rename authMethods into rtspAuthMethods

2 years ago · da032333e9
9 changed files with 45 additions and 42 deletions
--- a/apidocs/openapi.yaml
+++ b/apidocs/openapi.yaml
@ -97,7 +97,7 @@ components:
				@@ -97,7 +97,7 @@ components:
          type: string
        serverCert:
          type: string
-        authMethods:
+        rtspAuthMethods:
          type: array
          items:
            type: string
--- a/internal/conf/conf.go
+++ b/internal/conf/conf.go
@ -111,20 +111,21 @@ type Conf struct {
				@@ -111,20 +111,21 @@ type Conf struct {
 	PlaybackAddress string `json:"playbackAddress"`

 	// RTSP server
-	RTSP              bool        `json:"rtsp"`
-	RTSPDisable       *bool       `json:"rtspDisable,omitempty"` // deprecated
-	Protocols         Protocols   `json:"protocols"`
-	Encryption        Encryption  `json:"encryption"`
-	RTSPAddress       string      `json:"rtspAddress"`
-	RTSPSAddress      string      `json:"rtspsAddress"`
-	RTPAddress        string      `json:"rtpAddress"`
-	RTCPAddress       string      `json:"rtcpAddress"`
-	MulticastIPRange  string      `json:"multicastIPRange"`
-	MulticastRTPPort  int         `json:"multicastRTPPort"`
-	MulticastRTCPPort int         `json:"multicastRTCPPort"`
-	ServerKey         string      `json:"serverKey"`
-	ServerCert        string      `json:"serverCert"`
-	AuthMethods       AuthMethods `json:"authMethods"`
+	RTSP              bool             `json:"rtsp"`
+	RTSPDisable       *bool            `json:"rtspDisable,omitempty"` // deprecated
+	Protocols         Protocols        `json:"protocols"`
+	Encryption        Encryption       `json:"encryption"`
+	RTSPAddress       string           `json:"rtspAddress"`
+	RTSPSAddress      string           `json:"rtspsAddress"`
+	RTPAddress        string           `json:"rtpAddress"`
+	RTCPAddress       string           `json:"rtcpAddress"`
+	MulticastIPRange  string           `json:"multicastIPRange"`
+	MulticastRTPPort  int              `json:"multicastRTPPort"`
+	MulticastRTCPPort int              `json:"multicastRTCPPort"`
+	ServerKey         string           `json:"serverKey"`
+	ServerCert        string           `json:"serverCert"`
+	AuthMethods       *RTSPAuthMethods `json:"authMethods,omitempty"` // deprecated
+	RTSPAuthMethods   RTSPAuthMethods  `json:"rtspAuthMethods"`

 	// RTMP server
 	RTMP           bool       `json:"rtmp"`
@ -226,7 +227,7 @@ func (conf *Conf) setDefaults() {
				@@ -226,7 +227,7 @@ func (conf *Conf) setDefaults() {
 	conf.MulticastRTCPPort = 8003
 	conf.ServerKey = "server.key"
 	conf.ServerCert = "server.crt"
-	conf.AuthMethods = AuthMethods{headers.AuthBasic}
+	conf.RTSPAuthMethods = RTSPAuthMethods{headers.AuthBasic}

 	// RTMP server
 	conf.RTMP = true
@ -366,10 +367,6 @@ func (conf *Conf) Validate() error {
				@@ -366,10 +367,6 @@ func (conf *Conf) Validate() error {
 			!strings.HasPrefix(conf.ExternalAuthenticationURL, "https://") {
 			return fmt.Errorf("'externalAuthenticationURL' must be a HTTP URL")
 		}
-
-		if contains(conf.AuthMethods, headers.AuthDigestMD5) {
-			return fmt.Errorf("'externalAuthenticationURL' can't be used when 'digest' is in authMethods")
-		}
 	}

 	// RTSP
@ -385,6 +382,12 @@ func (conf *Conf) Validate() error {
				@@ -385,6 +382,12 @@ func (conf *Conf) Validate() error {
 			return fmt.Errorf("strict encryption can't be used with the UDP-multicast transport protocol")
 		}
 	}
+	if conf.AuthMethods != nil {
+		conf.RTSPAuthMethods = *conf.AuthMethods
+	}
+	if conf.ExternalAuthenticationURL != "" && contains(conf.RTSPAuthMethods, headers.AuthDigestMD5) {
+		return fmt.Errorf("'externalAuthenticationURL' can't be used when 'digest' is in authMethods")
+	}

