Message ID | 20190321235841.14932-1-junli1026@gmail.com |
---|---|
State | Accepted |
Commit | c3b517dac2bbd3007c5ac8fc61efe87661dda5c0 |
Headers | show |
On Thu, Mar 21, 2019 at 4:58 PM Jun Li <junli1026@gmail.com> wrote: > Add https based tunneling for RTSP/RTP. Tested on Axis and Bosch cameras. > Https is widely used for security consideration. > --- > libavformat/rtsp.c | 8 ++++++-- > libavformat/rtsp.h | 1 + > 2 files changed, 7 insertions(+), 2 deletions(-) > > diff --git a/libavformat/rtsp.c b/libavformat/rtsp.c > index ae8811234a..4661654967 100644 > --- a/libavformat/rtsp.c > +++ b/libavformat/rtsp.c > @@ -87,6 +87,7 @@ const AVOption ff_rtsp_options[] = { > { "tcp", "TCP", 0, AV_OPT_TYPE_CONST, {.i64 = 1 << > RTSP_LOWER_TRANSPORT_TCP}, 0, 0, DEC|ENC, "rtsp_transport" }, \ > { "udp_multicast", "UDP multicast", 0, AV_OPT_TYPE_CONST, {.i64 = 1 > << RTSP_LOWER_TRANSPORT_UDP_MULTICAST}, 0, 0, DEC, "rtsp_transport" }, > { "http", "HTTP tunneling", 0, AV_OPT_TYPE_CONST, {.i64 = (1 << > RTSP_LOWER_TRANSPORT_HTTP)}, 0, 0, DEC, "rtsp_transport" }, > + { "https", "HTTPS tunneling", 0, AV_OPT_TYPE_CONST, {.i64 = (1 << > RTSP_LOWER_TRANSPORT_HTTPS )}, 0, 0, DEC, "rtsp_transport" }, > RTSP_FLAG_OPTS("rtsp_flags", "set RTSP flags"), > { "listen", "wait for incoming connections", 0, AV_OPT_TYPE_CONST, > {.i64 = RTSP_FLAG_LISTEN}, 0, 0, DEC, "rtsp_flags" }, > { "prefer_tcp", "try RTP via TCP first, if available", 0, > AV_OPT_TYPE_CONST, {.i64 = RTSP_FLAG_PREFER_TCP}, 0, 0, DEC|ENC, > "rtsp_flags" }, > @@ -1669,6 +1670,7 @@ int ff_rtsp_connect(AVFormatContext *s) > RTSPMessageHeader reply1, *reply = &reply1; > int lower_transport_mask = 0; > int default_port = RTSP_DEFAULT_PORT; > + int https_tunnel = 0; > char real_challenge[64] = ""; > struct sockaddr_storage peer; > socklen_t peer_len = sizeof(peer); > @@ -1687,7 +1689,9 @@ int ff_rtsp_connect(AVFormatContext *s) > s->max_delay = s->iformat ? DEFAULT_REORDERING_DELAY : 0; > > rt->control_transport = RTSP_MODE_PLAIN; > - if (rt->lower_transport_mask & (1 << RTSP_LOWER_TRANSPORT_HTTP)) { > + if (rt->lower_transport_mask & ((1 << RTSP_LOWER_TRANSPORT_HTTP) | > + (1 << RTSP_LOWER_TRANSPORT_HTTPS))) { > + https_tunnel = !!(rt->lower_transport_mask & (1 << > RTSP_LOWER_TRANSPORT_HTTPS)); > rt->lower_transport_mask = 1 << RTSP_LOWER_TRANSPORT_TCP; > rt->control_transport = RTSP_MODE_TUNNEL; > } > @@ -1741,7 +1745,7 @@ redirect: > char sessioncookie[17]; > char headers[1024]; > > - ff_url_join(httpname, sizeof(httpname), "http", auth, host, port, > "%s", path); > + ff_url_join(httpname, sizeof(httpname), https_tunnel ? "https" : > "http", auth, host, port, "%s", path); > snprintf(sessioncookie, sizeof(sessioncookie), "%08x%08x", > av_get_random_seed(), av_get_random_seed()); > > diff --git a/libavformat/rtsp.h b/libavformat/rtsp.h > index 9a7f366b39..b49278fc20 100644 > --- a/libavformat/rtsp.h > +++ b/libavformat/rtsp.h > @@ -42,6 +42,7 @@ enum RTSPLowerTransport { > RTSP_LOWER_TRANSPORT_HTTP = 8, /**< HTTP tunneled - not a > proper > transport mode as such, > only for use via > AVOptions */ > + RTSP_LOWER_TRANSPORT_HTTPS, /**< HTTPS tunneled */ > RTSP_LOWER_TRANSPORT_CUSTOM = 16, /**< Custom IO - not a public > option for > lower_transport_mask, > but set in the SDP > demuxer based > -- > 2.17.1 > Ping.
