On Mon, 29 May 2017 10:56:36 +0200
Diego Biurrun <[email protected]> wrote:
> TLS is currently implemented over either OpenSSL or GnuTLS, with more
> backends likely to appear in the future. Currently, those backend libraries
> are part of the protocol names used during e.g. the configure stage of a
> build. Hide those details behind a generically-named declaration for the
> TLS protocol to avoid leaking those details into the configuration stage.
> ---
>
> Log message still not perfect.
>
> No longer tries to deduplicate parts of the implementation, just disentangles
> the protocol declaration.
>
> configure | 8 ++------
> libavformat/Makefile | 3 +--
> libavformat/network.c | 20 --------------------
> libavformat/protocols.c | 3 +--
> libavformat/tls.c | 39 ++++++++++++++++++++++++++++++---------
> libavformat/tls.h | 8 --------
> libavformat/tls_gnutls.c | 31 ++++---------------------------
> libavformat/tls_openssl.c | 31 ++++---------------------------
> libavformat/utils.c | 4 ++++
> 9 files changed, 46 insertions(+), 101 deletions(-)
>
> diff --git a/configure b/configure
> index d6c44cf..d17e9f7 100755
> --- a/configure
> +++ b/configure
> @@ -2468,12 +2468,8 @@ sctp_protocol_deps="struct_sctp_event_subscribe"
> sctp_protocol_select="network"
> srtp_protocol_select="rtp_protocol srtp"
> tcp_protocol_select="network"
> -tls_gnutls_protocol_deps="gnutls"
> -tls_gnutls_protocol_select="tcp_protocol"
> -tls_openssl_protocol_conflict="tls_gnutls_protocol"
> -tls_openssl_protocol_deps="openssl"
> -tls_openssl_protocol_select="tcp_protocol"
> -tls_protocol_deps_any="tls_gnutls_protocol tls_openssl_protocol"
> +tls_protocol_deps_any="gnutls openssl"
> +tls_protocol_select="tcp_protocol"
> udp_protocol_select="network"
> unix_protocol_deps="sys_un_h"
> unix_protocol_select="network"
> diff --git a/libavformat/Makefile b/libavformat/Makefile
> index 7b1df93..7e306ec 100644
> --- a/libavformat/Makefile
> +++ b/libavformat/Makefile
> @@ -408,8 +408,7 @@ OBJS-$(CONFIG_RTP_PROTOCOL) += rtpproto.o
> OBJS-$(CONFIG_SCTP_PROTOCOL) += sctp.o
> OBJS-$(CONFIG_SRTP_PROTOCOL) += srtpproto.o srtp.o
> OBJS-$(CONFIG_TCP_PROTOCOL) += tcp.o
> -OBJS-$(CONFIG_TLS_GNUTLS_PROTOCOL) += tls_gnutls.o tls.o
> -OBJS-$(CONFIG_TLS_OPENSSL_PROTOCOL) += tls_openssl.o tls.o
> +OBJS-$(CONFIG_TLS_PROTOCOL) += tls.o
> OBJS-$(CONFIG_UDP_PROTOCOL) += udp.o
> OBJS-$(CONFIG_UNIX_PROTOCOL) += unix.o
>
> diff --git a/libavformat/network.c b/libavformat/network.c
> index 2c34b4a..978ff73 100644
> --- a/libavformat/network.c
> +++ b/libavformat/network.c
> @@ -25,26 +25,6 @@
> #include "libavcodec/internal.h"
> #include "libavutil/mem.h"
>
> -void ff_tls_init(void)
> -{
> -#if CONFIG_TLS_OPENSSL_PROTOCOL
> - ff_openssl_init();
> -#endif
> -#if CONFIG_TLS_GNUTLS_PROTOCOL
> - ff_gnutls_init();
> -#endif
> -}
> -
> -void ff_tls_deinit(void)
> -{
> -#if CONFIG_TLS_OPENSSL_PROTOCOL
> - ff_openssl_deinit();
> -#endif
> -#if CONFIG_TLS_GNUTLS_PROTOCOL
> - ff_gnutls_deinit();
> -#endif
> -}
> -
> int ff_network_inited_globally;
>
> int ff_network_init(void)
> diff --git a/libavformat/protocols.c b/libavformat/protocols.c
> index d254540..8ea5c0e 100644
> --- a/libavformat/protocols.c
> +++ b/libavformat/protocols.c
> @@ -48,8 +48,7 @@ extern const URLProtocol ff_rtp_protocol;
> extern const URLProtocol ff_sctp_protocol;
> extern const URLProtocol ff_srtp_protocol;
> extern const URLProtocol ff_tcp_protocol;
> -extern const URLProtocol ff_tls_gnutls_protocol;