 	// RTMP

--- a/internal/conf/path.go
+++ b/internal/conf/path.go
@ -393,7 +393,7 @@ func (pconf *Path) validate(conf *Conf, name string) error {
				@@ -393,7 +393,7 @@ func (pconf *Path) validate(conf *Conf, name string) error {
 		(pconf.ReadUser == "" && pconf.ReadPass != "") {
 		return fmt.Errorf("read username and password must be both filled")
 	}
-	if contains(conf.AuthMethods, headers.AuthDigestMD5) {
+	if contains(conf.RTSPAuthMethods, headers.AuthDigestMD5) {
 		if pconf.PublishUser.IsHashed() ||
 			pconf.PublishPass.IsHashed() ||
 			pconf.ReadUser.IsHashed() ||
--- a/internal/conf/rtsp_auth_methods.go
+++ b/internal/conf/rtsp_auth_methods.go
@ -9,11 +9,11 @@ import (
				@@ -9,11 +9,11 @@ import (
 	"github.com/bluenviron/gortsplib/v4/pkg/headers"
 )

-// AuthMethods is the authMethods parameter.
-type AuthMethods []headers.AuthMethod
+// RTSPAuthMethods is the rtspAuthMethods parameter.
+type RTSPAuthMethods []headers.AuthMethod

 // MarshalJSON implements json.Marshaler.
-func (d AuthMethods) MarshalJSON() ([]byte, error) {
+func (d RTSPAuthMethods) MarshalJSON() ([]byte, error) {
 	out := make([]string, len(d))

 	for i, v := range d {
@ -35,7 +35,7 @@ func (d AuthMethods) MarshalJSON() ([]byte, error) {
				@@ -35,7 +35,7 @@ func (d AuthMethods) MarshalJSON() ([]byte, error) {
 }

 // UnmarshalJSON implements json.Unmarshaler.
-func (d *AuthMethods) UnmarshalJSON(b []byte) error {
+func (d *RTSPAuthMethods) UnmarshalJSON(b []byte) error {
 	var in []string
 	if err := json.Unmarshal(b, &in); err != nil {
 		return err
@ -60,7 +60,7 @@ func (d *AuthMethods) UnmarshalJSON(b []byte) error {
				@@ -60,7 +60,7 @@ func (d *AuthMethods) UnmarshalJSON(b []byte) error {
 }

 // UnmarshalEnv implements env.Unmarshaler.
-func (d *AuthMethods) UnmarshalEnv(_ string, v string) error {
+func (d *RTSPAuthMethods) UnmarshalEnv(_ string, v string) error {
 	byts, _ := json.Marshal(strings.Split(v, ","))
 	return d.UnmarshalJSON(byts)
 }
--- a/internal/core/auth.go
+++ b/internal/core/auth.go
@ -61,7 +61,7 @@ func doExternalAuthentication(
				@@ -61,7 +61,7 @@ func doExternalAuthentication(

 func doAuthentication(
 	externalAuthenticationURL string,
-	rtspAuthMethods conf.AuthMethods,
+	rtspAuthMethods conf.RTSPAuthMethods,
 	pathConf *conf.Path,
 	accessRequest defs.PathAccessRequest,
 ) error {
--- a/internal/core/auth_test.go
+++ b/internal/core/auth_test.go
@ -76,7 +76,7 @@ func (ts *testHTTPAuthenticator) close() {
				@@ -76,7 +76,7 @@ func (ts *testHTTPAuthenticator) close() {
 func TestAuthSha256(t *testing.T) {
 	err := doAuthentication(
 		"",
-		conf.AuthMethods{headers.AuthBasic},
+		conf.RTSPAuthMethods{headers.AuthBasic},
 		&conf.Path{
 			PublishUser: conf.Credential("sha256:rl3rgi4NcZkpAEcacZnQ2VuOfJ0FxAqCRaKB/SwdZoQ="),
 			PublishPass: conf.Credential("sha256:E9JJ8stBJ7QM+nV4ZoUCeHk/gU3tPFh/5YieiJp6n2w="),
@ -102,7 +102,7 @@ func TestAuthSha256(t *testing.T) {
				@@ -102,7 +102,7 @@ func TestAuthSha256(t *testing.T) {
 func TestAuthArgon2(t *testing.T) {
 	err := doAuthentication(
 		"",
-		conf.AuthMethods{headers.AuthBasic},
+		conf.RTSPAuthMethods{headers.AuthBasic},
 		&conf.Path{
 			PublishUser: conf.Credential(
 				"argon2:$argon2id$v=19$m=4096,t=3,p=1$MTIzNDU2Nzg$Ux/LWeTgJQPyfMMJo1myR64+o8rALHoPmlE1i/TR+58"),
@ -134,7 +134,7 @@ func TestAuthExternal(t *testing.T) {
				@@ -134,7 +134,7 @@ func TestAuthExternal(t *testing.T) {

