๐Ÿšจ Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis โ†’
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@pplink/media-infra-client

Package Overview
Dependencies
Maintainers
14
Versions
101
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@pplink/media-infra-client

- https://github.com/pplink/mediasoup-client - It is a core package for communicating with [media-infra](https://github.com/pplink/media-infra) server using mediasoup. - It is forked from [versatica/mediasoup-client](https://github.com/versatica/mediasoup

latest
Source
npmnpm
Version
0.1.27
Version published
Maintainers
14
Created
Source

@pplink/mediasoup-client

  • https://github.com/pplink/mediasoup-client
  • It is a core package for communicating with media-infra server using mediasoup.
  • It is forked from versatica/mediasoup-client

Structure

MediaInfraClient

  • media-infra-client ์™ธ๋ถ€์—์„œ ์ง์ ‘์ ์œผ๋กœ ์‚ฌ์šฉํ•˜๋„๋ก ์œ ๋„๋œ ๋Œ€ํ‘œ ํด๋ž˜์Šค

MediaDevice

  • mediasoup-client์˜ Device ๋ฅผ ๋ž˜ํ•‘
    • Device: ํ•˜๋‚˜์˜ MR์— ๋Œ€ํ•œ RTP ์—ฐ๊ฒฐ์„ ๋‹ด๋‹น
    • ํ˜„์žฌ๋Š” ํ•œ๊ฐœ์˜ MR๊ณผ๋งŒ ์—ฐ๊ฒฐ๋˜๊ณ  ํ•œ๊ฐœ์˜ Device๋งŒ ์ƒ์„ฑํ•จ.

MediaSignalingService

  • MA์™€์˜ ์†Œ์ผ“ ๋ฉ”์‹œ์ง• ๋‹ด๋‹น

ProduceManager

  • ์†ก์ถœ์ค‘์ธ ํŠธ๋ž™์„ ๊ด€๋ฆฌ
  • ๋„คํŠธ์›Œํฌ๊ฐ€ ๋Š๊ธฐ๋”๋ผ๋„ ๊ธฐ์–ตํ–ˆ๋‹ค๊ฐ€ ๋‹ค์‹œ ์†ก์ถœ
  • Pause, Resume, Close ๋“ฑ ํ•œ๋ฒˆ ์†ก์ถœํ•œ ํŠธ๋ž™์— ๋Œ€ํ•œ ์ž‘์—…๋“ค์„ ํ•˜๋„๋ก ๋…ธ์ถœ๋˜๋Š” ํด๋ž˜์Šค

ConsumeManager

  • ์ˆ˜์‹ ์ค‘์ธ ํŠธ๋ž™์„ ๊ด€๋ฆฌ
  • ๋„คํŠธ์›Œํฌ๊ฐ€ ๋Š๊ธฐ๋Š” ๊ฒฝ์šฐ ํŒŒ๊ดด๋œ ํ›„ ์ƒˆ๋กญ๊ฒŒ ๋งŒ๋“ค์–ด์ง„๋‹ค (๊ธฐ์กด ์ธ์Šคํ„ด์Šค ์‚ฌ์šฉ ๋ถˆ๊ฐ€)
  • Pause, Resume์„ ํ†ตํ•ด ์ผ์‹œ์ •์ง€, ๋‹ค์‹œ ์ˆ˜์‹ ๊ฐ€๋Šฅ

์—ฐ๊ฒฐํ๋ฆ„

MIC ์‚ฌ์šฉ ์‹œ์ž‘ํ•˜๊ธฐ

  • ์œ ์ €๊ฐ€ ๊ณ ๊ฐ์‚ฌ ์„œ๋น„์Šค(ํŽ˜์ด์ง€์ฝœ)์— ์ ‘์†

  • ๊ณ ๊ฐ์‚ฌ ์„œ๋ฒ„์—์„œ MA์— ์ ‘์† ์š”์ฒญ โ†’ MA๋Š” ์ธ์ฆ ํ›„ ํ† ํฐ ๋ฐœ๊ธ‰. ๋ฐœ๊ธ‰๋œ ํ† ํฐ ์ •๋ณด๋Š” Session ํ…Œ์ด๋ธ”์— 3์ผ๋™์•ˆ ์ €์žฅ, ์ดํ›„ ๋งŒ๋ฃŒ๋จ

