X-Git-Url: https://git.sesse.net/?p=cubemap;a=blobdiff_plain;f=README;h=5c9119e0297bdd1a703dc0061282a7753ad7be5f;hp=083c3873fe3900da034f689f312b2486ed37af38;hb=1d285bcbfd1aa3f7911cfb98a947a37f68154428;hpb=364cb4e07ae1dcb65e8492e8e66494d6c8098b3a diff --git a/README b/README index 083c387..5c9119e 100644 --- a/README +++ b/README @@ -18,12 +18,16 @@ A short list of features: has problems reflecting itself (in particular, FLV). - Multicast support, both for sending and receiving (supports only protocols that can go over UDP, e.g. MPEG-TS). Supports both ASM and SSM. + - TLS output support, through the TLSe library (requires libtomcrypt) + and the Linux kernel's kTLS (Linux 4.13 or newer). There are a few + limitations; see below. - IPv4 support. Yes, Cubemap even supports (some) legacy protocols. HOWTO: - sudo aptitude install libprotobuf-dev protobuf-compiler libsystemd-dev + sudo apt install libprotobuf-dev protobuf-compiler libsystemd-dev libtomcrypt-dev + ./configure make -j4 If you want to use HTTP input (you probably want to), you want VLC 2.2.0 @@ -45,6 +49,21 @@ are OK, and then exec() the new version, which deserializes everything and keeps going. +Notes on TLS support: + +Cubemap supports TLS on output, so that you can play video on TLS +web sites without issues with mixed content. TLS on input streams is +not (yet) supported. + +TLS requires kTLS, ie., Linux >= 4.13 with CONFIG_TLS enabled. Only cipher +suites supported by kTLS is supposed, ie., AES-128-GCM (if no such cipher +suite is available, the connection will be aborted). If the server is restarted +before the key exchange for a connection is completed, that connection will +not survive the restart, unlike all other connections. (This is a TLSe +limitation.) You can have different certificates on different ports (and +have separate ports for TLS and non-TLS), but SNI is not yet supported. + + Munin plugins: To activate these, symlink them into /etc/munin/plugins. If you don't put @@ -63,3 +82,5 @@ Legalese: Copyright 2013 Steinar H. Gunderson . Licensed under the GNU GPL, version 2. See the included COPYING file. + +See tlse/LICENSE for TLSe licensing.