summaryrefslogtreecommitdiff
path: root/libavformat/tls_gnutls.c
Commit message (Collapse)AuthorAgeFilesLines
* avformat/gnutls: Use the systems default crypto policyAndreas Schneider2022-02-151-1/+1
| | | | | | | | We should use the systems crypto policy by default. If there is no system policy, gnutls will use the "NORMAL" policy. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Signed-off-by: Anton Khirnov <anton@khirnov.net>
* tls_gnutls: Print the underlying IO error message and pass the error code ↵Martin Storsjö2021-04-011-9/+21
| | | | | | through Signed-off-by: Martin Storsjö <martin@martin.st>
* tls: Hook up the url_get_short_seek function in the TLS backendsMartin Storsjö2020-11-051-0/+7
| | | | | | | This makes sure that small seeks forward on https don't end up doing new requests. Signed-off-by: Martin Storsjö <martin@martin.st>
* avformat: Replace ffurl_close() by ffurl_closep() where appropriateAndreas Rheinhardt2020-05-251-2/+1
| | | | | | | | | | It avoids leaving dangling pointers behind in memory. Also remove redundant checks for whether the URLContext to be closed is already NULL. Reviewed-by: Anton Khirnov <anton@khirnov.net> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
* lavf/tls_gnutls: check for interrupt inside handshake loopBłażej Szczygieł2020-04-211-0/+5
| | | | | | fixes #8080 Signed-off-by: Błażej Szczygieł <spaz16@wp.pl>
* lavf/tls_gnutls: retry gnutls_handshake on non fatal errorsRemita Amine2019-06-141-5/+7
| | | | | | fixes #7801 Signed-off-by: Remita Amine <remitamine@gmail.com>
* lavc, lavf: move avformat static mutex from avcodec to avformatwm42017-12-261-4/+4
| | | | | | | | It's completely absurd that libavcodec would care about libavformat locking, but it was there because the lock manager was in libavcodec. This is more stright forward. Changes ABI, but we don't require ABI compatibility currently.
* Merge commit 'eb061ad6fd0e3cea7cf7cfbff0749bc90dd7d888'James Almer2017-11-021-4/+19
|\ | | | | | | | | | | | | * commit 'eb061ad6fd0e3cea7cf7cfbff0749bc90dd7d888': tls_gnutls: Readd support for nonblocking operation Merged-by: James Almer <jamrial@gmail.com>
| * tls_gnutls: Readd support for nonblocking operationMartin Storsjö2017-06-201-4/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The rtmp protocol uses nonblocking reads, to poll for incoming messages from the server while publishing a stream. Prior to 94599a6de3822b13c94096d764868128f388ba28 and d13b124eaf452b267480074b2e6946538ed03a6e, the tls protocol handled the nonblocking flag, mostly as a side effect from not using custom IO callbacks for reading from the socket. When custom IO callbacks were taken into use in d15eec4d6bdfa3bd4c4b5b7dd2dbd699ba253d02, the handling of a nonblocking socket wasn't necessary for the default blocking mode any longer. The code was simplified, since it was overlooked that other code within libavformat actually used the tls protocol in nonblocking mode. This fixes publishing over rtmps, with the gnutls backend. Signed-off-by: Martin Storsjö <martin@martin.st>
* | Merge commit '61cec5adaacb358783c18aa07362f15824c1b274'James Almer2017-11-011-1/+1
|\ \ | |/ | | | | | | | | | | | | | | | | * commit '61cec5adaacb358783c18aa07362f15824c1b274': tls: Hide backend implementation details from users Also includes ed434be106a4615e0419b3ac7664220741afda2d Changes were made to support schannel and securetransport. Merged-by: James Almer <jamrial@gmail.com>
| * tls: Hide backend implementation details from usersDiego Biurrun2017-06-021-1/+1
| | | | | | | | | | | | | | | | TLS is currently implemented over either OpenSSL or GnuTLS, with more backends likely to appear in the future. Currently, those backend libraries are part of the protocol names used during e.g. the configure stage of a build. Hide those details behind a generically-named declaration for the TLS protocol to avoid leaking those details into the configuration stage.
| * build: Drop gcrypt supportDiego Biurrun2016-11-251-10/+0
| | | | | | | | GnuTLS in combination with gcrypt has been deprecated since 2010.
