mirrors/gstreamer
mirrors/gstreamer
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2024-11-27 12:11:13 +00:00
Code Issues 1 Projects Releases Wiki Activity

auth: don't auth on methods

Browse source 
Don't authorize on methods anymore but on the resources that we
try to access, this is more flexible.
Move the authorization checks to where they are needed and let the
check return the response on error.
This commit is contained in:
Wim Taymans 2013-07-15 11:56:06 +02:00
parent 692cbc1364
commit 7db2f9f3cf
1 changed files with 24 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
gst/rtsp-server/rtsp-auth.c
View file

@ -95,12 +95,7 @@ gst_rtsp_auth_init (GstRTSPAuth * auth)
(GDestroyNotify) gst_rtsp_token_unref);
/* bitwise or of all methods that need authentication */
priv->methods = GST_RTSP_DESCRIBE |
GST_RTSP_ANNOUNCE |
GST_RTSP_GET_PARAMETER |
GST_RTSP_SET_PARAMETER |
GST_RTSP_PAUSE |
GST_RTSP_PLAY | GST_RTSP_RECORD | GST_RTSP_SETUP | GST_RTSP_TEARDOWN;
priv->methods = 0;
}
static void
@ -303,6 +298,21 @@ no_auth:
}
}
static void
send_response (GstRTSPAuth * auth, GstRTSPStatusCode code,
GstRTSPClientState * state)
{
gst_rtsp_message_init_response (state->response, code,
gst_rtsp_status_as_text (code), state->request);
if (code == GST_RTSP_STS_UNAUTHORIZED) {
/* we only have Basic for now */
gst_rtsp_message_add_header (state->response, GST_RTSP_HDR_WWW_AUTHENTICATE,
"Basic realm=\"GStreamer RTSP Server\"");
}
gst_rtsp_client_send_message (state->client, state->session, state->response);
}
static gboolean
ensure_authenticated (GstRTSPAuth * auth, GstRTSPClientState * state)
{
@ -326,30 +336,17 @@ ensure_authenticated (GstRTSPAuth * auth, GstRTSPClientState * state)
authenticate_failed:
{
GST_DEBUG_OBJECT (auth, "authenticate failed");
send_response (auth, GST_RTSP_STS_UNAUTHORIZED, state);
return FALSE;
}
no_auth:
{
GST_DEBUG_OBJECT (auth, "no authorization token found");
send_response (auth, GST_RTSP_STS_UNAUTHORIZED, state);
return FALSE;
}
}
static void
send_response (GstRTSPAuth * auth, GstRTSPStatusCode code,
GstRTSPClientState * state)
{
gst_rtsp_message_init_response (state->response, code,
gst_rtsp_status_as_text (code), state->request);
if (code == GST_RTSP_STS_UNAUTHORIZED) {
/* we only have Basic for now */
gst_rtsp_message_add_header (state->response, GST_RTSP_HDR_WWW_AUTHENTICATE,
"Basic realm=\"GStreamer RTSP Server\"");
}
gst_rtsp_client_send_message (state->client, state->session, state->response);
}
/* new connection */
static gboolean
check_connect (GstRTSPAuth * auth, GstRTSPClientState * state,
@ -382,7 +379,6 @@ check_url (GstRTSPAuth * auth, GstRTSPClientState * state, const gchar * check)
/* ERRORS */
not_authenticated:
{
send_response (auth, GST_RTSP_STS_UNAUTHORIZED, state);
return FALSE;
}
}
@ -395,6 +391,9 @@ check_factory (GstRTSPAuth * auth, GstRTSPClientState * state,
const gchar *role;
GstRTSPPermissions *perms;
if (!ensure_authenticated (auth, state))
return FALSE;
if (!(role = gst_rtsp_token_get_string (state->token,
GST_RTSP_MEDIA_FACTORY_ROLE)))
goto no_media_role;
@ -443,6 +442,9 @@ static gboolean
check_client_settings (GstRTSPAuth * auth, GstRTSPClientState * state,
const gchar * check)
{
if (!ensure_authenticated (auth, state))
return FALSE;
return gst_rtsp_token_is_allowed (state->token,
GST_RTSP_TRANSPORT_PERM_CLIENT_SETTINGS);
}