FFmpeg: libavformat/tls_libtls.c Source File

FFmpeg

[フレーム]

libavformat

tls_libtls.c

Go to the documentation of this file.

1 /*

2 * TLS/SSL Protocol

5 *

6 * This file is part of FFmpeg.

7 *

8 * FFmpeg is free software; you can redistribute it and/or

9 * modify it under the terms of the GNU Lesser General Public

10 * License as published by the Free Software Foundation; either

11 * version 2.1 of the License, or (at your option) any later version.

12 *

13 * FFmpeg is distributed in the hope that it will be useful,

14 * but WITHOUT ANY WARRANTY; without even the implied warranty of

15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

16 * Lesser General Public License for more details.

17 *

18 * You should have received a copy of the GNU Lesser General Public

19 * License along with FFmpeg; if not, write to the Free Software

20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

21 */

23 #include "avformat.h"

24 #include "internal.h"

25 #include "network.h"

26 #include "url.h"

27 #include "tls.h"

28 #include "libavcodec/internal.h"

29 #include "libavutil/avutil.h"

30 #include "libavutil/opt.h"

32 #include <tls.h>

34 typedef struct TLSContext {

35 const AVClass *class;

36 TLSShared tls_shared;

37 struct tls *ctx;

38 } TLSContext;

40 static int ff_tls_close(URLContext *h)

41 {

42 TLSContext *p = h->priv_data;

43 if (p->ctx) {

44 tls_close(p->ctx);

45 tls_free(p->ctx);

46 }

47 if (p->tls_shared.tcp)

48 ffurl_close(p->tls_shared.tcp);

49 return 0;

50 }

52 static ssize_t tls_read_callback(struct tls *ctx, void *buf, size_t buflen, void *cb_arg)

53 {

54 URLContext *h = (URLContext*) cb_arg;

55 int ret = ffurl_read(h, buf, buflen);

56 if (ret == AVERROR(EAGAIN))

57 return TLS_WANT_POLLIN;

58 else if (ret == AVERROR_EXIT)

59 return 0;

60 return ret >= 0 ? ret : -1;

61 }

63 static ssize_t tls_write_callback(struct tls *ctx, const void *buf, size_t buflen, void *cb_arg)

64 {

65 URLContext *h = (URLContext*) cb_arg;

66 int ret = ffurl_write(h, buf, buflen);

67 if (ret == AVERROR(EAGAIN))

68 return TLS_WANT_POLLOUT;

69 else if (ret == AVERROR_EXIT)

70 return 0;

71 return ret >= 0 ? ret : -1;

72 }

74 static int ff_tls_open(URLContext *h, const char *uri, int flags, AVDictionary **options)

75 {

76 TLSContext *p = h->priv_data;

77 TLSShared *c = &p->tls_shared;

78 struct tls_config *cfg = NULL;

79 int ret;

81 if (tls_init() == -1) {

82 ret = AVERROR(EIO);

83 goto fail;

84 }

86 if ((ret = ff_tls_open_underlying(c, h, uri, options)) < 0)

87 goto fail;

89 p->ctx = !c->listen ? tls_client() : tls_server();

90 if (!p->ctx) {

91 ret = AVERROR(EIO);

92 goto fail;

93 }

95 cfg = tls_config_new();

96 if (!p->ctx) {

97 ret = AVERROR(EIO);

98 goto fail;

99 }

100 if (tls_config_set_protocols(cfg, TLS_PROTOCOLS_ALL) == -1)

101 goto err_config;

102 // While TLSv1.0 and TLSv1.1 are already enabled by the above,

103 // we need to be less strict with ciphers so it works in practice.

104 if (tls_config_set_ciphers(cfg, "compat") == -1)

105 goto err_config;

106 if (c->ca_file && tls_config_set_ca_file(cfg, c->ca_file) == -1)

107 goto err_config;

108 if (c->cert_file && tls_config_set_cert_file(cfg, c->cert_file) == -1)

109 goto err_config;

110 if (c->key_file && tls_config_set_key_file(cfg, c->key_file) == -1)

111 goto err_config;

112 if (!c->verify) {

113 tls_config_insecure_noverifycert(cfg);

114 tls_config_insecure_noverifyname(cfg);

115 tls_config_insecure_noverifytime(cfg);

