Trailing space on RTSP WWW-Authenticate header breaks parsing
We use an rtspsrc
element to connect to camera streams, and we’ve recently come across a camera which sends a trailing extra space at the end of the WWW-Authenticate header within the OPTIONS command, like so:
WWW-Authenticate: Digest realm="FII_NS_CPD", nonce="990d51c37b1f651153afcb5f619f891b"
The pipeline ends up erroring out with a 401 unauthorized message, and when looking at wireshark, the rtspsrc element never actually sends an Authorization header after receiving the 401 (despite passing in the correct credentials with user-id and user-pw).
Digging a little deeper into the rtspconnection code, it looks like the trailing extra space is causing nonce="990d51c37b1f651153afcb5f619f891b"
to be split into a separate header, making it no longer tied to the Digest auth header. This is breaking authentication since this nonce value is required for Digest auth.
It seems like gstreamer should be more resilient against whitespace at the end of this header, with a change like this:
diff -rupN gst-plugins-base-1.22.4/gst-libs/gst/rtsp/gstrtspconnection.c gst-plugins-base-1.22.4-updated/gst-libs/gst/rtsp/gstrtspconnection.c
--- gst-plugins-base-1.22.4/gst-libs/gst/rtsp/gstrtspconnection.c 2023-06-20 12:42:25.000000000 -0400
+++ gst-plugins-base-1.22.4-updated/gst-libs/gst/rtsp/gstrtspconnection.c 2023-09-19 11:13:01.262427969 -0400
@@ -2375,8 +2375,15 @@ parse_line (guint8 * buffer, GstRTSPMess
comma = next_value;
} else if (*next_value == ' ' && next_value[1] != ',' &&
next_value[1] != '=' && comma != NULL) {
- next_value = comma;
- comma = NULL;
+ /* only process this as a separate challenge/header if there is more than just
+ * trailing whitespace after this */
+ for (gchar* curr_char = next_value; *curr_char != '\0'; curr_char++) {
+ if (!g_ascii_isspace (*curr_char)) {
+ next_value = comma;
+ comma = NULL;
+ break;
+ }
+ }
break;
}
} else if (*next_value == ',')