RTSP: Use the same authentication for the HTTP POST session as for the GET

Originally committed as revision 23686 to svn://svn.ffmpeg.org/ffmpeg/trunk

1 files changed, 18 insertions, 0 deletions

diff --git a/libavformat/rtsp.c b/libavformat/rtsp.c
index 9801fc9a80..fe64a5dd70 100644
--- a/libavformat/rtsp.c
+++ b/libavformat/rtsp.c
@@ -1616,6 +1616,24 @@ redirect:
         ff_http_set_headers(rt->rtsp_hd_out, headers);
         ff_http_set_chunked_transfer_encoding(rt->rtsp_hd_out, 0);
 
+        /* Initialize the authentication state for the POST session. The HTTP
+         * protocol implementation doesn't properly handle multi-pass
+         * authentication for POST requests, since it would require one of
+         * the following:
+         * - implementing Expect: 100-continue, which many HTTP servers
+         *   don't support anyway, even less the RTSP servers that do HTTP
+         *   tunneling
+         * - sending the whole POST data until getting a 401 reply specifying
+         *   what authentication method to use, then resending all that data
+         * - waiting for potential 401 replies directly after sending the
+         *   POST header (waiting for some unspecified time)
+         * Therefore, we copy the full auth state, which works for both basic
+         * and digest. (For digest, we would have to synchronize the nonce
+         * count variable between the two sessions, if we'd do more requests
+         * with the original session, though.)
+         */
+        ff_http_init_auth_state(rt->rtsp_hd_out, rt->rtsp_hd);
+
     } else {
         /* open the tcp connection */
         ff_url_join(tcpname, sizeof(tcpname), "tcp", NULL, host, port, NULL);