();
         srs_trace("WHIP: Delete session=%s, p=%p, url=%s", username.c_str(), session, r->url().c_str());
 
@@ -626,8 +637,8 @@ srs_error_t SrsGoApiRtcWhip::serve_http(ISrsHttpResponseWriter* w, ISrsHttpMessa
     // Setup the content type to SDP.
     w->header()->set("Content-Type", "application/sdp");
     // The location for DELETE resource, not required by SRS, but required by WHIP.
-    w->header()->set("Location", srs_fmt("/rtc/v1/whip/?action=delete&app=%s&stream=%s&session=%s",
-        ruc.req_->app.c_str(), ruc.req_->stream.c_str(), ruc.session_id_.c_str()));
+    w->header()->set("Location", srs_fmt("/rtc/v1/whip/?action=delete&token=%s&app=%s&stream=%s&session=%s",
+        ruc.token_.c_str(), ruc.req_->app.c_str(), ruc.req_->stream.c_str(), ruc.session_id_.c_str()));
     w->header()->set_content_length((int64_t)sdp.length());
     // Must be 201, see https://datatracker.ietf.org/doc/draft-ietf-wish-whip/
     w->write_header(201);
diff --git a/trunk/src/app/srs_app_rtc_conn.cpp b/trunk/src/app/srs_app_rtc_conn.cpp
index 790d7e3336..9a8933bfd3 100644
--- a/trunk/src/app/srs_app_rtc_conn.cpp
+++ b/trunk/src/app/srs_app_rtc_conn.cpp
@@ -1884,6 +1884,11 @@ string SrsRtcConnection::username()
     return username_;
 }
 
+string SrsRtcConnection::token()
+{
+    return token_;
+}
+
 ISrsKbpsDelta* SrsRtcConnection::delta()
 {
     return networks_->delta();
@@ -2004,6 +2009,7 @@ srs_error_t SrsRtcConnection::initialize(SrsRequest* r, bool dtls, bool srtp, st
     srs_error_t err = srs_success;
 
     username_ = username;
+    token_ = srs_random_str(9);
     req_ = r->copy();
 
     SrsSessionConfig* cfg = &local_sdp.session_negotiate_;
diff --git a/trunk/src/app/srs_app_rtc_conn.hpp b/trunk/src/app/srs_app_rtc_conn.hpp
index 0ad8573c91..40644f8ae3 100644
--- a/trunk/src/app/srs_app_rtc_conn.hpp
+++ b/trunk/src/app/srs_app_rtc_conn.hpp
@@ -444,6 +444,8 @@ class SrsRtcConnection : public ISrsResource, public ISrsDisposingHandler, publi
 private:
     // The local:remote username, such as m5x0n128:jvOm where local name is m5x0n128.
     std::string username_;
+    // The random token to verify the WHIP DELETE request etc.
+    std::string token_;
     // A group of networks, each has its own DTLS and SRTP context.
     SrsRtcNetworks* networks_;
 private:
@@ -484,6 +486,8 @@ class SrsRtcConnection : public ISrsResource, public ISrsDisposingHandler, publi
     void set_state_as_waiting_stun();
     // Get username pair for this connection, used as ID of session.
     std::string username();
+    // Get the token for verify this session, for example, when delete session by WHIP API.
+    std::string token();
 public:
     virtual ISrsKbpsDelta* delta();
 // Interface ISrsResource.
diff --git a/trunk/src/app/srs_app_rtc_server.hpp b/trunk/src/app/srs_app_rtc_server.hpp
index 0818ffe348..344484f02f 100644
--- a/trunk/src/app/srs_app_rtc_server.hpp
+++ b/trunk/src/app/srs_app_rtc_server.hpp
@@ -62,6 +62,7 @@ class SrsRtcUserConfig
     // Session data.
     std::string local_sdp_str_;
     std::string session_id_;
+    std::string token_;
 
     // Generated data.
     SrsRequest* req_;
diff --git a/trunk/src/core/srs_core_version5.hpp b/trunk/src/core/srs_core_version5.hpp
index 8704aaf3d2..c851b43bda 100644
--- a/trunk/src/core/srs_core_version5.hpp
+++ b/trunk/src/core/srs_core_version5.hpp
@@ -9,6 +9,6 @@
 
 #define VERSION_MAJOR       5
 #define VERSION_MINOR       0
-#define VERSION_REVISION    163
+#define VERSION_REVISION    164
 
 #endif
diff --git a/trunk/src/core/srs_core_version6.hpp b/trunk/src/core/srs_core_version6.hpp
index 70223dd3e7..830c33138f 100644
--- a/trunk/src/core/srs_core_version6.hpp
+++ b/trunk/src/core/srs_core_version6.hpp
@@ -9,6 +9,6 @@
 
 #define VERSION_MAJOR       6
 #define VERSION_MINOR       0
-#define VERSION_REVISION    57
+#define VERSION_REVISION    58
 
 #endif
diff --git a/trunk/src/kernel/srs_kernel_error.hpp b/trunk/src/kernel/srs_kernel_error.hpp
index bda0432516..64091c9834 100644
--- a/trunk/src/kernel/srs_kernel_error.hpp
+++ b/trunk/src/kernel/srs_kernel_error.hpp
@@ -373,7 +373,8 @@
     XX(ERROR_RTC_TCP_SIZE                  , 5032, "RtcTcpSize", "RTC TCP packet size is invalid") \
     XX(ERROR_RTC_TCP_PACKET                , 5033, "RtcTcpStun", "RTC TCP first packet must be STUN") \
     XX(ERROR_RTC_TCP_STUN                  , 5034, "RtcTcpSession", "RTC TCP packet is invalid for session not found") \
-    XX(ERROR_RTC_TCP_UNIQUE                , 5035, "RtcUnique", "RTC only support one UDP or TCP network")
+    XX(ERROR_RTC_TCP_UNIQUE                , 5035, "RtcUnique", "RTC only support one UDP or TCP network") \
+    XX(ERROR_RTC_INVALID_SESSION           , 5036, "RtcInvalidSession", "Invalid request for no RTC session matched")
 
 /**************************************************/
 /* SRT protocol error. */
diff --git a/trunk/src/protocol/srs_protocol_raw_avc.cpp b/trunk/src/protocol/srs_protocol_raw_avc.cpp
index 5f7b00324d..79c7aad7a7 100644
--- a/trunk/src/protocol/srs_protocol_raw_avc.cpp
+++ b/trunk/src/protocol/srs_protocol_raw_avc.cpp
@@ -157,14 +157,14 @@ srs_error_t SrsRawH264Stream::mux_sequence_header(string sps, string pps, string
         stream.write_1bytes(level_idc);
         // lengthSizeMinusOne, or NAL_unit_length, always use 4bytes size,
         // so we always set it to 0x03.
-        stream.write_1bytes(0xfc | 0x03);
+        stream.write_1bytes(uint8_t(0xfc | 0x03));
     }
     
     // sps
     if (true) {
         // 5.3.4.2.1 Syntax, ISO_IEC_14496-15-AVC-format-2012.pdf, page 16
         // numOfSequenceParameterSets, always 1
-        stream.write_1bytes(0xe0 | 0x01);
+        stream.write_1bytes(uint8_t(0xe0 | 0x01));
         // sequenceParameterSetLength
         stream.write_2bytes((int16_t)sps.length());
         // sequenceParameterSetNALUnit