diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2022-11-08 15:34:12 +0100 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2022-11-09 09:40:00 +0100 |
| commit | 2bc04d4980b0fa929b511fb35e41c42e16d44438 (patch) | |
| tree | f8a8ddb2788a5873a08464f9343ae5a16cd53a6a | |
| parent | e46d388c87ad79fce209b1742f8bcf6664cbf43e (diff) | |
| download | curl-2bc04d4980b0fa929b511fb35e41c42e16d44438.tar.gz | |
rtsp: fix RTSP auth
Verified with test 3100
Fixes #4750
Closes #9870
| -rw-r--r-- | docs/KNOWN_BUGS | 10 | ||||
| -rw-r--r-- | lib/http.c | 9 | ||||
| -rw-r--r-- | lib/rtsp.c | 13 |
3 files changed, 22 insertions, 10 deletions
diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS index 6180a5715..2f8e7e49b 100644 --- a/docs/KNOWN_BUGS +++ b/docs/KNOWN_BUGS @@ -67,7 +67,6 @@ problems may have been fixed or changed somewhat since this was written. 6.5 NTLM does not support password with ยง character 6.6 libcurl can fail to try alternatives with --proxy-any 6.7 Do not clear digest for single realm - 6.8 RTSP authentication breaks without redirect support 6.9 SHA-256 digest not supported in Windows SSPI builds 6.10 curl never completes Negotiate over HTTP 6.11 Negotiate on Windows fails @@ -564,15 +563,6 @@ problems may have been fixed or changed somewhat since this was written. https://github.com/curl/curl/issues/3267 -6.8 RTSP authentication breaks without redirect support - - RTSP authentication broke in 7.66.0. A work-around is to enable RTSP in - CURLOPT_REDIR_PROTOCOLS. Authentication should however not be considered an - actual redirect so a "proper" fix needs to be different and not require users - to allow redirects to RTSP to work. - - See https://github.com/curl/curl/pull/4750 - 6.9 SHA-256 digest not supported in Windows SSPI builds Windows builds of curl that have SSPI enabled use the native Windows API calls diff --git a/lib/http.c b/lib/http.c index 6037b1737..f5ccda8f6 100644 --- a/lib/http.c +++ b/lib/http.c @@ -696,6 +696,15 @@ CURLcode Curl_http_auth_act(struct Curl_easy *data) data->req.newurl = strdup(data->state.url); /* clone URL */ if(!data->req.newurl) return CURLE_OUT_OF_MEMORY; +#ifndef CURL_DISABLE_RTSP + /* + * Authentication is treated as a redirect in Curl_follow(), so if this is + * done using RTSP we make it allow these "redirects" to RTSP (only). A + * safe assumption as no other redirects should happen from RTSP. + */ + if(conn->handler->protocol & CURLPROTO_RTSP) + data->set.redir_protocols = CURLPROTO_RTSP; +#endif } else if((data->req.httpcode < 300) && (!data->state.authhost.done) && diff --git a/lib/rtsp.c b/lib/rtsp.c index 700479f29..e32756fd8 100644 --- a/lib/rtsp.c +++ b/lib/rtsp.c @@ -267,6 +267,19 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done) rtsp->CSeq_sent = data->state.rtsp_next_client_CSeq; rtsp->CSeq_recv = 0; + /* Setup the first_* fields to allow auth details get sent + to this origin */ + + /* Free to avoid leaking memory on multiple requests */ + free(data->state.first_host); + + data->state.first_host = strdup(conn->host.name); + if(!data->state.first_host) + return CURLE_OUT_OF_MEMORY; + + data->state.first_remote_port = conn->remote_port; + data->state.first_remote_protocol = conn->handler->protocol; + /* Setup the 'p_request' pointer to the proper p_request string * Since all RTSP requests are included here, there is no need to * support custom requests like HTTP. |