> -extern const URLProtocol ff_tls_openssl_protocol;
> +extern const URLProtocol ff_tls_protocol;
> extern const URLProtocol ff_udp_protocol;
> extern const URLProtocol ff_unix_protocol;
> extern const URLProtocol ff_librtmp_protocol;
> diff --git a/libavformat/tls.c b/libavformat/tls.c
> index fab243e..7ef0f3c 100644
> --- a/libavformat/tls.c
> +++ b/libavformat/tls.c
> @@ -19,15 +19,13 @@
> * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
> USA
> */
>
> -#include "avformat.h"
> -#include "internal.h"
> -#include "network.h"
> -#include "os_support.h"
> -#include "url.h"
> -#include "tls.h"
> -#include "libavutil/avstring.h"
> -#include "libavutil/opt.h"
> -#include "libavutil/parseutils.h"
> +#include "config.h"
> +
> +#if CONFIG_GNUTLS
> +#include "tls_gnutls.c"
> +#elif CONFIG_OPENSSL
> +#include "tls_openssl.c"
> +#endif
>
> int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char
> *uri, AVDictionary **options)
> {
> @@ -78,3 +76,26 @@ int ff_tls_open_underlying(TLSShared *c, URLContext
> *parent, const char *uri, AV
> return ffurl_open(&c->tcp, buf, AVIO_FLAG_READ_WRITE,
> &parent->interrupt_callback, options,
> parent->protocols, parent);
> }
> +
> +static const AVOption options[] = {
> + TLS_COMMON_OPTIONS(TLSContext, tls_shared),
> + { NULL }
> +};
> +
> +static const AVClass tls_class = {
> + .class_name = "tls",
> + .item_name = av_default_item_name,
> + .option = options,
> + .version = LIBAVUTIL_VERSION_INT,
> +};
> +
> +const URLProtocol ff_tls_protocol = {
> + .name = "tls",
> + .url_open2 = tls_open,
> + .url_read = tls_read,
> + .url_write = tls_write,
> + .url_close = tls_close,
> + .priv_data_size = sizeof(TLSContext),
> + .flags = URL_PROTOCOL_FLAG_NETWORK,
> + .priv_data_class = &tls_class,
> +};
> diff --git a/libavformat/tls.h b/libavformat/tls.h
> index 22cb625..57adff9 100644
> --- a/libavformat/tls.h
> +++ b/libavformat/tls.h
> @@ -26,8 +26,6 @@
> #include "url.h"
> #include "libavutil/opt.h"
>
> -#define CONFIG_TLS_PROTOCOL (CONFIG_TLS_GNUTLS_PROTOCOL |
> CONFIG_TLS_OPENSSL_PROTOCOL)
> -
> typedef struct TLSShared {
> char *ca_file;
> int verify;
> @@ -51,10 +49,4 @@ typedef struct TLSShared {
>
> int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char
> *uri, AVDictionary **options);
>
> -void ff_gnutls_init(void);
> -void ff_gnutls_deinit(void);
> -
> -void ff_openssl_init(void);
> -void ff_openssl_deinit(void);
> -
> #endif /* AVFORMAT_TLS_H */
> diff --git a/libavformat/tls_gnutls.c b/libavformat/tls_gnutls.c
> index f8a612a..0c93455 100644
> --- a/libavformat/tls_gnutls.c
> +++ b/libavformat/tls_gnutls.c
> @@ -43,14 +43,14 @@ typedef struct TLSContext {
> int need_shutdown;
> } TLSContext;
>
> -void ff_gnutls_init(void)
> +void ff_tls_init(void)
> {
> avpriv_lock_avformat();
> gnutls_global_init();
> avpriv_unlock_avformat();
> }
>
> -void ff_gnutls_deinit(void)
> +void ff_tls_deinit(void)
> {
> avpriv_lock_avformat();
> gnutls_global_deinit();
> @@ -84,7 +84,7 @@ static int tls_close(URLContext *h)
> gnutls_certificate_free_credentials(c->cred);
> if (c->tls_shared.tcp)
> ffurl_close(c->tls_shared.tcp);
> - ff_gnutls_deinit();
> + ff_tls_deinit();
> return 0;
> }
>
> @@ -120,7 +120,7 @@ static int tls_open(URLContext *h, const char *uri, int
> flags, AVDictionary **op
> TLSShared *c = &p->tls_shared;
> int ret;
>
> - ff_gnutls_init();
> + ff_tls_init();
>
> if ((ret = ff_tls_open_underlying(c, h, uri, options)) < 0)
