[FFmpeg-devel] [PATCH] lavf/tls: let the user specify what name to verify against
Rodger Combs
rodger.combs at gmail.com
Mon Jun 8 11:50:48 CEST 2015
This can be useful for debugging, or in scenarios where the user
doesn't want to use the system's DNS settings for whatever reason.
---
libavformat/tls.c | 13 ++++++++-----
libavformat/tls.h | 7 +++++--
2 files changed, 13 insertions(+), 7 deletions(-)
diff --git a/libavformat/tls.c b/libavformat/tls.c
index adbd7db..9802a70 100644
--- a/libavformat/tls.c
+++ b/libavformat/tls.c
@@ -67,7 +67,7 @@ int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AV
if (c->listen)
snprintf(opts, sizeof(opts), "?listen=1");
- av_url_split(NULL, 0, NULL, 0, c->host, sizeof(c->host), &port, NULL, 0, uri);
+ av_url_split(NULL, 0, NULL, 0, c->underlying_host, sizeof(c->underlying_host), &port, NULL, 0, uri);
p = strchr(uri, '?');
@@ -78,16 +78,19 @@ int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AV
c->listen = 1;
}
- ff_url_join(buf, sizeof(buf), "tcp", NULL, c->host, port, "%s", p);
+ ff_url_join(buf, sizeof(buf), "tcp", NULL, c->underlying_host, port, "%s", p);
hints.ai_flags = AI_NUMERICHOST;
- if (!getaddrinfo(c->host, NULL, &hints, &ai)) {
+ if (!getaddrinfo(c->underlying_host, NULL, &hints, &ai)) {
c->numerichost = 1;
freeaddrinfo(ai);
}
+ if (!c->host && !(c->host = av_strdup(c->underlying_host)))
+ return AVERROR(ENOMEM);
+
proxy_path = getenv("http_proxy");
- use_proxy = !ff_http_match_no_proxy(getenv("no_proxy"), c->host) &&
+ use_proxy = !ff_http_match_no_proxy(getenv("no_proxy"), c->underlying_host) &&
proxy_path && av_strstart(proxy_path, "http://", NULL);
if (use_proxy) {
@@ -96,7 +99,7 @@ int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AV
av_url_split(NULL, 0, proxy_auth, sizeof(proxy_auth),
proxy_host, sizeof(proxy_host), &proxy_port, NULL, 0,
proxy_path);
- ff_url_join(dest, sizeof(dest), NULL, NULL, c->host, port, NULL);
+ ff_url_join(dest, sizeof(dest), NULL, NULL, c->underlying_host, port, NULL);
ff_url_join(buf, sizeof(buf), "httpproxy", proxy_auth, proxy_host,
proxy_port, "/%s", dest);
}
diff --git a/libavformat/tls.h b/libavformat/tls.h
index 959bada..2a36f34 100644
--- a/libavformat/tls.h
+++ b/libavformat/tls.h
@@ -35,7 +35,9 @@ typedef struct TLSShared {
char *key_file;
int listen;
- char host[200];
+ char *host;
+
+ char underlying_host[200];
int numerichost;
URLContext *tcp;
@@ -48,7 +50,8 @@ typedef struct TLSShared {
{"tls_verify", "Verify the peer certificate", offsetof(pstruct, options_field . verify), AV_OPT_TYPE_INT, { .i64 = 0 }, 0, 1, .flags = TLS_OPTFL }, \
{"cert_file", "Certificate file", offsetof(pstruct, options_field . cert_file), AV_OPT_TYPE_STRING, .flags = TLS_OPTFL }, \
{"key_file", "Private key file", offsetof(pstruct, options_field . key_file), AV_OPT_TYPE_STRING, .flags = TLS_OPTFL }, \
- {"listen", "Listen for incoming connections", offsetof(pstruct, options_field . listen), AV_OPT_TYPE_INT, { .i64 = 0 }, 0, 1, .flags = TLS_OPTFL }
+ {"listen", "Listen for incoming connections", offsetof(pstruct, options_field . listen), AV_OPT_TYPE_INT, { .i64 = 0 }, 0, 1, .flags = TLS_OPTFL }, \
+ {"verifyhost", "Verify against a specific hostname", offsetof(pstruct, options_field . host), AV_OPT_TYPE_STRING, .flags = TLS_OPTFL }
int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AVDictionary **options);
--
2.4.1
More information about the ffmpeg-devel
mailing list