2019-03-22 0:58 GMT+01:00, Jun Li <junli1026@gmail.com>: > Add https based tunneling for RTSP/RTP. Tested on Axis and Bosch cameras. > Https is widely used for security consideration. Patch applied. Thank you, Carl Eugen
diff --git a/libavformat/rtsp.c b/libavformat/rtsp.c index ae8811234a..4661654967 100644 --- a/libavformat/rtsp.c +++ b/libavformat/rtsp.c @@ -87,6 +87,7 @@ const AVOption ff_rtsp_options[] = { { "tcp", "TCP", 0, AV_OPT_TYPE_CONST, {.i64 = 1 << RTSP_LOWER_TRANSPORT_TCP}, 0, 0, DEC|ENC, "rtsp_transport" }, \ { "udp_multicast", "UDP multicast", 0, AV_OPT_TYPE_CONST, {.i64 = 1 << RTSP_LOWER_TRANSPORT_UDP_MULTICAST}, 0, 0, DEC, "rtsp_transport" }, { "http", "HTTP tunneling", 0, AV_OPT_TYPE_CONST, {.i64 = (1 << RTSP_LOWER_TRANSPORT_HTTP)}, 0, 0, DEC, "rtsp_transport" }, + { "https", "HTTPS tunneling", 0, AV_OPT_TYPE_CONST, {.i64 = (1 << RTSP_LOWER_TRANSPORT_HTTPS )}, 0, 0, DEC, "rtsp_transport" }, RTSP_FLAG_OPTS("rtsp_flags", "set RTSP flags"), { "listen", "wait for incoming connections", 0, AV_OPT_TYPE_CONST, {.i64 = RTSP_FLAG_LISTEN}, 0, 0, DEC, "rtsp_flags" }, { "prefer_tcp", "try RTP via TCP first, if available", 0, AV_OPT_TYPE_CONST, {.i64 = RTSP_FLAG_PREFER_TCP}, 0, 0, DEC|ENC, "rtsp_flags" }, @@ -1669,6 +1670,7 @@ int ff_rtsp_connect(AVFormatContext *s) RTSPMessageHeader reply1, *reply = &reply1; int lower_transport_mask = 0; int default_port = RTSP_DEFAULT_PORT; + int https_tunnel = 0; char real_challenge[64] = ""; struct sockaddr_storage peer; socklen_t peer_len = sizeof(peer); @@ -1687,7 +1689,9 @@ int ff_rtsp_connect(AVFormatContext *s) s->max_delay = s->iformat ? DEFAULT_REORDERING_DELAY : 0; rt->control_transport = RTSP_MODE_PLAIN; - if (rt->lower_transport_mask & (1 << RTSP_LOWER_TRANSPORT_HTTP)) { + if (rt->lower_transport_mask & ((1 << RTSP_LOWER_TRANSPORT_HTTP) | + (1 << RTSP_LOWER_TRANSPORT_HTTPS))) { + https_tunnel = !!(rt->lower_transport_mask & (1 << RTSP_LOWER_TRANSPORT_HTTPS)); rt->lower_transport_mask = 1 << RTSP_LOWER_TRANSPORT_TCP; rt->control_transport = RTSP_MODE_TUNNEL; } @@ -1741,7 +1745,7 @@ redirect: char sessioncookie[17]; char headers[1024]; - ff_url_join(httpname, sizeof(httpname), "http", auth, host, port, "%s", path); + ff_url_join(httpname, sizeof(httpname), https_tunnel ? "https" : "http", auth, host, port, "%s", path); snprintf(sessioncookie, sizeof(sessioncookie), "%08x%08x", av_get_random_seed(), av_get_random_seed()); diff --git a/libavformat/rtsp.h b/libavformat/rtsp.h index 9a7f366b39..b49278fc20 100644 --- a/libavformat/rtsp.h +++ b/libavformat/rtsp.h @@ -42,6 +42,7 @@ enum RTSPLowerTransport { RTSP_LOWER_TRANSPORT_HTTP = 8, /**< HTTP tunneled - not a proper transport mode as such, only for use via AVOptions */ + RTSP_LOWER_TRANSPORT_HTTPS, /**< HTTPS tunneled */ RTSP_LOWER_TRANSPORT_CUSTOM = 16, /**< Custom IO - not a public option for lower_transport_mask, but set in the SDP demuxer based