> goto fail;
> @@ -220,26 +220,3 @@ static int tls_write(URLContext *h, const uint8_t *buf,
> int size)
> return AVERROR_EOF;
> return print_tls_error(h, ret);
> }
> -
> -static const AVOption options[] = {
> - TLS_COMMON_OPTIONS(TLSContext, tls_shared),
> - { NULL }
> -};
> -
> -static const AVClass tls_class = {
> - .class_name = "tls",
> - .item_name = av_default_item_name,
> - .option = options,
> - .version = LIBAVUTIL_VERSION_INT,
> -};
> -
> -const URLProtocol ff_tls_gnutls_protocol = {
> - .name = "tls",
> - .url_open2 = tls_open,
> - .url_read = tls_read,
> - .url_write = tls_write,
> - .url_close = tls_close,
> - .priv_data_size = sizeof(TLSContext),
> - .flags = URL_PROTOCOL_FLAG_NETWORK,
> - .priv_data_class = &tls_class,
> -};
> diff --git a/libavformat/tls_openssl.c b/libavformat/tls_openssl.c
> index 0abccf0..e29d8d9 100644
> --- a/libavformat/tls_openssl.c
> +++ b/libavformat/tls_openssl.c
> @@ -66,7 +66,7 @@ static unsigned long openssl_thread_id(void)
> #endif
> #endif
>
> -void ff_openssl_init(void)
> +void ff_tls_init(void)
> {
> avpriv_lock_avformat();
> if (!openssl_init) {
> @@ -89,7 +89,7 @@ void ff_openssl_init(void)
> avpriv_unlock_avformat();
> }
>
> -void ff_openssl_deinit(void)
> +void ff_tls_deinit(void)
> {
> avpriv_lock_avformat();
> openssl_init--;
> @@ -128,7 +128,7 @@ static int tls_close(URLContext *h)
> if (c->url_bio_method)
> BIO_meth_free(c->url_bio_method);
> #endif
> - ff_openssl_deinit();
> + ff_tls_deinit();
> return 0;
> }
>
> @@ -216,7 +216,7 @@ static int tls_open(URLContext *h, const char *uri, int
> flags, AVDictionary **op
> BIO *bio;
> int ret;
>
> - ff_openssl_init();
> + ff_tls_init();
>
> if ((ret = ff_tls_open_underlying(c, h, uri, options)) < 0)
> goto fail;
> @@ -310,26 +310,3 @@ static int tls_write(URLContext *h, const uint8_t *buf,
> int size)
> return AVERROR_EOF;
> return print_tls_error(h, ret);
> }
> -
> -static const AVOption options[] = {
> - TLS_COMMON_OPTIONS(TLSContext, tls_shared),
> - { NULL }
> -};
> -
> -static const AVClass tls_class = {
> - .class_name = "tls",
> - .item_name = av_default_item_name,
> - .option = options,
> - .version = LIBAVUTIL_VERSION_INT,
> -};
> -
> -const URLProtocol ff_tls_openssl_protocol = {
> - .name = "tls",
> - .url_open2 = tls_open,
> - .url_read = tls_read,
> - .url_write = tls_write,
> - .url_close = tls_close,
> - .priv_data_size = sizeof(TLSContext),
> - .flags = URL_PROTOCOL_FLAG_NETWORK,
> - .priv_data_class = &tls_class,
> -};
> diff --git a/libavformat/utils.c b/libavformat/utils.c
> index eaba473..fd85a02 100644
> --- a/libavformat/utils.c
> +++ b/libavformat/utils.c
> @@ -3211,8 +3211,10 @@ int avformat_network_init(void)
> ff_network_inited_globally = 1;
> if ((ret = ff_network_init()) < 0)
> return ret;
> +#if CONFIG_TLS_PROTOCOL
> ff_tls_init();
> #endif
> +#endif
> return 0;
> }
>
> @@ -3220,8 +3222,10 @@ int avformat_network_deinit(void)
> {
> #if CONFIG_NETWORK
> ff_network_close();
> +#if CONFIG_TLS_PROTOCOL
> ff_tls_deinit();
> #endif
> +#endif
> return 0;
> }
>
We have a perfectly fine way to modularize protocols (or protocol
"filters", like TLS, encryption, etc.) - and we're using it in a good
way. Why do you insist on not using this modularization, and instead
doing it in tricky ways like #including .c source files?
_______________________________________________
libav-devel mailing list
[email protected]
https://lists.libav.org/mailman/listinfo/libav-devel
