rtspsrc – When authentication is enabled, authorization block in the RTSP message is not updated correctly during digest authentication update.

Submitted by juney

Link to original bug (#791539)

Description

Every ~2 minutes AXIS encoder expires nonce used for “digest” authentication. If an RTSP message, such as “Play/Pause” is received after expiration, an “Unauthorized” response with a new nonce is replied. Gstreamer re-sends the message with a new “Authorization” appended at the end of old “Authorization” block, instead of replacing the old one. The server rejects the request message again and a new nonce is issued in the reply. The same cycle continues for 7 more times (total of 9 tries). Each time the “Authorization” list in the message is growing. After the 9th try, Gstreamer generates the following bus errors:
[rtspsrc] Not authorized to access resource.
[rtspsrc] Could not write to resource.

If a heartbeat message happened to be sent instead of the “Play” or “Pause,” the authorization block is replaced correctly on the next try and connection stays alive.

Here is a test case that generates the error condition:

Time(sec) Action/Events
0 Play
45 Pause <-this resets the heartbeat cycle to open up a window for testing bus error later
100 heartbeat
120 Digest authentication times out at this point. Next rtsp message will update nonce
155 heartbeat <- nonce gets updated. Digest authentication timeout is reset
210 heartbeat
265 heartbeat
275 120 seconds from last nonce update. Digest authentication times out at this point
(285-310) sending “Play” within this period will safely cause a bus error
320 next scheduled heartbeat

Version: 1.10.4