 	err := doAuthentication(
 		"http://127.0.0.1:9120/auth",
-		conf.AuthMethods{headers.AuthBasic},
+		conf.RTSPAuthMethods{headers.AuthBasic},
 		&conf.Path{},
 		defs.PathAccessRequest{
 			Name:        "teststream",
--- a/internal/core/core.go
+++ b/internal/core/core.go
@ -336,7 +336,7 @@ func (p *Core) createResources(initial bool) error {
				@@ -336,7 +336,7 @@ func (p *Core) createResources(initial bool) error {
 			logLevel:                  p.conf.LogLevel,
 			externalAuthenticationURL: p.conf.ExternalAuthenticationURL,
 			rtspAddress:               p.conf.RTSPAddress,
-			authMethods:               p.conf.AuthMethods,
+			rtspAuthMethods:           p.conf.RTSPAuthMethods,
 			readTimeout:               p.conf.ReadTimeout,
 			writeTimeout:              p.conf.WriteTimeout,
 			writeQueueSize:            p.conf.WriteQueueSize,
@ -361,7 +361,7 @@ func (p *Core) createResources(initial bool) error {
				@@ -361,7 +361,7 @@ func (p *Core) createResources(initial bool) error {

 		i := &rtsp.Server{
 			Address:             p.conf.RTSPAddress,
-			AuthMethods:         p.conf.AuthMethods,
+			AuthMethods:         p.conf.RTSPAuthMethods,
 			ReadTimeout:         p.conf.ReadTimeout,
 			WriteTimeout:        p.conf.WriteTimeout,
 			WriteQueueSize:      p.conf.WriteQueueSize,
@ -401,7 +401,7 @@ func (p *Core) createResources(initial bool) error {
				@@ -401,7 +401,7 @@ func (p *Core) createResources(initial bool) error {
 		p.rtspsServer == nil {
 		i := &rtsp.Server{
 			Address:             p.conf.RTSPSAddress,
-			AuthMethods:         p.conf.AuthMethods,
+			AuthMethods:         p.conf.RTSPAuthMethods,
 			ReadTimeout:         p.conf.ReadTimeout,
 			WriteTimeout:        p.conf.WriteTimeout,
 			WriteQueueSize:      p.conf.WriteQueueSize,
@ -659,7 +659,7 @@ func (p *Core) closeResources(newConf *conf.Conf, calledByAPI bool) {
				@@ -659,7 +659,7 @@ func (p *Core) closeResources(newConf *conf.Conf, calledByAPI bool) {
 		newConf.LogLevel != p.conf.LogLevel ||
 		newConf.ExternalAuthenticationURL != p.conf.ExternalAuthenticationURL ||
 		newConf.RTSPAddress != p.conf.RTSPAddress ||
-		!reflect.DeepEqual(newConf.AuthMethods, p.conf.AuthMethods) ||
+		!reflect.DeepEqual(newConf.RTSPAuthMethods, p.conf.RTSPAuthMethods) ||
 		newConf.ReadTimeout != p.conf.ReadTimeout ||
 		newConf.WriteTimeout != p.conf.WriteTimeout ||
 		newConf.WriteQueueSize != p.conf.WriteQueueSize ||
@ -674,7 +674,7 @@ func (p *Core) closeResources(newConf *conf.Conf, calledByAPI bool) {
				@@ -674,7 +674,7 @@ func (p *Core) closeResources(newConf *conf.Conf, calledByAPI bool) {
 		newConf.RTSP != p.conf.RTSP ||
 		newConf.Encryption != p.conf.Encryption ||
 		newConf.RTSPAddress != p.conf.RTSPAddress ||
-		!reflect.DeepEqual(newConf.AuthMethods, p.conf.AuthMethods) ||
+		!reflect.DeepEqual(newConf.RTSPAuthMethods, p.conf.RTSPAuthMethods) ||
 		newConf.ReadTimeout != p.conf.ReadTimeout ||
 		newConf.WriteTimeout != p.conf.WriteTimeout ||
 		newConf.WriteQueueSize != p.conf.WriteQueueSize ||
@ -697,7 +697,7 @@ func (p *Core) closeResources(newConf *conf.Conf, calledByAPI bool) {
				@@ -697,7 +697,7 @@ func (p *Core) closeResources(newConf *conf.Conf, calledByAPI bool) {
 		newConf.RTSP != p.conf.RTSP ||
 		newConf.Encryption != p.conf.Encryption ||
 		newConf.RTSPSAddress != p.conf.RTSPSAddress ||
-		!reflect.DeepEqual(newConf.AuthMethods, p.conf.AuthMethods) ||
+		!reflect.DeepEqual(newConf.RTSPAuthMethods, p.conf.RTSPAuthMethods) ||
 		newConf.ReadTimeout != p.conf.ReadTimeout ||
 		newConf.WriteTimeout != p.conf.WriteTimeout ||
 		newConf.WriteQueueSize != p.conf.WriteQueueSize ||
--- a/internal/core/path_manager.go
+++ b/internal/core/path_manager.go
@ -50,7 +50,7 @@ type pathManager struct {
				@@ -50,7 +50,7 @@ type pathManager struct {
 	logLevel                  conf.LogLevel
 	externalAuthenticationURL string
 	rtspAddress               string
-	authMethods               conf.AuthMethods
+	rtspAuthMethods           conf.RTSPAuthMethods
 	readTimeout               conf.StringDuration
 	writeTimeout              conf.StringDuration
 	writeQueueSize            int
@ -236,7 +236,7 @@ func (pm *pathManager) doFindPathConf(req defs.PathFindPathConfReq) {
				@@ -236,7 +236,7 @@ func (pm *pathManager) doFindPathConf(req defs.PathFindPathConfReq) {
 		return
 	}

