When using the basic authentication scheme, we wouldn't validate that
the authorization field of the credentials is not NULL and pass it on
to g_hash_table_lookup(). g_str_hash() however is not NULL-safe and will
dereference the NULL pointer and crash.
A specially crafted (read: invalid) RTSP header can cause this to
happen.
As a solution, check for the authorization to be not NULL before
continuing processing it and if it is simply fail authentication.
This fixes CVE-2020-6095 and TALOS-2020-1018.
Discovered by Peter Wang of Cisco ASIG.
By passing NULL to `g_signal_new` instead of a marshaller, GLib will
actually internally optimize the signal (if the marshaller is available
in GLib itself) by also setting the valist marshaller. This makes the
signal emission a bit more performant than the regular marshalling,
which still needs to box into `GValue` and call libffi in case of a
generic marshaller.
Note that for custom marshallers, one would use
`g_signal_set_va_marshaller()` with the valist marshaller instead.
Export rtsp-server library API in headers when we're building the
library itself, otherwise import the API from the headers.
This fixes linker warnings on Windows when building with MSVC.
Fix up some missing config.h includes when building the lib which
is needed to get the export api define from config.h
https://bugzilla.gnome.org/show_bug.cgi?id=797185
Passwords are usually not stored in clear text, but instead
stored already hashed in a .htdigest file.
Add support for parsing such files, add API to allow setting
a custom realm in RTSPAuth, and update the digest example.
https://bugzilla.gnome.org/show_bug.cgi?id=796637
* rtsp-auth: Refer to GstRTSPToken, not GstRTSPtoken
* rtsp-auth: Refer to part of constant name as text
* rtsp-auth/-permissions/-token: Refer to Permissions not Permission
* rtsp-session-media: Fix GstRTSPSessionMedia typo
* rtsp-stream: Fix typo when refering to GstBin
https://bugzilla.gnome.org/show_bug.cgi?id=714988
When no auth module is specified, use our table of defaults to look up the
default value of the check instead of always allowing everything. This was
we can disallow client settings by default.
Don't authorize on methods anymore but on the resources that we
try to access, this is more flexible.
Move the authorization checks to where they are needed and let the
check return the response on error.
Move handling of the unauthorized response to the auth module, it can add
the appropriate headers to request authorization for the required method
much better than the client.
Remove the auth object from media and factory. We want to have the RTSPClient
authenticate and authorize resources, there is no need to place another auth
manager on the media/factory.
Make it possible to add multiple basic authorisation tokens to one authorization
object. Associate with each token an authorization group that will define what
capabilities are allowed.
Allow for adding a GstRTSPAuth on the factory and media level and check
permissions when accessing the factory.
Add hints to the auth methods for future more fine grained authorisation.
Add example application for per factory authentication.
Pass the collected information for the ongoing request in a GstRTSPClientState
structure that we can then pass around to simplify the method arguments. This
will also be handy when we implement logging functionality.