116 }

117 if (tls_configure(p->ctx, cfg) == -1)

118 goto err_ctx;

119

120 if (!c->listen) {

121 ret = tls_connect_cbs(p->ctx, tls_read_callback, tls_write_callback,

122 c->tcp, c->host);

123 } else {

124 struct tls *ctx_new;

125 ret = tls_accept_cbs(p->ctx, &ctx_new, tls_read_callback,

126 tls_write_callback, c->tcp);

127 if (ret == 0) {

128 // free "server" context and replace by "connection" context

129 tls_free(p->ctx);

130 p->ctx = ctx_new;

131 }

132 }

133 if (ret == -1)

134 goto err_ctx;

135

136 tls_config_free(cfg);

137 return 0;

138 err_config:

139 av_log(h, AV_LOG_ERROR, "%s\n", tls_config_error(cfg));

140 ret = AVERROR(EIO);

141 goto fail;

142 err_ctx:

143 av_log(h, AV_LOG_ERROR, "%s\n", tls_error(p->ctx));

144 ret = AVERROR(EIO);

145 /* fallthrough */

146 fail:

147 if (cfg)

148 tls_config_free(cfg);

149 ff_tls_close(h);

150 return ret;

151 }

152

153 static int ff_tls_read(URLContext *h, uint8_t *buf, int size)

154 {

155 TLSContext *p = h->priv_data;

156 ssize_t ret;

157 ret = tls_read(p->ctx, buf, size);

158 if (ret > 0)

159 return ret;

160 else if (ret == 0)

161 return AVERROR_EOF;

162 av_log(h, AV_LOG_ERROR, "%s\n", tls_error(p->ctx));

163 return AVERROR(EIO);

164 }

165

166 static int ff_tls_write(URLContext *h, const uint8_t *buf, int size)

167 {

168 TLSContext *p = h->priv_data;

169 ssize_t ret;

170 ret = tls_write(p->ctx, buf, size);

171 if (ret > 0)

172 return ret;

173 else if (ret == 0)

174 return AVERROR_EOF;

175 av_log(h, AV_LOG_ERROR, "%s\n", tls_error(p->ctx));

176 return AVERROR(EIO);

177 }

178

179 static int tls_get_file_handle(URLContext *h)

180 {

181 TLSContext *c = h->priv_data;

182 return ffurl_get_file_handle(c->tls_shared.tcp);

183 }

184

185 static const AVOption options[] = {

186 TLS_COMMON_OPTIONS(TLSContext, tls_shared),

187 { NULL }

188 };

189

190 static const AVClass tls_class = {

191 .class_name = "tls",

192 .item_name = av_default_item_name,

193 .option = options,

194 .version = LIBAVUTIL_VERSION_INT,

195 };

196

197 const URLProtocol ff_tls_protocol = {

198 .name = "tls",

199 .url_open2 = ff_tls_open,

200 .url_read = ff_tls_read,

201 .url_write = ff_tls_write,

202 .url_close = ff_tls_close,

203 .url_get_file_handle = tls_get_file_handle,

204 .priv_data_size = sizeof(TLSContext),

205 .flags = URL_PROTOCOL_FLAG_NETWORK,

206 .priv_data_class = &tls_class,

207 };

tls.h

NULL

#define NULL

Definition: coverity.c:32

TLSContext

Definition: tls_gnutls.c:48

URL_PROTOCOL_FLAG_NETWORK

#define URL_PROTOCOL_FLAG_NETWORK

Definition: url.h:34

Definition: vp9dsp_template.c:2038

AVOption

AVOption.

Definition: opt.h:246

TLSShared::verify

int verify

Definition: tls.h:31

LIBAVUTIL_VERSION_INT

#define LIBAVUTIL_VERSION_INT

Definition: version.h:85

ffurl_write

int ffurl_write(URLContext *h, const unsigned char *buf, int size)

Write size bytes from buf to the resource accessed by h.

Definition: avio.c:421

av_default_item_name

const char * av_default_item_name(void *ptr)

Return the context name.

Definition: log.c:191

avutil.h

Convenience header that includes libavutil's core.

TLSShared::listen

int listen

Definition: tls.h:34

ff_tls_read

static int ff_tls_read(URLContext *h, uint8_t *buf, int size)

Definition: tls_libtls.c:153

AVClass::class_name

const char * class_name

The name of the class; usually it is the same name as the context structure type to which the AVClass...

