Re: [MPlayer-dev-eng] RN5 authentication for rtsp
- Date: Thu, 27 Mar 2008 00:28:55 +0200
- From: Uoti Urpala <uoti.urpala@xxxxxxxxxxx>
- Subject: Re: [MPlayer-dev-eng] RN5 authentication for rtsp
On Wed, 2008-03-26 at 18:10 -0400, Paul wrote:
> > at a quick glance there are still cosmetics in the initial part of your patch
>
> I can't see it. The extra indentation is neccessary IMHO.
It is necessary for the final version. However you reindent a fairly
large block of code, and it's not immediately obvious which part is only
supposed to be reindented and which otherwise changed. In this case I
think "diff -b" output is easier to read. Of course it's easy for
everyone to generate diff -b output themselves if they first apply the
patch, but it's harder to read the patch directly from the mail reader.
Attached is "git diff -b" output with the patch applied.
diff --git a/stream/realrtsp/real.c b/stream/realrtsp/real.c
index f20c92e..b4f93c0 100644
--- a/stream/realrtsp/real.c
+++ b/stream/realrtsp/real.c
@@ -435,6 +435,7 @@ rmff_header_t *real_setup_and_get_header(rtsp_t *rtsp_session, uint32_t bandwidt
uint32_t maxbandwidth = bandwidth;
char* authfield = NULL;
int i;
+ static const char hex[]="0123456789abcdef";
/* get challenge */
challenge1=strdup(rtsp_search_answers(rtsp_session,"RealChallenge1"));
@@ -478,10 +479,7 @@ rtsp_send_describe:
mp_msg(MSGT_STREAM, MSGL_ERR, "realrtsp: auth required but no username supplied\n");
goto autherr;
}
- if (!strstr(authreq, "Basic")) {
- mp_msg(MSGT_STREAM, MSGL_ERR, "realrtsp: authenticator not supported (%s)\n", authreq);
- goto autherr;
- }
+ if (strstr(authreq, "Basic")) {
authlen = strlen(username) + (password ? strlen(password) : 0) + 2;
authstr = malloc(authlen);
sprintf(authstr, "%s:%s", username, password ? password : "");
@@ -496,6 +494,71 @@ rtsp_send_describe:
authfield[b64_authlen+21] = 0;
goto rtsp_send_describe;
}
+ if (strstr(authreq, "RN5")) {
+ unsigned char mungedh[33];
+ unsigned char nonce[512];
+ unsigned char realm[512];
+ unsigned char zres[16];
+ char *p,*q,*b;
+
+ // find server supplied realm and save it
+ if ((p=strstr(authreq,"realm=\""))) {
+ p+=7;
+ q=realm;
+ b=q+sizeof(realm)-1;
+ while (*p && *p!='"' && q<b) {
+ *q++=*p++;
+ }
+ *q='\0';
+ }
+
+ // find server supplied nonce and save it
+ if ((p=strstr(authreq,"nonce=\""))) {
+ p+=+7;
+ q=nonce;
+ b=q+sizeof(nonce)-1;
+ while (*p && *p!='"' && q<b) {
+ *q++=*p++;
+ }
+ *q='\0';
+ }
+
+ p = malloc(1024);
+ // mimicking RealPlayer code here
+ sprintf(p,"%-.200s:%-.200s:%-.200s", username,realm,password);
+
+ // intermediate step to calculate credentials hash and store it in text format
+ av_md5_sum(zres, p, strlen(p));
+ for(i=0;i<16;i++) {
+ mungedh[i+i] = hex[zres[i] >> 4];
+ mungedh[i+i+1] = hex[zres[i] & 0x0f];
+ }
+ mungedh[i+i] = '\0';
+
+ // mimicking RealPlayer code here
+ sprintf(p,"%-.200s%-.200s%-.200sCopyright (C) 1995,1996,1997 RealNetworks, Inc.",
+ mungedh,nonce,"00000000-0000-0000-0000-000000000000");
+
+ // calculate the response to the server supplied nonce using our credentials
+ authfield = malloc(2048);
+ authstr = malloc(33);
+ av_md5_sum(zres, p, strlen(p));
+
+ for(i=0;i<16;i++) {
+ authstr[i+i] = hex[zres[i] >> 4];
+ authstr[i+i+1] = hex[zres[i] & 0x0f];
+ }
+ authstr[i+i] = '\0';
+
+ // mimicking RealPlayer code here
+ sprintf(authfield, "Authorization: RN5 username=\"%-.200s\", GUID=\"00000000-0000-0000-0000-000000000000\",realm=\"%-.200s\",nonce=\"%s\",response=\"%s\"",username,realm,nonce,authstr);
+
+ free(p);
+ free(authstr);
+ goto rtsp_send_describe;
+ }
+ mp_msg(MSGT_STREAM, MSGL_ERR, "realrtsp: authenticator not supported (%s)\n", authreq);
+ }
autherr:
if (authfield)
_______________________________________________
MPlayer-dev-eng mailing list
MPlayer-dev-eng@xxxxxxxxxxxx
https://lists.mplayerhq.hu/mailman/listinfo/mplayer-dev-eng