ffmpeg_5,ffmpeg_5-full: cherry-pick IPFS default gateway removal
ffmpeg 5.1 introduced ipfs:// and ipns:// streaming support as part of libavformat. This new implementation falls back to fetching from an untrusted 3rd party internet service in the (likely) case where a user doesn't have a local IPFS gateway running on their computer. This puts an unaudited 3rd party provider in a position where they can log and alter any IPFS content being streamed by the ffmpeg library. No user consent is collected at any point by the library. ffmpeg developers are currently discussing [1] how to better implement this feature. In the meantime, cherry-pick the proposed patch to disable the default gateway until a better alternative is released. [1] https://ffmpeg.org/pipermail/ffmpeg-devel/2022-August/299924.html
This commit is contained in:
parent
a253a7da71
commit
ece53aed8b
2 changed files with 43 additions and 0 deletions
|
@ -9,4 +9,10 @@ callPackage ./generic.nix (rec {
|
|||
branch = version;
|
||||
sha256 = "sha256-MrVvsBzpDUUpWK4l6RyVZKv0ntVFPBJ77CPGPlMKqPo=";
|
||||
darwinFrameworks = [ Cocoa CoreMedia VideoToolbox ];
|
||||
|
||||
# Newly introduced IPFS support in ffmpeg 5.1 relies on untrusted third
|
||||
# party services, leading to consent and privacy issues. See upstream
|
||||
# discussion for more information:
|
||||
# https://ffmpeg.org/pipermail/ffmpeg-devel/2022-August/299924.html
|
||||
patches = [ ./ipfs-remove-default-gateway.patch ];
|
||||
} // args)
|
||||
|
|
|
@ -0,0 +1,37 @@
|
|||
A gateway can see everything, and we should not be shipping a hardcoded
|
||||
default from a third party company; it's a security risk.
|
||||
|
||||
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
|
||||
---
|
||||
libavformat/ipfsgateway.c | 11 ++++-------
|
||||
1 file changed, 4 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/libavformat/ipfsgateway.c b/libavformat/ipfsgateway.c
|
||||
index 5a5178c563..907b61b017 100644
|
||||
--- a/libavformat/ipfsgateway.c
|
||||
+++ b/libavformat/ipfsgateway.c
|
||||
@@ -240,13 +240,8 @@ static int translate_ipfs_to_http(URLContext *h, const char *uri, int flags, AVD
|
||||
ret = populate_ipfs_gateway(h);
|
||||
|
||||
if (ret < 1) {
|
||||
- // We fallback on dweb.link (managed by Protocol Labs).
|
||||
- snprintf(c->gateway_buffer, sizeof(c->gateway_buffer), "https://dweb.link");
|
||||
-
|
||||
- av_log(h, AV_LOG_WARNING,
|
||||
- "IPFS does not appear to be running. "
|
||||
- "You’re now using the public gateway at dweb.link.\n");
|
||||
- av_log(h, AV_LOG_INFO,
|
||||
+ av_log(h, AV_LOG_ERROR,
|
||||
+ "IPFS does not appear to be running.\n\n"
|
||||
"Installing IPFS locally is recommended to "
|
||||
"improve performance and reliability, "
|
||||
"and not share all your activity with a single IPFS gateway.\n"
|
||||
@@ -259,6 +254,8 @@ static int translate_ipfs_to_http(URLContext *h, const char *uri, int flags, AVD
|
||||
"3. Define an $IPFS_PATH environment variable "
|
||||
"and point it to the IPFS data path "
|
||||
"- this is typically ~/.ipfs\n");
|
||||
+ ret = AVERROR(EINVAL);
|
||||
+ goto err;
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in a new issue