  • ๊ณ ๊ฐ์‚ฌ ํด๋ผ์ด์–ธํŠธ์—์„œ ์ด ํ† ํฐ์„ ๋„ฃ์–ด MIC ์‚ฌ์šฉ

    // 2. PCA Server
const { url, token } = await fetch("https://media.pplink.io/v1/api/connect");
return {
  statusCode: 200,
  body: { url, token }
};

// 3. PCA Client
const { url, token } = await fetch("https://pagecall.io/connect");
const mic = new MediaInfraClient(url, token);

MIC ์ƒ์„ฑ ์งํ›„ ์ค€๋น„์ž‘์—…

์†Œ์ผ“ ์—ฐ๊ฒฐ

  • ๋ฏธ๋””์–ด๋Š” UDP(RTP)๋กœ ๊ตํ™˜๋˜์ง€๋งŒ, ์–ด๋””๋กœ ์–ด๋–ป๊ฒŒ ๋ณด๋‚ด์•ผ ํ•˜๋Š”์ง€, ๋‹ค๋ฅธ ์–ด๋–ค ๋ฏธ๋””์–ด๋ฅผ ๋ฐ›์•„์•ผ ํ•˜๋Š”์ง€์— ๋Œ€ํ•œ ์ •๋ณด๋Š” ์ง์ ‘ ๊ตฌํ˜„ํ•œ ์‹œ๊ทธ๋„๋ง์œผ๋กœ ๊ตํ™˜ ํ•ด์ฃผ์–ด์•ผ ํ•œ๋‹ค. (์—ฌ๊ธฐ์„œ๋Š” WebSocket ์ด์šฉ)
    • RTP Capabilities ๊ตํ™˜ํ•˜๊ณ  ๊ฒฐ์ •๋œ ๋‚ด์šฉ์„ ๋ฐ”ํƒ•์œผ๋กœ transport ์ƒ์„ฑ
    • MR์ด ํด๋ผ์ด์–ธํŠธ๋ผ๋ฆฌ ์„œ๋กœ produce, consumeํ•  ์ˆ˜ ์žˆ๋Š”์ง€ ์กฐ์œจ โ†’ ๊ฑฐ์˜ ๋ฐœ์ƒํ•˜์ง€ ์•Š์œผ๋‚˜ browser์—์„œ ์ง€์›ํ•˜๋Š” ์ฝ”๋ฑ์˜ ์ข…๋ฅ˜์— ๋”ฐ๋ผ ์‹คํŒจํ•  ์ˆ˜ ์žˆ์Œ
  • MA๊ฐ€ MR๊ณผ ํด๋ผ์ด์–ธํŠธ ์‚ฌ์ด์˜ ํ•„์š”ํ•œ ์ •๋ณด ๊ตํ™˜์„ ์ค‘๊ฐœํ•ด์ค€๋‹ค.
  • MIC๊ฐ€ ์ƒ์„ฑ๋˜์ž๋งˆ์ž ๋„ฃ์–ด์ค€ URL, Token์œผ๋กœ ์†Œ์ผ“์—ฐ๊ฒฐ ์š”์ฒญ์„ ๋ณด๋ƒ„
  • MA๋Š” ํ† ํฐ์„ ํ™•์ธํ•ด ํ—ˆ๊ฐ€๋œ ์œ ์ €์ผ ๊ฒฝ์šฐ ์—ฐ๊ฒฐ์„ ๋งบ๊ณ , ๊ทธ๋ ‡์ง€ ์•Š์œผ๋ฉด ๋Š์–ด๋ฒ„๋ฆผ

