From eaf7b1488c0df47528e2933414967024297ec7d9 Mon Sep 17 00:00:00 2001
From: Jan Schmidt <jan@centricular.com>
Date: Tue, 17 Nov 2015 01:12:28 +1100
Subject: [PATCH] test-record-auth: Add the option to build in TLS support

---
 examples/test-record-auth.c | 48 +++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)

diff --git a/examples/test-record-auth.c b/examples/test-record-auth.c
index 94366ac6a9..ba9bd4702f 100644
--- a/examples/test-record-auth.c
+++ b/examples/test-record-auth.c
@@ -23,6 +23,9 @@
 
 #include <gst/rtsp-server/rtsp-server.h>
 
+/* define this if you want the server to use TLS */
+//#define WITH_TLS
+
 #define DEFAULT_RTSP_PORT "8554"
 
 static char *port = (char *) DEFAULT_RTSP_PORT;
@@ -45,6 +48,9 @@ main (int argc, char *argv[])
   GstRTSPAuth *auth;
   GstRTSPToken *token;
   gchar *basic;
+#ifdef WITH_TLS
+  GTlsCertificate *cert;
+#endif
 
   optctx = g_option_context_new ("<launch line> - Test RTSP Server, Launch\n\n"
       "Example: \"( decodebin name=depay0 ! autovideosink )\"");
@@ -79,6 +85,13 @@ main (int argc, char *argv[])
       GST_RTSP_TRANSPORT_MODE_RECORD);
   gst_rtsp_media_factory_set_launch (factory, argv[1]);
   gst_rtsp_media_factory_set_latency (factory, 2000);
+#ifdef WITH_TLS
+  gst_rtsp_media_factory_set_profiles (factory,
+      GST_RTSP_PROFILE_SAVP | GST_RTSP_PROFILE_SAVPF);
+#else
+  gst_rtsp_media_factory_set_profiles (factory,
+      GST_RTSP_PROFILE_AVP | GST_RTSP_PROFILE_AVPF);
+#endif
 
   /* allow user to access this resource */
   gst_rtsp_media_factory_add_role (factory, "user",
@@ -98,6 +111,37 @@ main (int argc, char *argv[])
   /* Set up the auth for user account */
   /* make a new authentication manager */
   auth = gst_rtsp_auth_new ();
+#ifdef WITH_TLS
+  cert = g_tls_certificate_new_from_pem ("-----BEGIN CERTIFICATE-----"
+      "MIICJjCCAY+gAwIBAgIBBzANBgkqhkiG9w0BAQUFADCBhjETMBEGCgmSJomT8ixk"
+      "ARkWA0NPTTEXMBUGCgmSJomT8ixkARkWB0VYQU1QTEUxHjAcBgNVBAsTFUNlcnRp"
+      "ZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAxMOY2EuZXhhbXBsZS5jb20xHTAbBgkq"
+      "hkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tMB4XDTExMDExNzE5NDcxN1oXDTIxMDEx"
+      "NDE5NDcxN1owSzETMBEGCgmSJomT8ixkARkWA0NPTTEXMBUGCgmSJomT8ixkARkW"
+      "B0VYQU1QTEUxGzAZBgNVBAMTEnNlcnZlci5leGFtcGxlLmNvbTBcMA0GCSqGSIb3"
+      "DQEBAQUAA0sAMEgCQQDYScTxk55XBmbDM9zzwO+grVySE4rudWuzH2PpObIonqbf"
+      "hRoAalKVluG9jvbHI81eXxCdSObv1KBP1sbN5RzpAgMBAAGjIjAgMAkGA1UdEwQC"
+      "MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQEFBQADgYEAYx6fMqT1"
+      "Gvo0jq88E8mc+bmp4LfXD4wJ7KxYeadQxt75HFRpj4FhFO3DOpVRFgzHlOEo3Fwk"
+      "PZOKjvkT0cbcoEq5whLH25dHoQxGoVQgFyAP5s+7Vp5AlHh8Y/vAoXeEVyy/RCIH"
+      "QkhUlAflfDMcrrYjsmwoOPSjhx6Mm/AopX4="
+      "-----END CERTIFICATE-----"
+      "-----BEGIN PRIVATE KEY-----"
+      "MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEA2EnE8ZOeVwZmwzPc"
+      "88DvoK1ckhOK7nVrsx9j6TmyKJ6m34UaAGpSlZbhvY72xyPNXl8QnUjm79SgT9bG"
+      "zeUc6QIDAQABAkBRFJZ32VbqWMP9OVwDJLiwC01AlYLnka0mIQZbT/2xq9dUc9GW"
+      "U3kiVw4lL8v/+sPjtTPCYYdzHHOyDen6znVhAiEA9qJT7BtQvRxCvGrAhr9MS022"
+      "tTdPbW829BoUtIeH64cCIQDggG5i48v7HPacPBIH1RaSVhXl8qHCpQD3qrIw3FMw"
+      "DwIga8PqH5Sf5sHedy2+CiK0V4MRfoU4c3zQ6kArI+bEgSkCIQCLA1vXBiE31B5s"
+      "bdHoYa1BXebfZVd+1Hd95IfEM5mbRwIgSkDuQwV55BBlvWph3U8wVIMIb4GStaH8"
+      "W535W8UBbEg=" "-----END PRIVATE KEY-----", -1, &error);
+  if (cert == NULL) {
+    g_printerr ("failed to parse PEM: %s\n", error->message);
+    return -1;
+  }
+  gst_rtsp_auth_set_tls_certificate (auth, cert);
+  g_object_unref (cert);
+#endif
 
   /* make default token - anonymous unauthenticated access */
   token =
@@ -123,7 +167,11 @@ main (int argc, char *argv[])
   gst_rtsp_server_attach (server, NULL);
 
   /* start serving */
+#ifdef WITH_TLS
+  g_print ("stream ready at rtsps://127.0.0.1:%s/test\n", port);
+#else
   g_print ("stream ready at rtsp://127.0.0.1:%s/test\n", port);
+#endif
   g_main_loop_run (loop);
 
   return 0;