cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: [PATCH] RTSP-Authentication

From: Jim Hollinger <hollinger.jim_at_gmail.com>
Date: Sat, 25 Jun 2011 14:23:29 -0400

On Fri, Jun 17, 2011 at 8:29 AM, Daniel Stenberg <daniel_at_haxx.se> wrote:

> On Thu, 16 Jun 2011, Jim Hollinger wrote:
>
> You are correct, this mod did not come from a specification, but from
>> operational experience. When negotiating an RTSP connection to several video
>> servers and ip cameras, I found the curl_easy_perform() call will not return
>> from the DESCRIBE request until it times-out if authentication fails.
>>
>
> This is because the curl function expects the sdp content to be returned
>> as the body of the response, but this content is not transmitted by the
>> server if the client authentication fails.
>>
>
> Wow. That sounds terribly broken. Have you checked what (other) RTSP
> clients do for these cases?
>
> Can you show us the full set of headers such a typical RTSP server responds
> with if the auth fails? Are you saying that it reports that there's a
> content-length etc but it doesn't actually send that data?
>
>
> --
>
> / daniel.haxx.se
> ------------------------------**------------------------------**-------
> List admin: http://cool.haxx.se/list/**listinfo/curl-library<http://cool.haxx.se/list/listinfo/curl-library>
> Etiquette: http://curl.haxx.se/mail/**etiquette.html<http://curl.haxx.se/mail/etiquette.html>
>

When the server reports an authentication failure for the RTSP DESCRIBE
request, it does *not* return a content-length header - at least for the
four servers I have interacted with. Only when authentication is successful,
does the server return the content headers and associated SDP content. The
RTSP clients embedded within the most recent QuickTime and VLC media players
handle the authentication failure seamlessly.

A typical RTSP session is shown below using libcurl with the subject
patches. The session begins with a successful OPTIONS request followed by an
unsuccessful DESCRIBE request (401 Unauthorized). Using the Authenticate
header information returned by the server, curl automatically retries the
DESCRIBE request with the correct Authorization header. The subsequent sever
response includes the SDP content as the response body. The session
continues with a SETUP request, again with the correct Authorization header,
followed by a PLAY request.

cURL V7.21.6-DEV
* About to connect() to 148.33.220.104 port 554 (#0)
* Trying 148.33.220.104... * connected
* Connected to 148.33.220.104 (148.33.220.104) port 554 (#0)
* Server auth using Digest with user 'admin'
> OPTIONS rtsp://admin:1234_at_148.33.220.104:554/live_mpeg4.sdp RTSP/1.0
CSeq: 1

< RTSP/1.0 200 OK
RTSP/1.0 200 OK
< CSeq: 1
CSeq: 1
< Public: DESCRIBE, SETUP, TEARDOWN, PLAY, PAUSE
Public: DESCRIBE, SETUP, TEARDOWN, PLAY, PAUSE
< Server: Y-CAM:BULLET
Server: Y-CAM:BULLET

<
* Connection #0 to host 148.33.220.104 left intact
* Re-using existing connection! (#0) with host 148.33.220.104
* Connected to 148.33.220.104 (148.33.220.104) port 554 (#0)
* Server auth using Digest with user 'admin'
> DESCRIBE rtsp://admin:1234_at_148.33.220.104:554/live_mpeg4.sdp RTSP/1.0
CSeq: 2
Accept: application/sdp
If-Modified-Since: Thu, 01 Jan 1970 00:00:00 GMT

< RTSP/1.0 401 Unauthorized
RTSP/1.0 401 Unauthorized
< CSeq: 2
CSeq: 2
< WWW-Authenticate: Digest realm="RTSPD", qop="auth",
nonce="45605c61146c5229634
6b65159c8dc03", opaque="5ccc069c403ebaf9f0171e9517f40e41", algorithm="MD5",
stal
e="FALSE"
WWW-Authenticate: Digest realm="RTSPD", qop="auth",
nonce="45605c61146c52296346b
65159c8dc03", opaque="5ccc069c403ebaf9f0171e9517f40e41", algorithm="MD5",
stale=
"FALSE"