-	err = doAuthentication(pm.externalAuthenticationURL, pm.authMethods,
+	err = doAuthentication(pm.externalAuthenticationURL, pm.rtspAuthMethods,
 		pathConf, req.AccessRequest)
 	if err != nil {
 		req.Res <- defs.PathFindPathConfRes{Err: err}
@ -253,7 +253,7 @@ func (pm *pathManager) doDescribe(req defs.PathDescribeReq) {
				@@ -253,7 +253,7 @@ func (pm *pathManager) doDescribe(req defs.PathDescribeReq) {
 		return
 	}

-	err = doAuthentication(pm.externalAuthenticationURL, pm.authMethods,
+	err = doAuthentication(pm.externalAuthenticationURL, pm.rtspAuthMethods,
 		pathConf, req.AccessRequest)
 	if err != nil {
 		req.Res <- defs.PathDescribeRes{Err: err}
@ -276,7 +276,7 @@ func (pm *pathManager) doAddReader(req defs.PathAddReaderReq) {
				@@ -276,7 +276,7 @@ func (pm *pathManager) doAddReader(req defs.PathAddReaderReq) {
 	}

 	if !req.AccessRequest.SkipAuth {
-		err = doAuthentication(pm.externalAuthenticationURL, pm.authMethods,
+		err = doAuthentication(pm.externalAuthenticationURL, pm.rtspAuthMethods,
 			pathConf, req.AccessRequest)
 		if err != nil {
 			req.Res <- defs.PathAddReaderRes{Err: err}
@ -300,7 +300,7 @@ func (pm *pathManager) doAddPublisher(req defs.PathAddPublisherReq) {
				@@ -300,7 +300,7 @@ func (pm *pathManager) doAddPublisher(req defs.PathAddPublisherReq) {
 	}

 	if !req.AccessRequest.SkipAuth {
-		err = doAuthentication(pm.externalAuthenticationURL, pm.authMethods,
+		err = doAuthentication(pm.externalAuthenticationURL, pm.rtspAuthMethods,
 			pathConf, req.AccessRequest)
 		if err != nil {
 			req.Res <- defs.PathAddPublisherRes{Err: err}
--- a/mediamtx.yml
+++ b/mediamtx.yml
@ -118,7 +118,7 @@ serverKey: server.key
				@@ -118,7 +118,7 @@ serverKey: server.key
 serverCert: server.crt
 # Authentication methods. Available are "basic" and "digest".
 # "digest" doesn't provide any additional security and is available for compatibility reasons only.
-authMethods: [basic]
+rtspAuthMethods: [basic]

 ###############################################
 # Global settings -> RTMP server