jayridge/ffmpeg-3.1.3-rtsps.patch Secret

## ffmpeg-3.1.3-rtsps.patch
diff -x '*.[oda]' -Naur ffmpeg-3.1.3/libavformat/rtsp.c ffmpeg-3.1.3_patched/libavformat/rtsp.c
--- ffmpeg-3.1.3/libavformat/rtsp.c	2016-06-26 19:54:30.000000000 -0400
+++ ffmpeg-3.1.3_patched/libavformat/rtsp.c	2016-09-23 11:36:51.000000000 -0400
@@ -97,6 +97,8 @@
     { "stimeout", "set timeout (in microseconds) of socket TCP I/O operations", OFFSET(stimeout), AV_OPT_TYPE_INT, {.i64 = 0}, INT_MIN, INT_MAX, DEC },
     COMMON_OPTS(),
     { "user-agent", "override User-Agent header", OFFSET(user_agent), AV_OPT_TYPE_STRING, {.str = LIBAVFORMAT_IDENT}, 0, 0, DEC },
+    { "ca_file", "Certificate Authority database file", OFFSET(ca_file), AV_OPT_TYPE_STRING, {.str = NULL}, 0, 0, DEC|ENC },
+    { "tls_verify", "Verify the peer certificate", OFFSET(verify), AV_OPT_TYPE_INT, {.i64 = 0}, 0, 1, DEC|ENC},
     { NULL },
 };

@@ -1803,9 +1805,25 @@
     } else {
         int ret;
         /* open the tcp connection */
-        ff_url_join(tcpname, sizeof(tcpname), lower_rtsp_proto, NULL,
-                    host, port,
-                    "?timeout=%d", rt->stimeout);
+        if (strncmp("tls", lower_rtsp_proto, 3) == 0) {
+            if (rt->ca_file != NULL) {
+                ff_url_join(tcpname, sizeof(tcpname), lower_rtsp_proto, NULL,
+                            host, port,
+                            "?timeout=%d&verify=%d&cafile=%s",
+                            rt->stimeout, rt->verify, rt->ca_file);
+            } else {
+                ff_url_join(tcpname, sizeof(tcpname), lower_rtsp_proto, NULL,
+                                host, port,
+                                "?timeout=%d&verify=%d",
+                                rt->stimeout, rt->verify);
+            }
+        } else {
+            ff_url_join(tcpname, sizeof(tcpname), lower_rtsp_proto, NULL,
+                        host, port,
+                        "?timeout=%d", rt->stimeout);
+        }
+        av_log(NULL, AV_LOG_INFO, "tcpname='%s'\n", tcpname);
+
         if ((ret = ffurl_open_whitelist(&rt->rtsp_hd, tcpname, AVIO_FLAG_READ_WRITE,
                        &s->interrupt_callback, NULL, s->protocol_whitelist, s->protocol_blacklist, NULL)) < 0) {
             err = ret;
diff -x '*.[oda]' -Naur ffmpeg-3.1.3/libavformat/rtsp.h ffmpeg-3.1.3_patched/libavformat/rtsp.h
--- ffmpeg-3.1.3/libavformat/rtsp.h	2016-06-26 19:54:30.000000000 -0400
+++ ffmpeg-3.1.3_patched/libavformat/rtsp.h	2016-09-22 17:04:48.000000000 -0400
@@ -408,6 +408,9 @@

     char default_lang[4];
     int buffer_size;
+
+    char *ca_file;
+    int verify;
 } RTSPState;

 #define RTSP_FLAG_FILTER_SRC  0x1    /**< Filter incoming UDP packets -
diff -x '*.[oda]' -Naur ffmpeg-3.1.3/libavformat/tls_openssl.c ffmpeg-3.1.3_patched/libavformat/tls_openssl.c
--- ffmpeg-3.1.3/libavformat/tls_openssl.c	2016-06-26 19:54:30.000000000 -0400
+++ ffmpeg-3.1.3_patched/libavformat/tls_openssl.c	2016-09-23 11:38:19.000000000 -0400
@@ -283,6 +283,12 @@
     return print_tls_error(h, ret);
 }

