The branch, master has been updated
via c74181a04b5f4e650eae662231e56518daef64d4 (commit)
via df7532b21d9cafd2b3527128eab252e81a81f21a (commit)
from 647138334abd6ea001a16a768eb12cc4156db5f9 (commit)
- Log -----------------------------------------------------------------
commit c74181a04b5f4e650eae662231e56518daef64d4
Author: Jack Lau <jacklau1...@qq.com>
AuthorDate: Mon Sep 8 16:31:10 2025 +0800
Commit: stevenliu <lingjiujia...@gmail.com>
CommitDate: Thu Sep 18 12:34:15 2025 +0000
avformat/tls_gnutls: add av_assert0() for tls_shared
Signed-off-by: Jack Lau <jacklau1...@qq.com>
diff --git a/libavformat/tls_gnutls.c b/libavformat/tls_gnutls.c
index 272603f1dd..53306872a0 100644
--- a/libavformat/tls_gnutls.c
+++ b/libavformat/tls_gnutls.c
@@ -30,6 +30,7 @@
#include "os_support.h"
#include "url.h"
#include "tls.h"
+#include "libavutil/avassert.h"
#include "libavutil/opt.h"
#include "libavutil/thread.h"
@@ -156,6 +157,7 @@ static int tls_open(URLContext *h, const char *uri, int
flags, AVDictionary **op
TLSShared *s = &c->tls_shared;
uint16_t gnutls_flags = 0;
int ret;
+ av_assert0(s);
ff_gnutls_init();
@@ -261,6 +263,7 @@ static int dtls_open(URLContext *h, const char *uri, int
flags, AVDictionary **o
{
TLSContext *c = h->priv_data;
TLSShared *s = &c->tls_shared;
+ av_assert0(s);
s->is_dtls = 1;
return tls_open(h, uri, flags, options);
}
commit df7532b21d9cafd2b3527128eab252e81a81f21a
Author: Jack Lau <jacklau1...@qq.com>
AuthorDate: Mon Sep 8 16:08:22 2025 +0800
Commit: stevenliu <lingjiujia...@gmail.com>
CommitDate: Thu Sep 18 12:34:15 2025 +0000
avformat/tls_gnutls: add initial dtls support
Set GNUTLS_DATAGRAM flag when is_dtls is true.
Set mtu when it's specified.
Modify the read/write function could use udp socket.
There are more patches to make dtls really work.
Signed-off-by: Jack Lau <jacklau1...@qq.com>
diff --git a/libavformat/tls_gnutls.c b/libavformat/tls_gnutls.c
index e894765d7c..272603f1dd 100644
--- a/libavformat/tls_gnutls.c
+++ b/libavformat/tls_gnutls.c
@@ -22,6 +22,7 @@
#include <errno.h>
#include <gnutls/gnutls.h>
+#include <gnutls/dtls.h>
#include <gnutls/x509.h>
#include "avformat.h"
@@ -100,13 +101,15 @@ static int print_tls_error(URLContext *h, int ret)
static int tls_close(URLContext *h)
{
TLSContext *c = h->priv_data;
+ TLSShared *s = &c->tls_shared;
if (c->need_shutdown)
gnutls_bye(c->session, GNUTLS_SHUT_WR);
if (c->session)
gnutls_deinit(c->session);
if (c->cred)
gnutls_certificate_free_credentials(c->cred);
- ffurl_closep(&c->tls_shared.tcp);
+ if (!s->external_sock)
+ ffurl_closep(s->is_dtls ? &s->udp : &s->tcp);
ff_gnutls_deinit();
return 0;
}
@@ -151,6 +154,7 @@ static int tls_open(URLContext *h, const char *uri, int
flags, AVDictionary **op
{
TLSContext *c = h->priv_data;
TLSShared *s = &c->tls_shared;
+ uint16_t gnutls_flags = 0;
int ret;
ff_gnutls_init();
@@ -158,7 +162,14 @@ static int tls_open(URLContext *h, const char *uri, int
flags, AVDictionary **op
if ((ret = ff_tls_open_underlying(s, h, uri, options)) < 0)
goto fail;
- gnutls_init(&c->session, s->listen ? GNUTLS_SERVER : GNUTLS_CLIENT);
+ if (s->is_dtls)
+ gnutls_flags |= GNUTLS_DATAGRAM;
+
+ if (s->listen)
