mxpi_rtspsrc

  • Perform the following steps before using the encrypted transmission function of the stream pulling plugin:
    1. Install the libgiognutls.so file.
    2. Set the GIO_MODULE_DIR environment variable, that is, the folder path where the libgiognutls.so file is located.
    3. Configure the tlsCertFilePathList and tlsValidationFlags properties of the stream pulling plugin during pipeline compilation.
  • Encrypted login is recommended because non-encrypted login has security risks.
    For encrypted login, encrypt the user name and password and then save them to the developed application. When Vision SDK is used to build a pipeline, decrypt them and then call CreateMultipleStreams for build.
    • If the configuration file is used as the pipeline template, replace sensitive parameter information with ${xxxx} in the configuration file (xxxx indicates the parameter name). The sensitive information includes the user name and password in rtspurl and passwords in tlsCertFilePathList. When using Vision SDK to build a pipeline, read the file content, decrypt the file content, and replace ${xxxx} with the user name and password, and call CreateMultipleStreams for streaming.
    • If the user name and certificate password are written in plaintext in the configuration file, information leakage may occur. Keep the user name and password secure. Perform URL-encoding on special characters contained in the key. For example, username:pass@word@xxx.xxx.xxx.xxx:xxx/xxx must be written as username:pass %40word@xxx.xxx.xxx.xxx:xxx/xxx (the URL encoding of @ is %40).
    • The stream pulling plugin element takes root <<user@hostname.org>> as the template provider information by default.
  • libmxpi_rtspvideoinfo.so in lib/plugins in the installation path of the Vision SDK package is the dependency of the mxpi_rtspsrc plugin and cannot be used independently.
  • When you download the gst-launch-1.0 execution plugin, run the -q command to disable input parameter printing to prevent sensitive information leakage.

Function

Receives the input video path of the external calling API, pulls video streams, stores the pulled raw stream in the buffer, and sends the data to the downstream plugin.

Constraints

Currently, only H.264 and H.265 stream pulling is supported, and the encrypted transmission function supports only the password-based certificate private key.

Plugin Base Class (Factory)

mxpi_rtspsrc

Input/Output

  • Input: none
  • Dynamic output: buffer (data type: MxpiBuffer), metadata (data type: MxpiFrame)

Property

For details, see Table 1.

Table 1 mxpi_rtspsrc plugin properties

Property Name

Description

Mandatory or Not

Modifiable or Not

rtspUrl

URL for obtaining RTSP streams. You can obtain the streams from the network camera or use a tool such as LIVE555 to convert local video files into RTSP streams.

Yes

Yes

channelId

Number of channels for video stream pulling. The default value is 0.

No

Yes

timeout

If no stream is pulled for a period of time (timeout), the stream pulling will stop. The default value is 0.

No

Yes

fpsMode

Whether to print the stream pulling frame rate. The value can only be 0 or 1.
  • 0 (default value): Do not print the frame rate.
  • 1: Print the frame rate.

If the stream address of the first stream pulling is invalid, the frame rate is not printed even if it is set to 1.

No

Yes

tlsValidationFlags

TLS certificate verification flag used to verify services. This parameter does not take effect in RTSP scenarios. The options are as follows:
  • 1 (0x00000001): unknown-ca
  • 2 (0x00000002): bad-identity
  • 4 (0x00000004): not-activated
  • 8 (0x00000008): expired
  • 16 (0x00000010): revoked
  • 32 (0x00000020): insecure
  • 64 (0x00000040): generic-error
  • 127 (0x0000007f): validate-all

No

Yes

tlsCertFilePathList

Input CertCrt, CertKey, CaCert, Token, and Crl in sequence and separate them with commas (,). The default value is empty. This parameter does not take effect in RTSP scenarios. (The permission on the certificate and key files must be set to 400.)
  • CertCrt: local (client) certificate path.
  • CertKey: path for storing the private key of the local (client) certificate.
  • CaCert: path for storing the server CA certificate.
  • Token: password for decrypting the encrypted private key on the local host (client).
  • Crl: server certificate revocation list (CRL). This item is optional. If this parameter is not set, the plugin does not check whether the server certificate is revoked.

No

Yes

async-handling

Handles asynchronous status.

No

Yes

message-forward

Forwards all sub-messages.

No

Yes

Plugin Example

  • The RTSP address is added to rtspUrl, which requires to enter the user name and password. The example displayed is in encrypted mode.
  • server.crt, server.key, ca.crt, and server.crl are added to tlsCertFilePathList. For details about how to generate and create certificates, see Self-signed Certificate Creation Methods.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
"mxpi_rtspsrc0": {
 "factory": "mxpi_rtspsrc",
 "props": {
  "rtspUrl": "rtsps://username:password@xxx.xxx.xxx.xxx:xxx/xxx",
  "channelId": "0",
  "tlsValidationFlags": "127",
  "tlsCertFilePathList": "xxx/server.crt,xxx/server.key,xxx/ca.crt,<cert_password>,xxx/server.crl",
  "fpsMode": "1"
 },
 "next": "mxpi_videodecoder0"
},