[FFmpeg-devel] [PATCH 5/5] lavf/tls: enable server verification by default when not on mbedtls
Rodger Combs
rodger.combs at gmail.com
Fri Jan 18 10:46:04 EET 2019
All other TLS wrappers now have a mechanism to load a system trust store
by default, without setting the cafile option. For Secure Transport and
Secure Channel, it's the OS. For OpenSSL and libtls, it's a path set at
compile-time. For GNUTLS, it's either a path set at compile-time, or the
OS trust store (if on macOS, iOS, or Windows). It's possible to configure
OpenSSL, GNUTLS, and libtls without a working trust store, but these are
broken configurations and I don't have a problem with requiring users with
that kind of install to either fix it, or explicitly opt in to insecure
behavior. mbedtls doesn't have a default trust store (it's assumed that the
application will provide one), so it continues to require the user to pass
in a path and enable verification manually.
---
libavformat/tls.c | 3 +++
libavformat/tls.h | 2 +-
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/libavformat/tls.c b/libavformat/tls.c
index a6dcd3cc96..c564b1252b 100644
--- a/libavformat/tls.c
+++ b/libavformat/tls.c
@@ -62,6 +62,9 @@ int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AV
const char *proxy_path;
int use_proxy;
+ if (c->verify == -1)
+ c->verify = !c->listen && !CONFIG_MBEDTLS;
+
set_options(c, uri);
if (c->listen)
diff --git a/libavformat/tls.h b/libavformat/tls.h
index beb19d6d55..bc4ee1c216 100644
--- a/libavformat/tls.h
+++ b/libavformat/tls.h
@@ -45,7 +45,7 @@ typedef struct TLSShared {
#define TLS_COMMON_OPTIONS(pstruct, options_field) \
{"ca_file", "Certificate Authority database file", offsetof(pstruct, options_field . ca_file), AV_OPT_TYPE_STRING, .flags = TLS_OPTFL }, \
{"cafile", "Certificate Authority database file", offsetof(pstruct, options_field . ca_file), AV_OPT_TYPE_STRING, .flags = TLS_OPTFL }, \
- {"tls_verify", "Verify the peer certificate", offsetof(pstruct, options_field . verify), AV_OPT_TYPE_INT, { .i64 = 0 }, 0, 1, .flags = TLS_OPTFL }, \
+ {"tls_verify", "Verify the peer certificate", offsetof(pstruct, options_field . verify), AV_OPT_TYPE_BOOL, { .i64 = -1 }, -1, 1, .flags = TLS_OPTFL }, \
{"cert_file", "Certificate file", offsetof(pstruct, options_field . cert_file), AV_OPT_TYPE_STRING, .flags = TLS_OPTFL }, \
{"key_file", "Private key file", offsetof(pstruct, options_field . key_file), AV_OPT_TYPE_STRING, .flags = TLS_OPTFL }, \
{"listen", "Listen for incoming connections", offsetof(pstruct, options_field . listen), AV_OPT_TYPE_INT, { .i64 = 0 }, 0, 1, .flags = TLS_OPTFL }, \
--
2.19.1
More information about the ffmpeg-devel
mailing list