Commit e577c43b authored by Erik Janssen's avatar Erik Janssen Committed by Daniel Stenberg
Browse files

rtsp: accept any RTSP session id 

Makes libcurl work in communication with gstreamer-based RTSP
servers. The original code validates the session id to be in accordance
with the RFC. I think it is better not to do that:

- For curl the actual content is a don't care.

- The clarity of the RFC is debatable, is $ allowed or only as \$, that
  is imho not clear

- Gstreamer seems to url-encode the session id but % is not allowed by
the RFC

- less code

With this patch curl will correctly handle real-life lines like:
Session: biTN4Kc.8%2B1w-AF.; timeout=60

Bug: https://curl.haxx.se/mail/lib-2016-08/0076.html
parent 85e63bcf

lib/rtsp.c

+7 −11
Original line number Original line Diff line number Diff line
@@ -796,19 +796,15 @@ CURLcode Curl_rtsp_parseheader(struct connectdata *conn, 
      }

      }

    }

    }

    else {

    else {

      /* If the Session ID is not set, and we find it in a response, then

      /* If the Session ID is not set, and we find it in a response, then set

         set it */

       * it.



      /* The session ID can be an alphanumeric or a 'safe' character

       *

       *

       * RFC 2326 15.1 Base Syntax:

       * Allow any content, up to the field seperator or end of line. RFC 2326

       * safe =  "\$" | "-" | "_" | "." | "+"

       * isn't 100% clear on the session ID and for example gstreamer does

       * */

       * url-encoded session ID's not covered by the standard.

       */

      char *end = start;

      char *end = start;

      while(*end &&

      while(*end && *end != ';')

            (ISALNUM(*end) || *end == '-' || *end == '_' || *end == '.' ||

             *end == '+' ||

             (*end == '\\' && *(end + 1) && *(end + 1) == '$' && (++end, 1))))

        end++;

        end++;





      /* Copy the id substring into a new buffer */

      /* Copy the id substring into a new buffer */