+ gnutls_flags |= GNUTLS_SERVER;
+ else
+ gnutls_flags |= GNUTLS_CLIENT;
+ gnutls_init(&c->session, gnutls_flags);
if (!s->listen && !s->numerichost)
gnutls_server_name_set(c->session, GNUTLS_NAME_DNS, s->host,
strlen(s->host));
gnutls_certificate_allocate_credentials(&c->cred);
@@ -190,6 +201,9 @@ static int tls_open(URLContext *h, const char *uri, int
flags, AVDictionary **op
gnutls_transport_set_pull_function(c->session, gnutls_url_pull);
gnutls_transport_set_push_function(c->session, gnutls_url_push);
gnutls_transport_set_ptr(c->session, c);
+ if (s->is_dtls)
+ if (s->mtu)
+ gnutls_dtls_set_mtu(c->session, s->mtu);
gnutls_set_default_priority(c->session);
do {
if (ff_check_interrupt(&h->interrupt_callback)) {
@@ -243,13 +257,23 @@ fail:
return ret;
}
+static int dtls_open(URLContext *h, const char *uri, int flags, AVDictionary
**options)
+{
+ TLSContext *c = h->priv_data;
+ TLSShared *s = &c->tls_shared;
+ s->is_dtls = 1;
+ return tls_open(h, uri, flags, options);
+}
+
static int tls_read(URLContext *h, uint8_t *buf, int size)
{
TLSContext *c = h->priv_data;
+ TLSShared *s = &c->tls_shared;
+ URLContext *uc = s->is_dtls ? s->udp : s->tcp;
int ret;
// Set or clear the AVIO_FLAG_NONBLOCK on c->tls_shared.tcp
- c->tls_shared.tcp->flags &= ~AVIO_FLAG_NONBLOCK;
- c->tls_shared.tcp->flags |= h->flags & AVIO_FLAG_NONBLOCK;
+ uc->flags &= ~AVIO_FLAG_NONBLOCK;
+ uc->flags |= h->flags & AVIO_FLAG_NONBLOCK;
ret = gnutls_record_recv(c->session, buf, size);
if (ret > 0)
return ret;
@@ -261,10 +285,12 @@ static int tls_read(URLContext *h, uint8_t *buf, int size)
static int tls_write(URLContext *h, const uint8_t *buf, int size)
{
TLSContext *c = h->priv_data;
+ TLSShared *s = &c->tls_shared;
+ URLContext *uc = s->is_dtls ? s->udp : s->tcp;
int ret;
// Set or clear the AVIO_FLAG_NONBLOCK on c->tls_shared.tcp
- c->tls_shared.tcp->flags &= ~AVIO_FLAG_NONBLOCK;
- c->tls_shared.tcp->flags |= h->flags & AVIO_FLAG_NONBLOCK;
+ uc->flags &= ~AVIO_FLAG_NONBLOCK;
+ uc->flags |= h->flags & AVIO_FLAG_NONBLOCK;
ret = gnutls_record_send(c->session, buf, size);
if (ret > 0)
return ret;
@@ -309,3 +335,23 @@ const URLProtocol ff_tls_protocol = {
.flags = URL_PROTOCOL_FLAG_NETWORK,
.priv_data_class = &tls_class,
};
+
+static const AVClass dtls_class = {
+ .class_name = "dtls",
+ .item_name = av_default_item_name,
+ .option = options,
+ .version = LIBAVUTIL_VERSION_INT,
+};
+
+const URLProtocol ff_dtls_protocol = {
+ .name = "dtls",
+ .url_open2 = dtls_open,
+ .url_read = tls_read,
+ .url_write = tls_write,
+ .url_close = tls_close,
+ .url_get_file_handle = tls_get_file_handle,
+ .url_get_short_seek = tls_get_short_seek,
+ .priv_data_size = sizeof(TLSContext),
+ .flags = URL_PROTOCOL_FLAG_NETWORK,
+ .priv_data_class = &dtls_class,
+};
-----------------------------------------------------------------------
Summary of changes:
libavformat/tls_gnutls.c | 61 +++++++++++++++++++++++++++++++++++++++++++-----
1 file changed, 55 insertions(+), 6 deletions(-)
hooks/post-receive
--
_______________________________________________
ffmpeg-cvslog mailing list -- ffmpeg-cvslog@ffmpeg.org
To unsubscribe send an email to ffmpeg-cvslog-le...@ffmpeg.org
