mirrors/gstreamer
mirrors/gstreamer
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2025-01-11 01:45:33 +00:00
Code Issues 1 Projects Releases Wiki Activity

rtspconnection: Allow setting a custom accept-certificate function for manually checking a TLS certificate for validity

Browse source 
https://bugzilla.gnome.org/show_bug.cgi?id=785024
This commit is contained in:
Sebastian Dröge 2017-07-17 17:07:26 +03:00
parent f1c44332d5
commit 9c2d5e863e
3 changed files with 55 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
gst-libs/gst/rtsp/gstrtspconnection.c
View file

@ -161,6 +161,10 @@ struct _GstRTSPConnection
GTlsDatabase *tls_database;
GTlsInteraction *tls_interaction;
GstRTSPConnectionAcceptCertificateFunc accept_certificate_func;
GDestroyNotify accept_certificate_destroy_notify;
gpointer accept_certificate_user_data;
DecodeCtx ctx;
DecodeCtx *ctxp;
@ -244,6 +248,14 @@ tls_accept_certificate (GTlsConnection * conn, GTlsCertificate * peer_cert,
GST_DEBUG ("Peer certificate not accepted (errors: 0x%08X)", errors);
}
if (!accept && rtspconn->accept_certificate_func) {
accept =
rtspconn->accept_certificate_func (conn, peer_cert, errors,
rtspconn->accept_certificate_user_data);
GST_DEBUG ("Peer certificate %saccepted by accept-certificate function",
accept ? "" : "not ");
}
return accept;
/* ERRORS */
@ -687,6 +699,35 @@ gst_rtsp_connection_get_tls_interaction (GstRTSPConnection * conn)
return result;
}
/**
* gst_rtsp_connection_set_accept_certificate_func:
* @conn: a #GstRTSPConnection
* @func: a #GstRTSPConnectionAcceptCertificateFunc to check certificates
* @destroy_notify: #GDestroyNotify for @user_data
* @user_data: User data passed to @func
*
* Sets a custom accept-certificate function for checking certificates for
* validity. This will directly map to #GTlsConnection 's "accept-certificate"
* signal and be performed after the default checks of #GstRTSPConnection
* (checking against the #GTlsDatabase with the given #GTlsCertificateFlags)
* have failed. If no #GTlsDatabase is set on this connection, only @func will
* be called.
*
* Since: 1.14
*/
void
gst_rtsp_connection_set_accept_certificate_func (GstRTSPConnection * conn,
GstRTSPConnectionAcceptCertificateFunc func,
gpointer user_data, GDestroyNotify destroy_notify)
{
if (conn->accept_certificate_destroy_notify)
conn->
accept_certificate_destroy_notify (conn->accept_certificate_user_data);
conn->accept_certificate_func = func;
conn->accept_certificate_user_data = user_data;
conn->accept_certificate_destroy_notify = destroy_notify;
}
static GstRTSPResult
setup_tunneling (GstRTSPConnection * conn, GTimeVal * timeout, gchar * uri,
GstRTSPMessage * response)
@ -2380,6 +2421,9 @@ gst_rtsp_connection_free (GstRTSPConnection * conn)
g_object_unref (conn->tls_database);
if (conn->tls_interaction)
g_object_unref (conn->tls_interaction);
if (conn->accept_certificate_destroy_notify)
conn->
accept_certificate_destroy_notify (conn->accept_certificate_user_data);
g_timer_destroy (conn->timer);
gst_rtsp_url_free (conn->url);

10
gst-libs/gst/rtsp/gstrtspconnection.h
View file

@ -110,6 +110,16 @@ void gst_rtsp_connection_set_tls_interaction (GstRTSPConnection
GST_EXPORT
GTlsInteraction * gst_rtsp_connection_get_tls_interaction (GstRTSPConnection * conn);
typedef gboolean (*GstRTSPConnectionAcceptCertificateFunc) (GTlsConnection *conn,
GTlsCertificate *peer_cert,
GTlsCertificateFlags errors,
gpointer user_data);
GST_EXPORT
void gst_rtsp_connection_set_accept_certificate_func (GstRTSPConnection * conn,
GstRTSPConnectionAcceptCertificateFunc func,
gpointer user_data,
GDestroyNotify destroy_notify);
/* sending/receiving raw bytes */
GST_EXPORT

1
win32/common/libgstrtsp.def
View file

@ -32,6 +32,7 @@ EXPORTS
gst_rtsp_connection_receive
gst_rtsp_connection_reset_timeout
gst_rtsp_connection_send
gst_rtsp_connection_set_accept_certificate_func
gst_rtsp_connection_set_auth
gst_rtsp_connection_set_auth_param
gst_rtsp_connection_set_http_mode