Marvin Scholz:
> From: Daniel N Pettersson <danie...@axis.com>
>
> Add TLS options to RTSP for when TLS is used for the lower protocol.
>
> Signed-off-by: Marvin Scholz <epira...@gmail.com>
> Co-authored-by: Marvin Scholz <epira...@gmail.com>
> ---
> libavformat/rtsp.c | 26 +++++++++++++++++++++++++-
> libavformat/rtsp.h | 11 +++++++++++
> 2 files changed, 36 insertions(+), 1 deletion(-)
>
> diff --git a/libavformat/rtsp.c b/libavformat/rtsp.c
> index 3f2966414f..8d360b375f 100644
> --- a/libavformat/rtsp.c
> +++ b/libavformat/rtsp.c>
> +/**
> + * Add the TLS options of the given RTSPState to the dict
> + */
> +static void copy_tls_opts_dict(RTSPState *rt, AVDictionary **dict)
> +{
> + av_dict_set_int(dict, "tls_verify", rt->tls_opts.verify, 0);
> + av_dict_set(dict, "ca_file", rt->tls_opts.ca_file, 0);
> + av_dict_set(dict, "cert_file", rt->tls_opts.cert_file, 0);
> + av_dict_set(dict, "key_file", rt->tls_opts.key_file, 0);
> + av_dict_set(dict, "verifyhost", rt->tls_opts.host, 0);
> +}
Should this not be checked?
> +
> static void get_word_until_chars(char *buf, int buf_size,
> const char *sep, const char **pp)
> {
> @@ -1821,6 +1837,8 @@ redirect:
> AVDictionary *options = NULL;
>
> av_dict_set_int(&options, "timeout", rt->stimeout, 0);
> + if (https_tunnel)
> + copy_tls_opts_dict(rt, &options);
>
> ff_url_join(httpname, sizeof(httpname), https_tunnel ? "https" :
> "http", auth, host, port, "%s", path);
> snprintf(sessioncookie, sizeof(sessioncookie), "%08x%08x",
> @@ -1905,14 +1923,20 @@ redirect:
> } else {
> int ret;
> /* open the tcp connection */
> + AVDictionary *proto_opts = NULL;
> + if (strcmp("tls", lower_rtsp_proto) == 0)
> + copy_tls_opts_dict(rt, &proto_opts);
> +
> ff_url_join(tcpname, sizeof(tcpname), lower_rtsp_proto, NULL,
> host, port,
> "?timeout=%"PRId64, rt->stimeout);
> if ((ret = ffurl_open_whitelist(&rt->rtsp_hd, tcpname,
> AVIO_FLAG_READ_WRITE,
> - &s->interrupt_callback, NULL, s->protocol_whitelist,
> s->protocol_blacklist, NULL)) < 0) {
> + &s->interrupt_callback, &proto_opts,
> s->protocol_whitelist, s->protocol_blacklist, NULL)) < 0) {
> + av_dict_free(&proto_opts);
> err = ret;
> goto fail;
> }
> + av_dict_free(&proto_opts);
> rt->rtsp_hd_out = rt->rtsp_hd;
> }
> rt->seq = 0;
> diff --git a/libavformat/rtsp.h b/libavformat/rtsp.h
> index 83b2e3f4fb..ca278acd43 100644
> --- a/libavformat/rtsp.h
> +++ b/libavformat/rtsp.h
> @@ -419,6 +419,17 @@ typedef struct RTSPState {
> int buffer_size;
> int pkt_size;
> char *localaddr;
> +
> + /**
> + * Options used for TLS based RTSP streams.
> + */
> + struct {
> + char *ca_file;
> + int verify;
> + char *cert_file;
> + char *key_file;
> + char *host;
> + } tls_opts;
> } RTSPState;
>
> #define RTSP_FLAG_FILTER_SRC 0x1 /**< Filter incoming UDP packets -
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
