1. 30 Mar, 2020 1 commit
  2. 23 Mar, 2020 1 commit
    • Sebastian Dröge's avatar
      rtsp-auth: Fix NULL pointer dereference when handling an invalid basic Authorization header · 44ccca30
      Sebastian Dröge authored
      When using the basic authentication scheme, we wouldn't validate that
      the authorization field of the credentials is not NULL and pass it on
      to g_hash_table_lookup(). g_str_hash() however is not NULL-safe and will
      dereference the NULL pointer and crash.
      A specially crafted (read: invalid) RTSP header can cause this to
      As a solution, check for the authorization to be not NULL before
      continuing processing it and if it is simply fail authentication.
      This fixes CVE-2020-6095 and TALOS-2020-1018.
      Discovered by Peter Wang of Cisco ASIG.
  3. 09 Mar, 2020 1 commit
  4. 24 Feb, 2020 4 commits
    • Mathieu Duponchelle's avatar
      rtsp-stream: fix deadlock on transport removal · 8410c69d
      Mathieu Duponchelle authored
      We cannot take the RTSPStream lock while holding a transport backlog
      lock, as remove_transport may be called externally, which will
      take first the RTSPStream lock then the transport backlog lock.
    • Mathieu Duponchelle's avatar
      rtsp-stream: clear backlog when removing transport · fa41cbe9
      Mathieu Duponchelle authored
      This ensures we don't end up calling any of transports' callbacks
      with a potentially unreffed user_data (in practice, a client that
      may have been removed)
    • Mathieu Duponchelle's avatar
      rtsp-stream: marshal calls to send_tcp_message to a single thread · 54b6b3bc
      Mathieu Duponchelle authored
      In order to address the race condition pointed out at
      !108 (comment 403579)
      we get rid of the send thread pool, and instead spawn and manage
      a single thread to pull samples from app sinks and add them to
      the transport's backlogs.
      Additionally, we now also always go through the backlogs in order
      to simplify the logic.
    • Mathieu Duponchelle's avatar
      rtsp-stream: properly protect TCP backlog access · 50ecbb15
      Mathieu Duponchelle authored
      Fixes #97
      We cannot hold stream->lock while pushing data, but need
      to consistently check the state of the backlog both from
      the send_tcp_message function and the on_message_sent function,
      which may or may not be called from the same thread.
      This commit introduces internal API to allow for potentially
      recursive locking of transport streams, addressing a race
      condition where the RTSP stream could push items out of order
      when popping them from the backlog.
  5. 21 Feb, 2020 1 commit
  6. 07 Feb, 2020 1 commit
  7. 03 Feb, 2020 1 commit
  8. 23 Jan, 2020 2 commits
  9. 15 Jan, 2020 1 commit
    • Zoltán Imets's avatar
      rtsp-client: add property post-session-timeout · aa8126b2
      Zoltán Imets authored
      This is a TCP connection timeout for client connections, in seconds.
      If a positive value is set for this property, the client connection
      will be kept alive for this amount of seconds after the last session
      timeout. For negative values of this property the connection timeout
      handling is delegated to the system (just as it was before).
      Fixes #83
  10. 11 Jan, 2020 1 commit
  11. 09 Jan, 2020 1 commit
    • Mathieu Duponchelle's avatar
      rtsp-stream: fix checking of TCP backpressure · e0a4355d
      Mathieu Duponchelle authored
      The internal index of our appsinks, while it can be used to
      determine whether a message is RTP or RTCP, is not necessarily
      the same as the interleaved channel. Let the stream-transport
      determine the channel to check backpressure for, the same way
      it determines the channel according to whether it is sending
      RTP or RTCP.
  12. 18 Dec, 2019 2 commits
  13. 12 Dec, 2019 1 commit
  14. 10 Dec, 2019 1 commit
  15. 06 Dec, 2019 1 commit
    • Kristofer Bjorkstrom's avatar
      rtsp-media: Force seek when flush flag is set · faf8f87a
      Kristofer Bjorkstrom authored
      The commit "rtsp-client: define all seek accuracy flags from
      setup_play_mode" changed the behaviour of when doing a seek.
      Before that commit, having the flush flag set would result in a seek
      (forced seek).
      Even if no seek was needed. One reason to force seek is to flush old buffers
      created in Describe requests.
      Thus adding force seek also for flush flag will result in play request
      with fresh buffers.
  16. 02 Dec, 2019 1 commit
  17. 27 Nov, 2019 1 commit
    • Edward Hervey's avatar
      rtsp-sdp: Don't try to use non-initialized values · 5ceb2cf8
      Edward Hervey authored
      Only attempt to use the various timing values iif gst_rtsp_stream_get_info()
      returns TRUE. Also avoid the whole clock signalling block if we're not
      dealing with senders.
      CID: 1439524
      CID: 1439536
      CID: 1439520
  18. 25 Nov, 2019 1 commit
    • Adam x Nilsson's avatar
      rtsp-stream: Removing invalid transports returns false · 9c5ca231
      Adam x Nilsson authored
      When removing transports an assertion was that the transports passed in
      for removal are present in the list, however that can't be assumed.
