修复rtsp basic鉴权相关bug: #2087

src/Rtsp/RtspPlayer.cpp

@@ -580,16 +580,16 @@ void RtspPlayer::sendRtspRequest(const string &cmd, const string &url, const std
 
 void RtspPlayer::sendRtspRequest(const string &cmd, const string &url,const StrCaseMap &header_const) {
     auto header = header_const;
-    header.emplace("CSeq",StrPrinter << _cseq_send++);
-    header.emplace("User-Agent",kServerName);
+    header.emplace("CSeq", StrPrinter << _cseq_send++);
+    header.emplace("User-Agent", kServerName);
 
-    if(!_session_id.empty()){
+    if (!_session_id.empty()) {
         header.emplace("Session", _session_id);
     }
 
-    if(!_realm.empty() && !(*this)[Client::kRtspUser].empty()){
-        if(!_md5_nonce.empty()){
-            //MD5认证
+    if (!_realm.empty() && !(*this)[Client::kRtspUser].empty()) {
+        if (!_md5_nonce.empty()) {
+            // MD5认证
             /*
             response计算方法如下：
             RTSP客户端应该使用username + password并计算response如下:
@@ -599,7 +599,7 @@ void RtspPlayer::sendRtspRequest(const string &cmd, const string &url,const StrC
                 response= md5( md5(username:realm:password):nonce:md5(public_method:url) );
              */
             string encrypted_pwd = (*this)[Client::kRtspPwd];
-            if(!(*this)[Client::kRtspPwdIsMD5].as<bool>()){
+            if (!(*this)[Client::kRtspPwdIsMD5].as<bool>()) {
                 encrypted_pwd = MD5((*this)[Client::kRtspUser] + ":" + _realm + ":" + encrypted_pwd).hexdigest();
             }
             auto response = MD5(encrypted_pwd + ":" + _md5_nonce + ":" + MD5(cmd + ":" + url).hexdigest()).hexdigest();
@@ -610,13 +610,11 @@ void RtspPlayer::sendRtspRequest(const string &cmd, const string &url,const StrC
             printer << "nonce=\"" << _md5_nonce << "\", ";
             printer << "uri=\"" << url << "\", ";
             printer << "response=\"" << response << "\"";
-            header.emplace("Authorization",printer);
-        }else if(!(*this)[Client::kRtspPwdIsMD5].as<bool>()){
-            //base64认证
-            string authStr = StrPrinter << (*this)[Client::kRtspUser] << ":" << (*this)[Client::kRtspPwd];
-            char authStrBase64[1024] = {0};
-            av_base64_encode(authStrBase64, sizeof(authStrBase64), (uint8_t *) authStr.data(), (int) authStr.size());
-            header.emplace("Authorization",StrPrinter << "Basic " << authStrBase64 );
+            header.emplace("Authorization", printer);
+        } else if (!(*this)[Client::kRtspPwdIsMD5].as<bool>()) {
+            // base64认证
+            auto authStrBase64 = encodeBase64((*this)[Client::kRtspUser] + ":" + (*this)[Client::kRtspPwd]);
+            header.emplace("Authorization", StrPrinter << "Basic " << authStrBase64);
         }
     }
 

src/Rtsp/RtspPusher.cpp

@@ -537,10 +537,8 @@ void RtspPusher::sendRtspRequest(const string &cmd, const string &url,const StrC
             printer << "response=\"" << response << "\"";
             header.emplace("Authorization", printer);
         } else if (!(*this)[Client::kRtspPwdIsMD5].as<bool>()) {
-            //base64认证
-            string authStr = StrPrinter << (*this)[Client::kRtspUser] << ":" << (*this)[Client::kRtspPwd];
-            char authStrBase64[1024] = {0};
-            av_base64_encode(authStrBase64, sizeof(authStrBase64), (uint8_t *) authStr.data(), (int)authStr.size());
+            // base64认证
+            auto authStrBase64 = encodeBase64((*this)[Client::kRtspUser] + ":" + (*this)[Client::kRtspPwd]);
             header.emplace("Authorization", StrPrinter << "Basic " << authStrBase64);
         }
     }

src/Rtsp/RtspSession.cpp

@@ -448,31 +448,26 @@ void RtspSession::onAuthSuccess() {
 }
 
 void RtspSession::onAuthFailed(const string &realm,const string &why,bool close) {
-    GET_CONFIG(bool,authBasic,Rtsp::kAuthBasic);
+    GET_CONFIG(bool, authBasic, Rtsp::kAuthBasic);
     if (!authBasic) {
-        //我们需要客户端优先以md5方式认证
+        // 我们需要客户端优先以md5方式认证
         _auth_nonce = makeRandStr(32);
-        sendRtspResponse("401 Unauthorized",
-                         {"WWW-Authenticate",
-                          StrPrinter << "Digest realm=\"" << realm << "\",nonce=\"" << _auth_nonce << "\"" });
-    }else {
-        //当然我们也支持base64认证,但是我们不建议这样做
-        sendRtspResponse("401 Unauthorized",
-                         {"WWW-Authenticate",
-                          StrPrinter << "Basic realm=\"" << realm << "\"" });
+        sendRtspResponse("401 Unauthorized", { "WWW-Authenticate", StrPrinter << "Digest realm=\"" << realm << "\",nonce=\"" << _auth_nonce << "\"" });
+    } else {
+        // 当然我们也支持base64认证,但是我们不建议这样做
+        sendRtspResponse("401 Unauthorized", { "WWW-Authenticate", StrPrinter << "Basic realm=\"" << realm << "\"" });
     }
-    if(close){
-        shutdown(SockException(Err_shutdown,StrPrinter << "401 Unauthorized:" << why));
+    if (close) {
+        shutdown(SockException(Err_shutdown, StrPrinter << "401 Unauthorized:" << why));
     }
 }
 
-void RtspSession::onAuthBasic(const string &realm,const string &auth_base64){
+void RtspSession::onAuthBasic(const string &realm, const string &auth_base64) {
     //base64认证
-    char user_pwd_buf[512];
-    av_base64_decode((uint8_t *) user_pwd_buf, auth_base64.data(), (int)auth_base64.size());
-    auto user_pwd_vec = split(user_pwd_buf, ":");
+    auto user_passwd = decodeBase64(auth_base64);
+    auto user_pwd_vec = split(user_passwd, ":");
     if (user_pwd_vec.size() < 2) {
-        //认证信息格式不合法，回复401 Unauthorized
+        // 认证信息格式不合法，回复401 Unauthorized
         onAuthFailed(realm, "can not find user and passwd when basic64 auth");
         return;
     }