From a8ead3322fdbe4670101185204b55fef8e7e0422 Mon Sep 17 00:00:00 2001 From: Martin Storsjö Date: Mon, 21 Jun 2010 19:41:02 +0000 Subject: RTSP: Use the same authentication for the HTTP POST session as for the GET Originally committed as revision 23686 to svn://svn.ffmpeg.org/ffmpeg/trunk --- libavformat/rtsp.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'libavformat/rtsp.c') diff --git a/libavformat/rtsp.c b/libavformat/rtsp.c index 9801fc9a80..fe64a5dd70 100644 --- a/libavformat/rtsp.c +++ b/libavformat/rtsp.c @@ -1616,6 +1616,24 @@ redirect: ff_http_set_headers(rt->rtsp_hd_out, headers); ff_http_set_chunked_transfer_encoding(rt->rtsp_hd_out, 0); + /* Initialize the authentication state for the POST session. The HTTP + * protocol implementation doesn't properly handle multi-pass + * authentication for POST requests, since it would require one of + * the following: + * - implementing Expect: 100-continue, which many HTTP servers + * don't support anyway, even less the RTSP servers that do HTTP + * tunneling + * - sending the whole POST data until getting a 401 reply specifying + * what authentication method to use, then resending all that data + * - waiting for potential 401 replies directly after sending the + * POST header (waiting for some unspecified time) + * Therefore, we copy the full auth state, which works for both basic + * and digest. (For digest, we would have to synchronize the nonce + * count variable between the two sessions, if we'd do more requests + * with the original session, though.) + */ + ff_http_init_auth_state(rt->rtsp_hd_out, rt->rtsp_hd); + } else { /* open the tcp connection */ ff_url_join(tcpname, sizeof(tcpname), "tcp", NULL, host, port, NULL); -- cgit v1.2.3