+static int tls_get_file_handle(URLContext *h)
+{
+    TLSContext *c = h->priv_data;
+    return ffurl_get_file_handle(c->tls_shared.tcp);
+}
+
 static const AVOption options[] = {
     TLS_COMMON_OPTIONS(TLSContext, tls_shared),
     { NULL }
@@ -301,6 +307,7 @@
     .url_read       = tls_read,
     .url_write      = tls_write,
     .url_close      = tls_close,
+    .url_get_file_handle = tls_get_file_handle,
     .priv_data_size = sizeof(TLSContext),
     .flags          = URL_PROTOCOL_FLAG_NETWORK,
     .priv_data_class = &tls_class,
	diff -x '*.[oda]' -Naur ffmpeg-3.1.3/libavformat/rtsp.c ffmpeg-3.1.3_patched/libavformat/rtsp.c
	--- ffmpeg-3.1.3/libavformat/rtsp.c 2016-06-26 19:54:30.000000000 -0400
	+++ ffmpeg-3.1.3_patched/libavformat/rtsp.c 2016-09-23 11:36:51.000000000 -0400
	@@ -97,6 +97,8 @@
	{ "stimeout", "set timeout (in microseconds) of socket TCP I/O operations", OFFSET(stimeout), AV_OPT_TYPE_INT, {.i64 = 0}, INT_MIN, INT_MAX, DEC },
	COMMON_OPTS(),
	{ "user-agent", "override User-Agent header", OFFSET(user_agent), AV_OPT_TYPE_STRING, {.str = LIBAVFORMAT_IDENT}, 0, 0, DEC },
	+ { "ca_file", "Certificate Authority database file", OFFSET(ca_file), AV_OPT_TYPE_STRING, {.str = NULL}, 0, 0, DEC\|ENC },
	+ { "tls_verify", "Verify the peer certificate", OFFSET(verify), AV_OPT_TYPE_INT, {.i64 = 0}, 0, 1, DEC\|ENC},
	{ NULL },
	};

	@@ -1803,9 +1805,25 @@
	} else {
	int ret;
	/* open the tcp connection */
	- ff_url_join(tcpname, sizeof(tcpname), lower_rtsp_proto, NULL,
	- host, port,
	- "?timeout=%d", rt->stimeout);
	+ if (strncmp("tls", lower_rtsp_proto, 3) == 0) {
	+ if (rt->ca_file != NULL) {
	+ ff_url_join(tcpname, sizeof(tcpname), lower_rtsp_proto, NULL,
	+ host, port,
	+ "?timeout=%d&verify=%d&cafile=%s",
	+ rt->stimeout, rt->verify, rt->ca_file);
	+ } else {
	+ ff_url_join(tcpname, sizeof(tcpname), lower_rtsp_proto, NULL,
	+ host, port,
	+ "?timeout=%d&verify=%d",
	+ rt->stimeout, rt->verify);
	+ }
	+ } else {
	+ ff_url_join(tcpname, sizeof(tcpname), lower_rtsp_proto, NULL,
	+ host, port,
	+ "?timeout=%d", rt->stimeout);
	+ }
	+ av_log(NULL, AV_LOG_INFO, "tcpname='%s'\n", tcpname);
	+
	if ((ret = ffurl_open_whitelist(&rt->rtsp_hd, tcpname, AVIO_FLAG_READ_WRITE,
	&s->interrupt_callback, NULL, s->protocol_whitelist, s->protocol_blacklist, NULL)) < 0) {
	err = ret;
	diff -x '*.[oda]' -Naur ffmpeg-3.1.3/libavformat/rtsp.h ffmpeg-3.1.3_patched/libavformat/rtsp.h
	--- ffmpeg-3.1.3/libavformat/rtsp.h 2016-06-26 19:54:30.000000000 -0400
	+++ ffmpeg-3.1.3_patched/libavformat/rtsp.h 2016-09-22 17:04:48.000000000 -0400
	@@ -408,6 +408,9 @@

	char default_lang[4];
	int buffer_size;
	+
	+ char *ca_file;
	+ int verify;
	} RTSPState;

	#define RTSP_FLAG_FILTER_SRC 0x1 /**< Filter incoming UDP packets -
	diff -x '*.[oda]' -Naur ffmpeg-3.1.3/libavformat/tls_openssl.c ffmpeg-3.1.3_patched/libavformat/tls_openssl.c
	--- ffmpeg-3.1.3/libavformat/tls_openssl.c 2016-06-26 19:54:30.000000000 -0400
	+++ ffmpeg-3.1.3_patched/libavformat/tls_openssl.c 2016-09-23 11:38:19.000000000 -0400
	@@ -283,6 +283,12 @@
	return print_tls_error(h, ret);
	}

	+static int tls_get_file_handle(URLContext *h)
	+{
	+ TLSContext *c = h->priv_data;
	+ return ffurl_get_file_handle(c->tls_shared.tcp);
	+}
	+
	static const AVOption options[] = {
	TLS_COMMON_OPTIONS(TLSContext, tls_shared),
	{ NULL }
	@@ -301,6 +307,7 @@
	.url_read = tls_read,
	.url_write = tls_write,
	.url_close = tls_close,
	+ .url_get_file_handle = tls_get_file_handle,
	.priv_data_size = sizeof(TLSContext),
	.flags = URL_PROTOCOL_FLAG_NETWORK,
	.priv_data_class = &tls_class,