RTP Capabilities ๊ตํ™˜

  • RTP capabilities
    • ์ฝ”๋ฑ, RTP Header Extension
      • ์„œ๋ฒ„ ๋˜๋Š” ํด๋ผ์ด์–ธํŠธ๊ฐ€ ๋ฐ›์„ ์ˆ˜ ์žˆ๋Š” ์ฝ”๋ฑ, extension์ด ๋ฌด์—‡์ธ์ง€ ๋ช…์„ธ๋œ ์ •๋ณด์ด๋‹ค.
  • RTP parameters
    • ์ฝ”๋ฑ, RTP Header Extension, ์ธ์ฝ”๋”ฉ, RTCP
      • ๋ณด๋‚ด๋Š” ๋ฏธ๋””์–ด์˜ ์ฝ”๋ฑ๊ณผ extension๋“ฑ์ด ์–ด๋–ป๊ฒŒ ์„ค์ •๋˜์–ด ์žˆ๋Š”์ง€์— ๋Œ€ํ•œ ์ •๋ณด์ด๋‹ค.
    • RTP send parameters: Producer๊ฐ€ ์„œ๋ฒ„์— ๋ณด๋‚ด๋Š” ๋‚ด์šฉ
    • RTP receive parameters: Consumer๊ฐ€ ์„œ๋ฒ„์—๊ฒŒ ๋ฐ›๋Š” ๋‚ด์šฉ
  • ๋ณด๋‚ด๋Š” ์‚ฌ๋žŒ์€ ๋ฐ›๋Š” ์‚ฌ๋žŒ์˜ RTP capabilities๋ฅผ ์•Œ์•„์•ผ ๋ญ˜ ๋ณด๋‚ด์ค„ ์ง€ ์ •ํ•  ์ˆ˜ ์žˆ์Œ
    • MIC๋Š” MR์˜ RTP cap์„ ์•Œ์•„์•ผ ์–ด๋–ป๊ฒŒ ์ „์†กํ•ด์•ผ ํ•˜๋Š”์ง€ ๊ฒฐ์ •ํ•  ์ˆ˜ ์žˆ์Œ
    • MR์€ MIC์˜ RTP cap์„ ์•Œ์•„์•ผ ์–ด๋–ป๊ฒŒ ์ „์†กํ•ด์•ผ ํ•˜๋Š”์ง€ ๊ฒฐ์ •ํ•  ์ˆ˜ ์žˆ์Œ
  • RTP capabilties์˜ ๊ตํ™˜์ด ํ•„์š”ํ•˜๋‹ค โ†’ ์—ฐ๊ฒฐ์ด ๋˜์ž๋งˆ์ž MR์€ ์ž์‹ ์˜ RTP capabilities๋ฅผ ์•Œ๋ ค์ฃผ๋ฉด์„œ MIC์—๊ฒŒ๋„ ์•Œ๋ ค๋‹ฌ๋ผ๊ณ  ์š”์ฒญํ•จ

Produce and Consume

Produce

  • ๋ฏธ๋””์–ด๋ฅผ ๋ณด๋‚ด๋Š” ํ–‰์œ„๋ฅผ Produce๋ผ๊ณ  ํ•จ
  • MIC.produceTrack ์„ ํ˜ธ์ถœํ•ด ํŠธ๋ž™ ์†ก์ถœ์„ ์‹œ์ž‘

Consume

  • ๋ฏธ๋””์–ด๋ฅผ ๋ฐ›๋Š” ํ–‰์œ„๋ฅผ Consume์ด๋ผ๊ณ  ํ•จ
  • ๋ฐ›์„ ์ค€๋น„๊ฐ€ ๋˜์—ˆ๋‹ค๋Š” ๋ฉ”์‹œ์ง€๋ฅผ ๋ณด๋‚ด์•ผ Consume์ด ์‹œ์ž‘๋œ๋‹ค. MIC.listenTrack
  • MIC.listenTrack ํ•จ์ˆ˜์— ์ฝœ๋ฐฑํ•จ์ˆ˜๋ฅผ ๋„ฃ์–ด ์ดํ›„ ์ƒ์„ฑ๋˜๋Š” ConsumeManager๋ฅผ subscribe ํ•  ์ˆ˜ ์žˆ์Œ.

Record

  • produceTrack์„ ํ†ตํ•ด ์ƒ์„ฑ๋œ ProduceManager์—์„œ startRecord, stopRecord๋ฅผ ํ†ตํ•ด ๋…นํ™” ์‹œ์ž‘, ์ค‘๋‹จ ๊ฐ€๋Šฅ.

FAQs

Package last updated on 20 Apr 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

npm Sees Surge of Auto-Generated โ€œelf-statsโ€ Packages Published Every Two Minutes

Research

/

Security News

npm Sees Surge of Auto-Generated โ€œelf-statsโ€ Packages Published Every Two Minutes

We spotted a wave of auto-generated โ€œelf-*โ€ npm packages published every two minutes from new accounts, with simple malware variants and early takedowns underway.

By Olivia Brownย  - ย Dec 03, 2025