Definition: log.h:72

uint8_t

Definition: audio_convert.c:194

opt.h

AVOptions.

TLSShared

Definition: tls.h:29

flags

static int flags

Definition: log.c:55

options

static const AVOption options[]

Definition: tls_libtls.c:185

AVERROR_EOF

#define AVERROR_EOF

End of file.

Definition: error.h:55

size

ptrdiff_t size

Definition: opengl_enc.c:101

av_log

#define av_log(a,...)

Definition: tableprint_vlc.h:28

AVDictionary

Definition: dict.c:30

AV_LOG_ERROR

#define AV_LOG_ERROR

Something went wrong and cannot losslessly be recovered.

Definition: log.h:176

AVERROR

#define AVERROR(e)

Definition: error.h:43

tls_read

static int tls_read(URLContext *h, uint8_t *buf, int size)

Definition: tls_gnutls.c:230

fail

#define fail()

Definition: checkasm.h:116

TLSShared::host

char * host

Definition: tls.h:36

tls_read_callback

static ssize_t tls_read_callback(struct tls *ctx, void *buf, size_t buflen, void *cb_arg)

Definition: tls_libtls.c:52

ctx

AVFormatContext * ctx

Definition: movenc.c:48

TLS_COMMON_OPTIONS

#define TLS_COMMON_OPTIONS(pstruct, options_field)

Definition: tls.h:45

network.h

tls_close

static int tls_close(URLContext *h)

Definition: tls_gnutls.c:94

TLSShared::cert_file

char * cert_file

Definition: tls.h:32

ffurl_get_file_handle

int ffurl_get_file_handle(URLContext *h)

Return the file descriptor associated with this URL.

Definition: avio.c:626

AVERROR_EXIT

#define AVERROR_EXIT

Immediate exit was requested; the called function should not be restarted.

Definition: error.h:56

TLSShared::ca_file

char * ca_file

Definition: tls.h:30

ff_tls_protocol

const URLProtocol ff_tls_protocol

Definition: tls_libtls.c:197

tls_get_file_handle

static int tls_get_file_handle(URLContext *h)

Definition: tls_libtls.c:179

URLProtocol

Definition: url.h:54

TLSContext::tls_shared

TLSShared tls_shared

Definition: tls_gnutls.c:50

buf

void * buf

Definition: avisynth_c.h:690

URLContext

Definition: url.h:38

AVClass

Describe the class of an AVClass context structure.

Definition: log.h:67

ff_tls_open

static int ff_tls_open(URLContext *h, const char *uri, int flags, AVDictionary **options)

Definition: tls_libtls.c:74

URLContext::priv_data

void * priv_data

Definition: url.h:41

URLProtocol::name

const char * name

Definition: url.h:55

ffurl_close

int ffurl_close(URLContext *h)

Definition: avio.c:467

tls_write_callback

static ssize_t tls_write_callback(struct tls *ctx, const void *buf, size_t buflen, void *cb_arg)

Definition: tls_libtls.c:63

avformat.h

Main libavformat public API header.

internal.h

common internal api header.

ff_tls_open_underlying

int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AVDictionary **options)

Definition: tls.c:56

TLSContext::ctx

struct tls * ctx

Definition: tls_libtls.c:37

static double c[64]

Definition: vsrc_mptestsrc.c:87

TLSShared::tcp

URLContext * tcp

Definition: tls.h:41

tls_class

static const AVClass tls_class

Definition: tls_libtls.c:190

ff_tls_write

static int ff_tls_write(URLContext *h, const uint8_t *buf, int size)

Definition: tls_libtls.c:166

tls_write

static int tls_write(URLContext *h, const uint8_t *buf, int size)

Definition: tls_gnutls.c:245

url.h

unbuffered private I/O API

ff_tls_close

static int ff_tls_close(URLContext *h)

Definition: tls_libtls.c:40

ffurl_read

int ffurl_read(URLContext *h, unsigned char *buf, int size)

Read up to size bytes from the resource accessed by h, and store the read bytes in buf...

Definition: avio.c:407

TLSShared::key_file

char * key_file

Definition: tls.h:33

Generated on Sun May 13 2018 02:04:07 for FFmpeg by doxygen 1.8.6