[FFmpeg-devel] [PATCH] libavformat: add mbedTLS based TLS

Thomas Volkert silvo at gmx.net
Mon Apr 23 22:09:09 EEST 2018

On 23.04.2018 14:08, Rostislav Pehlivanov wrote:
> On 23 April 2018 at 10:27, Thomas Volkert <silvo at gmx.net> wrote:
>> On 22.04.2018 20:03, Carl Eugen Hoyos wrote:
>>> 2018-04-22 20:00 GMT+02:00, Nicolas George <george at nsup.org>:
>>>> Carl Eugen Hoyos (2018-04-22):
>>>>> How do you detect that this is not the "current version" of mbed?
>>>> Is it really our responsibility?
>>> We try to always do it and I believe that allowing LGPL makes
>>> more sense and less headache: Since we do the checks so
>>> rigorously it makes sense to assume we did it as correctly
>>> for this case.
>>> I don't understand why we don't go the easy way that clearly
>>> has advantages instead for the complicated way (with at
>>> least some disadvantages).
>> Okay. I looked over their web page and the Debian packages again.
>> The web page of mbedTLS declares Apache license as the "primary open
>> source license".
>> I will add it to EXTERNAL_LIBRARY_VERSION3_LIST and push it today, if
>> their are no further objections.
>> Best regards,
>> Thomas.
>> _______________________________________________
>> ffmpeg-devel mailing list
>> ffmpeg-devel at ffmpeg.org
>> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
> I'd like some memory usage and performance comparisons to gnutls and

The mbedTLS library uses less than half of the disc space compared to
OpenSSL in this context.
I don't have exact figures for memory consumption for different
scenarios right now.

> openssl before you push. This is the 6th (!!) TLS library we'd be
> supporting.

Two of the existing ones are OS specific.

In general, I see mbedTLS as an enrichment for FFmpeg. MbedTLS seems to
be a promising alternative to OpenSSL and other TLS implementations in
the context of embedded systems: the disk footprint is smaller out of
the box, the memory footprint is smaller, the library is intentionally
modular so that these can be reduced further at need

Additionally, in the planned context the mbedTLS library is already used
for signaling out-of-band control messages between network peers. And it
is planned to do some more tuning to the overall setup to get an even
smaller version of mbedTLS on the target device.

Best regards,

More information about the ffmpeg-devel mailing list