* | lavf/tls_gnutls: fix warnings from version checkMoritz Barsnick2017-09-261-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The GnuTLS version is checked through the macro GNUTLS_VERSION_NUMBER, but this wasn't introduced before 2.7.2. Building with older versions of GnuTLS (using icc) warns: src/libavformat/tls_gnutls.c(38): warning #193: zero used for undefined preprocessing identifier "GNUTLS_VERSION_NUMBER" #if HAVE_THREADS && GNUTLS_VERSION_NUMBER <= 0x020b00 This adds a fallback to the older, deprecated LIBGNUTLS_VERSION_NUMBER macro. Signed-off-by: Moritz Barsnick <barsnick@gmx.net>
* | lavf/tls_gnutls: fix compilation with GnuTLS 2.xMoritz Barsnick2017-09-261-0/+2
| | | | | | | | | | | | | | | | Commit 598e41684066feba701d19ca7443d24b9e5efa77 added use of GNUTLS_E_PREMATURE_TERMINATION, which wasn't introduced to GnuTLS before 2.99.x / 3.x. This fixes compilation with older versions. Signed-off-by: Moritz Barsnick <barsnick@gmx.net>
* | GnuTLS: eat PREMATURE_TERMINATION errorTatsuyuki Ishi2017-09-211-0/+1
| | | | | | | | | | | | | | | | | | | | | | GnuTLS is too strict on the SSL shutdown alert, and it's neither mandatory in the spec or critical. As it's ignored in OpenSSL, we should also suppress it in GnuTLS as well. Ticket: #6667 Reviewed-by: wm4 <nfxjfg@googlemail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* | avformat/tls: add tls url_get_file_handleJay Ridgeway2016-12-171-0/+7
| | | | | | | | | | | | Support url_get_file_handle on TLS streams. Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* | Merge commit '2758cdedfb7ac61f8b5e4861f99218b6fd43491d'Derek Buitenhuis2016-02-291-1/+1
|\ \ | |/ | | | | | | | | | | | | | | | | | | This commit also disables the async fate test, because it used internal APIs in a non-kosher way, which no longer exists. * commit '2758cdedfb7ac61f8b5e4861f99218b6fd43491d': lavf: reorganize URLProtocols Merged-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
| * lavf: reorganize URLProtocolsAnton Khirnov2016-02-221-1/+1
| | | | | | | | | | | | | | | | | | | | Instead of a linked list constructed at av_register_all(), store them in a constant array of pointers. Since no registration is necessary now, this removes some global state from lavf. This will also allow the urlprotocol layer caller to limit the available protocols in a simple and flexible way in the following commits.
| * tls_gnutls: fix hang on disconnectionwm42015-06-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | GNUTLS_SHUT_RDWR means GnuTLS will keep waiting for the server's termination reply. But since we don't shutdown the TCP connection at this point yet, GnuTLS will just keep skipping actual data from the server, which basically is perceived as hang. Use GNUTLS_SHUT_WR instead, which doesn't have this problem. Signed-off-by: Martin Storsjö <martin@martin.st>
* | avformat/tls_gnutls: correct version detection for certificate supportGanesh Ajjanagadde2015-08-131-1/+1
| | | | | | | | | | | | | | Fixes Ticket3748 Signed-off-by: Ganesh Ajjanagadde <gajjanagadde@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* | tls_gnutls: fix hang on disconnectionwm42015-06-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | GNUTLS_SHUT_RDWR means GnuTLS will keep waiting for the server's termination reply. But since we don't shutdown the TCP connection at this point yet, GnuTLS will just keep skipping actual data from the server, which basically is perceived as hang. Use GNUTLS_SHUT_WR instead, which doesn't have this problem. Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* | Merge commit 'd4d90504a687d2c0ef77ccf11d831f24dcff9cf1'Michael Niedermayer2015-05-281-0/+1
|\ \ | |/ | | | | | | | | | | * commit 'd4d90504a687d2c0ef77ccf11d831f24dcff9cf1': tls_gnutls: Add missing includes for the gcrypt thread safety callbacks Merged-by: Michael Niedermayer <michaelni@gmx.at>
| * tls_gnutls: Add missing includes for the gcrypt thread safety callbacksMartin Storsjö2015-05-281-0/+1
| | | | | | | | | | | | | | This fixes building with gcrypt-backed gnutls versions, broken in 57cde2b180. Signed-off-by: Martin Storsjö <martin@martin.st>
| * lavf: move TLS-related ifdeffery to library specific fileswm42015-05-261-2/+28
| | | | | | | | | | | | There is no need to have this mess in network.c. Signed-off-by: Martin Storsjö <martin@martin.st>
| * lavf: split tls.cwm42015-05-261-0/+228
| | | | | | | | Move the OpenSSL and GnuTLS implementations to their own files. Other than the connection code (including options) and some boilerplate, no code is actually shared. Signed-off-by: Martin Storsjö <martin@martin.st>
* lavf: move TLS-related ifdeffery to library specific fileswm42015-05-271-3/+28
| | | | | | There is no need to have this mess in network.c. Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* lavf: split tls.cwm42015-05-271-0/+233
Move the OpenSSL and GnuTLS implementations to their own files. Other than the connection code (including options) and some boilerplate, no code is actually shared. Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
View Lorry Controller Status