summaryrefslogtreecommitdiff
path: root/gst/rtsp-sink
diff options
context:
space:
mode:
authorSebastian Dröge <sebastian@centricular.com>2017-07-17 17:15:22 +0300
committerSebastian Dröge <sebastian@centricular.com>2017-11-01 13:43:33 +0200
commitc3e53322d934af47e697c94945112f06572555e3 (patch)
tree7e1b9a8479d2bf0a59293bd9efc75e2959e3cd02 /gst/rtsp-sink
parent89ccaa6932076e634481affef587f2756c577fa8 (diff)
rtspclientsink: Add "accept-certificate" signal for manually checking a TLS certificate for validity
https://bugzilla.gnome.org/show_bug.cgi?id=785024
Diffstat (limited to 'gst/rtsp-sink')
-rw-r--r--gst/rtsp-sink/gstrtspclientsink.c38
1 files changed, 38 insertions, 0 deletions
diff --git a/gst/rtsp-sink/gstrtspclientsink.c b/gst/rtsp-sink/gstrtspclientsink.c
index 3df5e0d..73ca9db 100644
--- a/gst/rtsp-sink/gstrtspclientsink.c
+++ b/gst/rtsp-sink/gstrtspclientsink.c
@@ -116,6 +116,7 @@ enum
SIGNAL_NEW_MANAGER,
SIGNAL_NEW_PAYLOADER,
SIGNAL_REQUEST_RTCP_KEY,
+ SIGNAL_ACCEPT_CERTIFICATE,
LAST_SIGNAL
};
@@ -605,6 +606,27 @@ gst_rtsp_client_sink_class_init (GstRTSPClientSinkClass * klass)
g_signal_new ("request-rtcp-key", G_TYPE_FROM_CLASS (klass),
G_SIGNAL_RUN_LAST, 0, NULL, NULL, NULL, GST_TYPE_CAPS, 1, G_TYPE_UINT);
+ /**
+ * GstRTSPClientSink::accept-certificate:
+ * @rtsp_client_sink: a #GstRTSPClientSink
+ * @peer_cert: the peer's #GTlsCertificate
+ * @errors: the problems with @peer_cert
+ * @user_data: user data set when the signal handler was connected.
+ *
+ * This will directly map to #GTlsConnection 's "accept-certificate"
+ * signal and be performed after the default checks of #GstRTSPConnection
+ * (checking against the #GTlsDatabase with the given #GTlsCertificateFlags)
+ * have failed. If no #GTlsDatabase is set on this connection, only this
+ * signal will be emitted.
+ *
+ * Since: 1.14
+ */
+ gst_rtsp_client_sink_signals[SIGNAL_ACCEPT_CERTIFICATE] =
+ g_signal_new ("accept-certificate", G_TYPE_FROM_CLASS (klass),
+ G_SIGNAL_RUN_LAST, 0, g_signal_accumulator_true_handled, NULL, NULL,
+ G_TYPE_BOOLEAN, 3, G_TYPE_TLS_CONNECTION, G_TYPE_TLS_CERTIFICATE,
+ G_TYPE_TLS_CERTIFICATE_FLAGS);
+
gstelement_class->provide_clock = gst_rtsp_client_sink_provide_clock;
gstelement_class->change_state = gst_rtsp_client_sink_change_state;
gstelement_class->request_new_pad =
@@ -1647,6 +1669,19 @@ gst_rtsp_client_sink_connection_receive (GstRTSPClientSink * sink,
return ret;
}
+static gboolean
+accept_certificate_cb (GTlsConnection * conn, GTlsCertificate * peer_cert,
+ GTlsCertificateFlags errors, gpointer user_data)
+{
+ GstRTSPClientSink *sink = user_data;
+ gboolean accept = FALSE;
+
+ g_signal_emit (sink, gst_rtsp_client_sink_signals[SIGNAL_ACCEPT_CERTIFICATE],
+ 0, conn, peer_cert, errors, &accept);
+
+ return accept;
+}
+
static GstRTSPResult
gst_rtsp_conninfo_connect (GstRTSPClientSink * sink, GstRTSPConnInfo * info,
gboolean async)
@@ -1683,6 +1718,9 @@ gst_rtsp_conninfo_connect (GstRTSPClientSink * sink, GstRTSPConnInfo * info,
if (sink->tls_interaction)
gst_rtsp_connection_set_tls_interaction (info->connection,
sink->tls_interaction);
+
+ gst_rtsp_connection_set_accept_certificate_func (info->connection,
+ accept_certificate_cb, sink, NULL);
}
if (info->url->transports & GST_RTSP_LOWER_TRANS_HTTP)