[FFmpeg-devel] [PATCH] libavformat: add mbedTLS based TLS
James Almer
jamrial at gmail.com
Sun May 27 22:23:53 EEST 2018
On 5/27/2018 12:20 PM, Ricardo Constantino wrote:
> On 26 May 2018 at 19:42, Reino Wijnsma <rwijnsma at xs4all.nl> wrote:
>
>> On 23-5-2018 2:11, Reino Wijnsma <rwijnsma at xs4all.nl> wrote:
>>> On 22-4-2018 14:47, Thomas Volkert <silvo at gmx.net> wrote:
>>>> +enabled mbedtls && { check_pkg_config mbedtls mbedtls
>> mbedtls/x509_crt.h mbedtls_x509_crt_init ||
>>>> + check_pkg_config mbedtls mbedtls
>> mbedtls/ssl.h mbedtls_ssl_init ||
>>>> + check_lib mbedtls mbedtls/ssl.h
>> mbedtls_ssl_init -lmbedtls ||
>>>> + die "ERROR: mbedTLS not found"; }
>>> Now that James Almer has pushed this patch I decided to have a look as
>> well. I wanted to see if mbedtls would work for me too.
>>> I haven't made a FFmpeg build yet to test, because the excerpt above (in
>> 'configure') doesn't look right and configuring FFmpeg returns lots of
>> undefined references.
>>>
>>> First of all, there's no pkg-config file at all. Almost 3 years ago
>> someone requested it (https://github.com/ARMmbed/mbedtls/issues/228), but
>> as far as I can see it hasn't been implemented yet. So, I really don't
>> understand why you added the 2 check_pkg_config lines.
>>> Secondly, the check_lib line also needs -lmbedx509 and -lmbedcrypto!
>>>
>>> -lmbedtls, the most important one obviously, prevents a "undefined
>> reference to `mbedtls_ssl_init'", but...
>>> -lmbedx509 is also needed, because otherwise you'd get "undefined
>> reference to `mbedtls_x509_crt_init'" and several "undefined reference to
>> `mbedtls_x509_crt_[...]'".
>>> -lmbedcrypto is also needed, because otherwise you'd get LOTS of
>> "undefined reference to `mbedtls_[...]'"; from "undefined reference to
>> `mbedtls_sha256_init'" to "undefined reference to `mbedtls_pem_init'"!
>>>
>>> The following patch works for me:
>>>
>>> diff --git a/configure b/configure
>>> index 09ff0c5..6014e03 100755
>>> --- a/configure
>>> +++ b/configure
>>> @@ -6111,9 +6111,7 @@ enabled libzvbi && require_pkg_config
>> libzvbi zvbi-0.2 libzvbi.h vbi_d
>>> { test_cpp_condition libzvbi.h
>> "VBI_VERSION_MAJOR > 0 || VBI_VERSION_MINOR > 2 || VBI_VERSION_MINOR == 2
>> && VBI_VERSION_MICRO >= 28" ||
>>> enabled gpl || die "ERROR: libzvbi
>> requires version 0.2.28 or --enable-gpl."; }
>>> enabled libxml2 && require_pkg_config libxml2 libxml-2.0
>> libxml2/libxml/xmlversion.h xmlCheckVersion
>>> -enabled mbedtls && { check_pkg_config mbedtls mbedtls
>> mbedtls/x509_crt.h mbedtls_x509_crt_init ||
>>> - check_pkg_config mbedtls mbedtls
>> mbedtls/ssl.h mbedtls_ssl_init ||
>>> - check_lib mbedtls mbedtls/ssl.h
>> mbedtls_ssl_init -lmbedtls ||
>>> +enabled mbedtls && { check_lib mbedtls mbedtls/ssl.h
>> mbedtls_ssl_init -lmbedtls -lmbedx509 -lmbedcrypto ||
>>> die "ERROR: mbedTLS not found"; }
>>> enabled mediacodec && { enabled jni || die "ERROR: mediacodec
>> requires --enable-jni"; }
>>> enabled mmal && { check_lib mmal interface/mmal/mmal.h
>> mmal_port_connect -lmmal_core -lmmal_util -lmmal_vc_client -lbcm_host ||
>>>
>>> Also note that the order is important, because with -lmbedtls
>> -lmbedcrypto -lmbedx509 you'd get: "undefined reference to
>> `mbedtls_pk_parse_subpubkey'" and "undefined reference to
>> `mbedtls_pk_load_file'".
>>>
>>> (If it matters, I'm cross-compiling on Windows using Cygwin, MinGW and
>> GCC).
>>>
>>> -- Reino
>> *Ping* at Thomas Volkert, or anyone else responsible for this.
>>
>
>
> FWIW, curl also adds all three libs, not just -lmbedtls, in their
> configure. Maybe shared builds only need the one, but static do require all
> three.
>
> No opinion on removing the check_pkg_config lines since they have one
> possibly coming up soon, from looking at the PRs.
Pushed the check_lib() change only, after confirming it's needed for
static builds of mbedtls.
I'll not touch the pkg-config lines for now until that PR is merged.
More information about the ffmpeg-devel
mailing list