Re: [FFmpeg-devel] [PATCH 5/5] lavf/tls: enable server verification by default when not on mbedtls

2019-01-19 Thread Michael Niedermayer
On Fri, Jan 18, 2019 at 02:50:29PM -0600, Rodger Combs wrote: > > > > On Jan 18, 2019, at 05:41, Carl Eugen Hoyos wrote: > > > > 2019-01-18 9:46 GMT+01:00, Rodger Combs : > >> All other TLS wrappers now have a mechanism to load a system trust store > >> by default, without setting the cafile

Re: [FFmpeg-devel] [PATCH 5/5] lavf/tls: enable server verification by default when not on mbedtls

2019-01-18 Thread Rodger Combs
> On Jan 18, 2019, at 05:41, Carl Eugen Hoyos wrote: > > 2019-01-18 9:46 GMT+01:00, Rodger Combs : >> All other TLS wrappers now have a mechanism to load a system trust store >> by default, without setting the cafile option. For Secure Transport and >> Secure Channel, it's the OS. For OpenSSL

Re: [FFmpeg-devel] [PATCH 5/5] lavf/tls: enable server verification by default when not on mbedtls

2019-01-18 Thread Carl Eugen Hoyos
2019-01-18 9:46 GMT+01:00, Rodger Combs : > All other TLS wrappers now have a mechanism to load a system trust store > by default, without setting the cafile option. For Secure Transport and > Secure Channel, it's the OS. For OpenSSL and libtls, it's a path set at > compile-time. For GNUTLS, it's

[FFmpeg-devel] [PATCH 5/5] lavf/tls: enable server verification by default when not on mbedtls

2019-01-18 Thread Rodger Combs
All other TLS wrappers now have a mechanism to load a system trust store by default, without setting the cafile option. For Secure Transport and Secure Channel, it's the OS. For OpenSSL and libtls, it's a path set at compile-time. For GNUTLS, it's either a path set at compile-time, or the OS trust