<
* Connection #0 to host 148.33.220.104 left intact
* Issue another request to this URL: 'rtsp://admin:1234_at_148.33.220.104
:554/live_
mpeg4.sdp'
* Re-using existing connection! (#0) with host 148.33.220.104
* Connected to 148.33.220.104 (148.33.220.104) port 554 (#0)
* Server auth using Digest with user 'admin'
> DESCRIBE rtsp://admin:1234_at_148.33.220.104:554/live_mpeg4.sdp RTSP/1.0
CSeq: 3
Accept: application/sdp
Authorization: Digest username="admin", realm="RTSPD",
nonce="45605c61146c522963
46b65159c8dc03", uri="rtsp://admin:1234_at_148.33.220.104:554/live_mpeg4.sdp",
cnon
ce="MDE0NjUy", nc=00000001, qop="auth",
response="bd6de7e901a8a06cdfb4c4e2d73a0f
a1", opaque="5ccc069c403ebaf9f0171e9517f40e41", algorithm="MD5"
If-Modified-Since: Thu, 01 Jan 1970 00:00:00 GMT

< RTSP/1.0 200 OK
RTSP/1.0 200 OK
< CSeq: 3
CSeq: 3
< Content-Base: rtsp://admin:1234_at_148.33.220.104:554/live_mpeg4.sdp/
Content-Base: rtsp://admin:1234_at_148.33.220.104:554/live_mpeg4.sdp/
< Content-Type: application/sdp
Content-Type: application/sdp
< Content-Length: 299
Content-Length: 299
< Server: Y-CAM:BULLET
Server: Y-CAM:BULLET

<
* Connection #0 to host 148.33.220.104 left intact
* Re-using existing connection! (#0) with host 148.33.220.104
* Connected to 148.33.220.104 (148.33.220.104) port 554 (#0)
* Server auth using Digest with user 'admin'
> SETUP rtsp://admin:1234_at_148.33.220.104:554/live_mpeg4.sdp/trackID=0
RTSP/1.0
CSeq: 4
Transport: RTP/AVP;unicast;client_port=48100-48101
Authorization: Digest username="admin", realm="RTSPD",
nonce="45605c61146c522963
46b65159c8dc03", uri="rtsp://admin:1234_at_148.33.220.104
:554/live_mpeg4.sdp/trackI
D=0", cnonce="MDE0NjUy", nc=00000002, qop="auth",
response="21d327bd5af9f8dac0fb
4859bbf0ad7b", opaque="5ccc069c403ebaf9f0171e9517f40e41", algorithm="MD5"
If-Modified-Since: Thu, 01 Jan 1970 00:00:00 GMT

< RTSP/1.0 200 OK
RTSP/1.0 200 OK
< CSeq: 4
CSeq: 4
< Session: 8287804157998118
Session: 8287804157998118
< Transport: RTP/AVP;unicast;client_port=48100-48101;server_port=30000-30001
Transport: RTP/AVP;unicast;client_port=48100-48101;server_port=30000-30001
< Server: Y-CAM:BULLET
Server: Y-CAM:BULLET

<
* Connection #0 to host 148.33.220.104 left intact
* Re-using existing connection! (#0) with host 148.33.220.104
* Connected to 148.33.220.104 (148.33.220.104) port 554 (#0)
* Server auth using Digest with user 'admin'
> PLAY rtsp://admin:1234_at_148.33.220.104:554/live_mpeg4.sdp RTSP/1.0
CSeq: 5
Session: 8287804157998118
Range: 0.000-
Authorization: Digest username="admin", realm="RTSPD",
nonce="45605c61146c522963
46b65159c8dc03", uri="rtsp://admin:1234_at_148.33.220.104:554/live_mpeg4.sdp",
cnon
ce="MDE0NjUy", nc=00000003, qop="auth",
response="0e9fcb75154b0b6477ffb4ab829f30
87", opaque="5ccc069c403ebaf9f0171e9517f40e41", algorithm="MD5"

< RTSP/1.0 200 OK
RTSP/1.0 200 OK
< CSeq: 5
CSeq: 5
< Session: 8287804157998118
Session: 8287804157998118
< RTP-Info: url=rtsp://admin:1234_at_148.33.220.104
:554/live_mpeg4.sdp/trackID=0;se
q=0;rtptime=0
RTP-Info: url=rtsp://admin:1234_at_148.33.220.104
:554/live_mpeg4.sdp/trackID=0;seq=
0;rtptime=0
< Server: Y-CAM:BULLET
Server: Y-CAM:BULLET

<
* Connection #0 to host 148.33.220.104 left intact

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2011-06-25