Quantcast

Question about GstRTSPAuth and GstRTSPServer

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Question about GstRTSPAuth and GstRTSPServer

Oscar Forner Martinez
Hi,

I want to use basic authentication with an RTSP server. For that I found
in the documentation how to do it using the GstRTSPAuth and
GstRTSPServer. However, the GstRTSPAuth requires a username and
password. Is there a way to use a digest of the password like it is done
in web servers with the .htpasswd files instead of providing the
username and password?

I am asking because this would force me to store the password in plain
text in order to use it in the GstRTSPAuth.

Thank you in advance.

Oscar

_______________________________________________
gstreamer-devel mailing list
[hidden email]
https://lists.freedesktop.org/mailman/listinfo/gstreamer-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Question about GstRTSPAuth and GstRTSPServer

Sebastian Dröge-3
On Thu, 2017-02-09 at 15:58 +0000, Oscar Forner Martinez wrote:

> Hi,
>
> I want to use basic authentication with an RTSP server. For that I found 
> in the documentation how to do it using the GstRTSPAuth and 
> GstRTSPServer. However, the GstRTSPAuth requires a username and 
> password. Is there a way to use a digest of the password like it is done 
> in web servers with the .htpasswd files instead of providing the 
> username and password?
>
> I am asking because this would force me to store the password in plain 
> text in order to use it in the GstRTSPAuth.
In GIT gst-rtsp-server also supports Digest auth btw. For both you need
to store the password in clear text on the server side.

With basic auth, things are even worse though. You actually transmit
the password in clear text over the network (well, base64 encoded...).
The server is then checking that against what is locally stored. With
basic auth, storing the clear text password server-side is the least of
your worries.


With digest auth you don't send the password in clear text and in
theory the server could store only a hash (of username, realm and
password) instead of the clear text password. However this is currently
not implemented in gst-rtsp-server. If you want to provide a patch for
that, that would be very useful though. It's not difficult to add.

--
Sebastian Dröge, Centricular Ltd · http://www.centricular.com
_______________________________________________
gstreamer-devel mailing list
[hidden email]
https://lists.freedesktop.org/mailman/listinfo/gstreamer-devel

signature.asc (981 bytes) Download Attachment
Loading...