      As an example if a transport was removed from a thread running
      send_tcp_message, the main thread can try to remove the same transport
      again if it gets a handle_pause_request. This will not effect the
      transport list but it will effect n_tcp_transports as it will be
      decrement and then have the wrong value.
  19. 12 Nov, 2019 1 commit
  20. 04 Nov, 2019 2 commits
    • Niels De Graef's avatar
      Don't pass default GLib marshallers for signals · 45e77ecd
      Niels De Graef authored
      By passing NULL to `g_signal_new` instead of a marshaller, GLib will
      actually internally optimize the signal (if the marshaller is available
      in GLib itself) by also setting the valist marshaller. This makes the
      signal emission a bit more performant than the regular marshalling,
      which still needs to box into `GValue` and call libffi in case of a
      generic marshaller.
      Note that for custom marshallers, one would use
      `g_signal_set_va_marshaller()` with the valist marshaller instead.
    • Xavier Claessens's avatar
      GstRTSPMountPoints: Remove any existing factory before adding a new one · f7bbd9dd
      Xavier Claessens authored
      The documentation of gst_rtsp_mount_points_add_factory() says "Any
      previous mount point will be freed" which was true when it was
      implemented using a GHashTable. But in 2012 it got rewrote using a
      GSequence and since then it could have 2 factories for the same path.
      Which one gets used is random, depending on the sorting order of 2
      identical items.
  21. 21 Oct, 2019 1 commit
    • Mathieu Duponchelle's avatar
      stream: refactor TCP backpressure handling · dd32924e
      Mathieu Duponchelle authored
      The previous implementation stopped sending TCP messages to
      all clients when a single one stopped consuming them, which
      obviously created problems for shared media.
      Instead, we now manage a backlog in stream-transport, and slow
      clients are removed once this backlog exceeds a maximum duration,
      currently hardcoded.
      Fixes #80
  22. 18 Oct, 2019 2 commits
  23. 17 Oct, 2019 1 commit
  24. 16 Oct, 2019 2 commits
    • Kristofer's avatar
      rtsp-client: Lock shared media · 1a01d20e
      Kristofer authored
      For shared media we got race conditions. Concurrently rtsp clients might
      suspend or unsuspend the shared media and thus change the state without
      the clients expecting that.
      By introducing a lock that can be taken by callers such as rtsp_client
      one can force rtsp clients calling, eg. PLAY, SETUP and that uses shared media,
      to handle the media sequentially thus allowing one client to finish its
      rtsp call before another client calls on the same media.
      Fixes #86
    • Göran Jönsson's avatar
      rtsp-session: add property extra-timeout · 74b19b37
      Göran Jönsson authored
      Extra time to add to the timeout, in seconds. This only
      affects the time until a session is considered timed out
      and is not signalled in the RTSP request responses.
      Only the value of the timeout property is signalled in the
      request responses.
  25. 14 Oct, 2019 1 commit
    • Adam x Nilsson's avatar
      rtsp-stream : fix race condition in send_tcp_message · 0b1b6670
      Adam x Nilsson authored
      If one thread is inside the send_tcp_message function and are done
      sending rtp or rtcp messages so the n_outstanding variable is zero
      however have not exit the loop sending the messages. While sending its
      messages, transports have been added or removed to the transport list,
      so the cache should be updated. If now an additional thread comes to
      the function send_tcp_message and trying to send rtp messages it will
      first destroy the rtp cache that is still being iterated trough by the
      first thread.
      Fixes #81
  26. 13 Oct, 2019 1 commit
  27. 07 Oct, 2019 3 commits
  28. 04 Oct, 2019 1 commit
  29. 03 Oct, 2019 1 commit
    • David Svensson Fors's avatar
      rtsp-media: Unblock all streams · e16867b1
      David Svensson Fors authored
      When unsuspending and going to PLAYING, unblock all streams instead of
      only those that are linked (the linked streams are the ones for which
      SETUP has been called). GST_FLOW_NOT_LINKED will be returned when
      pushing buffers on unlinked streams.
      This change is because playback using single-threaded demuxers like
      matroska-demux could be blocked if SETUP was not called for all media.
      Demuxers that use GstFlowCombiner (including gstoggdemux, gstavidemux,
      gstflvdemux, qtdemux, and matroska-demux) will handle
      GST_FLOW_NOT_LINKED automatically.
      Fixes #39
  30. 02 Oct, 2019 1 commit
    • Göran Jönsson's avatar
      rtsp-media: Wait on async when needed. · 18f4f4e5
      Göran Jönsson authored
      Wait on asyn-done when needed in gst_rtsp_media_seek_trickmode.
      In the unit test the pause from adjust_play_mode will cause a preroll
      and after that async-done will be produced.
      Without this patch there are no one consuming this async-done and when
      later when seek fluch is done in gst_rtsp_media_seek_trickmode then it
      wait for async-done. But then it wrongly find the async-done prodused by
      adjus_play_mode and continue executing without waiting for the preroll
      to finish.