[FFmpeg-devel] [PATCH 6/6] lavf/tls_mbedtls: add workaround for TLSv1.3 vs. verify=0
Anton Khirnov
anton at khirnov.net
Tue Jun 11 18:02:51 EEST 2024
Quoting Sfan5 (2024-05-17 10:34:50)
> As of mbedTLS 3.6.0 TLSv1.3 is enabled by default and certificate
> verification
> is now mandatory. Our default configuration does not do verification, so
> downgrade to 1.2 in these situations to avoid breaking it.
>
> ref: https://github.com/Mbed-TLS/mbedtls/issues/7075
> Signed-off-by: sfan5 <sfan5 at live.de>
> ---
Would it not be simpler to simply set authmode to
MBEDTLS_SSL_VERIFY_OPTIONAL unconditionally, then just disregard the
verification result?
--
Anton Khirnov
More information about the ffmpeg-devel
mailing list