On Thu, 19 Sep 2013 12:43:00 +0300, Martin Storsjö <mar...@martin.st> wrote:
> A file containing the trusted CA certificates needs to be
> supplied via the ca_file AVOption, unless the TLS library
> has got a system default file/database set up.
>
> This doesn't check the hostname of the peer certificate with
> openssl, which requires a non-trivial piece of code for
> manually matching the desired hostname to the string provided
> by the certificate, not provided as a library function.
>
> That is, with openssl, this only validates that the received
> certificate is signed with the right CA, but not that it is
> the actual server we think we're talking to.
>
> Verification is still disabled by default since we can't count
> on a proper CA database existing at all times.
It would be Very Nice (tm) if an equivalent of this text went into
doc/protocols.texi
> ---
> Added support for gnutls_certificate_set_x509_system_trust and
> some other minor fixes.
> ---
> libavformat/tls.c | 70
> ++++++++++++++++++++++++++++++++++++++++++++++++++++-
> 1 file changed, 69 insertions(+), 1 deletion(-)
>
> diff --git a/libavformat/tls.c b/libavformat/tls.c
> index fecf096..55b7416 100644
> --- a/libavformat/tls.c
> +++ b/libavformat/tls.c
> @@ -22,8 +22,10 @@
> #include "avformat.h"
> #include "url.h"
> #include "libavutil/avstring.h"
> +#include "libavutil/opt.h"
> #if CONFIG_GNUTLS
> #include <gnutls/gnutls.h>
> +#include <gnutls/x509.h>
> #define TLS_read(c, buf, size) gnutls_record_recv(c->session, buf, size)
> #define TLS_write(c, buf, size) gnutls_record_send(c->session, buf, size)
> #define TLS_shutdown(c) gnutls_bye(c->session, GNUTLS_SHUT_RDWR)
> @@ -65,8 +67,26 @@ typedef struct {
> SSL *ssl;
> #endif
> int fd;
> + char *ca_file;
> + int verify;
> } TLSContext;
>
> +#define OFFSET(x) offsetof(TLSContext, x)
> +#define D AV_OPT_FLAG_DECODING_PARAM
> +#define E AV_OPT_FLAG_ENCODING_PARAM
> +static const AVOption options[] = {
> + {"ca_file", "Certificate Authority database file", OFFSET(ca_file),
> AV_OPT_TYPE_STRING, .flags = D|E },
> + {"tls_verify", "Verify the peer certificate", OFFSET(verify),
> AV_OPT_TYPE_INT, { .i64 = 0 }, 0, 1, .flags = D|E },
> + { NULL }
> +};
> +
> +static const AVClass tls_class = {
> + .class_name = "tls",
> + .item_name = av_default_item_name,
> + .option = options,
> + .version = LIBAVUTIL_VERSION_INT,
> +};
> +
> static int do_tls_poll(URLContext *h, int ret)
> {
> TLSContext *c = h->priv_data;
> @@ -108,6 +128,11 @@ static int tls_open(URLContext *h, const char *uri, int
> flags)
> TLSContext *c = h->priv_data;
> int ret;
> int port;
> +#if CONFIG_GNUTLS
> + unsigned int status, cert_list_size;
> + gnutls_x509_crt_t cert;
> + const gnutls_datum_t *cert_list;
> +#endif
Seems you can move those declarations into the if (c->verify) block and avoid
those extra ifdefs
Otherwise looks good.
--
Anton Khirnov
_______________________________________________
libav-devel mailing list
libav-devel@libav.org
https://lists.libav.org/mailman/listinfo/libav-devel
