diff --git a/gst-libs/gst/rtsp/gstrtspconnection.c b/gst-libs/gst/rtsp/gstrtspconnection.c index 1ac9ea3e18..9e68a29e5d 100644 --- a/gst-libs/gst/rtsp/gstrtspconnection.c +++ b/gst-libs/gst/rtsp/gstrtspconnection.c @@ -161,6 +161,10 @@ struct _GstRTSPConnection GTlsDatabase *tls_database; GTlsInteraction *tls_interaction; + GstRTSPConnectionAcceptCertificateFunc accept_certificate_func; + GDestroyNotify accept_certificate_destroy_notify; + gpointer accept_certificate_user_data; + DecodeCtx ctx; DecodeCtx *ctxp; @@ -244,6 +248,14 @@ tls_accept_certificate (GTlsConnection * conn, GTlsCertificate * peer_cert, GST_DEBUG ("Peer certificate not accepted (errors: 0x%08X)", errors); } + if (!accept && rtspconn->accept_certificate_func) { + accept = + rtspconn->accept_certificate_func (conn, peer_cert, errors, + rtspconn->accept_certificate_user_data); + GST_DEBUG ("Peer certificate %saccepted by accept-certificate function", + accept ? "" : "not "); + } + return accept; /* ERRORS */ @@ -687,6 +699,35 @@ gst_rtsp_connection_get_tls_interaction (GstRTSPConnection * conn) return result; } +/** + * gst_rtsp_connection_set_accept_certificate_func: + * @conn: a #GstRTSPConnection + * @func: a #GstRTSPConnectionAcceptCertificateFunc to check certificates + * @destroy_notify: #GDestroyNotify for @user_data + * @user_data: User data passed to @func + * + * Sets a custom accept-certificate function for checking certificates for + * validity. This will directly map to #GTlsConnection 's "accept-certificate" + * signal and be performed after the default checks of #GstRTSPConnection + * (checking against the #GTlsDatabase with the given #GTlsCertificateFlags) + * have failed. If no #GTlsDatabase is set on this connection, only @func will + * be called. + * + * Since: 1.14 + */ +void +gst_rtsp_connection_set_accept_certificate_func (GstRTSPConnection * conn, + GstRTSPConnectionAcceptCertificateFunc func, + gpointer user_data, GDestroyNotify destroy_notify) +{ + if (conn->accept_certificate_destroy_notify) + conn-> + accept_certificate_destroy_notify (conn->accept_certificate_user_data); + conn->accept_certificate_func = func; + conn->accept_certificate_user_data = user_data; + conn->accept_certificate_destroy_notify = destroy_notify; +} + static GstRTSPResult setup_tunneling (GstRTSPConnection * conn, GTimeVal * timeout, gchar * uri, GstRTSPMessage * response) @@ -2380,6 +2421,9 @@ gst_rtsp_connection_free (GstRTSPConnection * conn) g_object_unref (conn->tls_database); if (conn->tls_interaction) g_object_unref (conn->tls_interaction); + if (conn->accept_certificate_destroy_notify) + conn-> + accept_certificate_destroy_notify (conn->accept_certificate_user_data); g_timer_destroy (conn->timer); gst_rtsp_url_free (conn->url); diff --git a/gst-libs/gst/rtsp/gstrtspconnection.h b/gst-libs/gst/rtsp/gstrtspconnection.h index 11e0ac88b2..3d9797d654 100644 --- a/gst-libs/gst/rtsp/gstrtspconnection.h +++ b/gst-libs/gst/rtsp/gstrtspconnection.h @@ -110,6 +110,16 @@ void gst_rtsp_connection_set_tls_interaction (GstRTSPConnection GST_EXPORT GTlsInteraction * gst_rtsp_connection_get_tls_interaction (GstRTSPConnection * conn); +typedef gboolean (*GstRTSPConnectionAcceptCertificateFunc) (GTlsConnection *conn, + GTlsCertificate *peer_cert, + GTlsCertificateFlags errors, + gpointer user_data); +GST_EXPORT +void gst_rtsp_connection_set_accept_certificate_func (GstRTSPConnection * conn, + GstRTSPConnectionAcceptCertificateFunc func, + gpointer user_data, + GDestroyNotify destroy_notify); + /* sending/receiving raw bytes */ GST_EXPORT diff --git a/win32/common/libgstrtsp.def b/win32/common/libgstrtsp.def index 07a2d94e85..e449f3cd7e 100644 --- a/win32/common/libgstrtsp.def +++ b/win32/common/libgstrtsp.def @@ -32,6 +32,7 @@ EXPORTS gst_rtsp_connection_receive gst_rtsp_connection_reset_timeout gst_rtsp_connection_send + gst_rtsp_connection_set_accept_certificate_func gst_rtsp_connection_set_auth gst_rtsp_connection_set_auth_param gst_rtsp_connection_set_http_mode