diff --git a/gst/rtsp/gstrtspsrc.c b/gst/rtsp/gstrtspsrc.c index ea225b583f..6067063b21 100644 --- a/gst/rtsp/gstrtspsrc.c +++ b/gst/rtsp/gstrtspsrc.c @@ -188,8 +188,9 @@ gst_rtsp_src_buffer_mode_get_type (void) #define DEFAULT_UDP_RECONNECT TRUE #define DEFAULT_MULTICAST_IFACE NULL #define DEFAULT_NTP_SYNC FALSE -#define DEFAULT_USE_PIPELINE_CLOCK FALSE -#define DEFAULT_TLS_VALIDATION_FLAGS G_TLS_CERTIFICATE_VALIDATE_ALL +#define DEFAULT_USE_PIPELINE_CLOCK FALSE +#define DEFAULT_TLS_VALIDATION_FLAGS G_TLS_CERTIFICATE_VALIDATE_ALL +#define DEFAULT_TLS_DATABASE NULL enum { @@ -223,6 +224,7 @@ enum PROP_USE_PIPELINE_CLOCK, PROP_SDES, PROP_TLS_VALIDATION_FLAGS, + PROP_TLS_DATABASE, PROP_LAST }; @@ -585,6 +587,19 @@ gst_rtspsrc_class_init (GstRTSPSrcClass * klass) G_TYPE_TLS_CERTIFICATE_FLAGS, DEFAULT_TLS_VALIDATION_FLAGS, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS)); + /** + * GstRTSPSrc::tls-database: + * + * TLS database with anchor certificate authorities used to validate + * the server certificate. + * + * Since: 1.4 + */ + g_object_class_install_property (gobject_class, PROP_TLS_DATABASE, + g_param_spec_object ("tls-database", "TLS database", + "TLS database with anchor certificate authorities used to validate the server certificate", + G_TYPE_TLS_DATABASE, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS)); + /** * GstRTSPSrc::handle-request: * @rtspsrc: a #GstRTSPSrc @@ -712,6 +727,7 @@ gst_rtspsrc_init (GstRTSPSrc * src) src->use_pipeline_clock = DEFAULT_USE_PIPELINE_CLOCK; src->sdes = NULL; src->tls_validation_flags = DEFAULT_TLS_VALIDATION_FLAGS; + src->tls_database = DEFAULT_TLS_DATABASE; /* get a list of all extensions */ src->extensions = gst_rtsp_ext_list_get (); @@ -757,6 +773,9 @@ gst_rtspsrc_finalize (GObject * object) if (rtspsrc->sdes) gst_structure_free (rtspsrc->sdes); + if (rtspsrc->tls_database) + g_object_unref (rtspsrc->tls_database); + /* free locks */ g_rec_mutex_clear (&rtspsrc->stream_rec_lock); g_rec_mutex_clear (&rtspsrc->state_rec_lock); @@ -969,6 +988,10 @@ gst_rtspsrc_set_property (GObject * object, guint prop_id, const GValue * value, case PROP_TLS_VALIDATION_FLAGS: rtspsrc->tls_validation_flags = g_value_get_flags (value); break; + case PROP_TLS_DATABASE: + g_clear_object (&rtspsrc->tls_database); + rtspsrc->tls_database = g_value_dup_object (value); + break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); break; @@ -1097,6 +1120,9 @@ gst_rtspsrc_get_property (GObject * object, guint prop_id, GValue * value, case PROP_TLS_VALIDATION_FLAGS: g_value_set_flags (value, rtspsrc->tls_validation_flags); break; + case PROP_TLS_DATABASE: + g_value_set_object (value, rtspsrc->tls_database); + break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); break; @@ -3713,6 +3739,10 @@ gst_rtsp_conninfo_connect (GstRTSPSrc * src, GstRTSPConnInfo * info, if (!gst_rtsp_connection_set_tls_validation_flags (info->connection, src->tls_validation_flags)) GST_WARNING_OBJECT (src, "Unable to set TLS validation flags"); + + if (src->tls_database) + gst_rtsp_connection_set_tls_database (info->connection, + src->tls_database); } if (info->url->transports & GST_RTSP_LOWER_TRANS_HTTP) diff --git a/gst/rtsp/gstrtspsrc.h b/gst/rtsp/gstrtspsrc.h index 21b561b35d..004d4c2296 100644 --- a/gst/rtsp/gstrtspsrc.h +++ b/gst/rtsp/gstrtspsrc.h @@ -228,6 +228,7 @@ struct _GstRTSPSrc { gboolean use_pipeline_clock; GstStructure *sdes; GTlsCertificateFlags tls_validation_flags; + GTlsDatabase *tls_database; /* state */ GstRTSPState state;