24 #include <gnutls/gnutls.h> 25 #include <gnutls/x509.h> 38 #ifndef GNUTLS_VERSION_NUMBER 39 #define GNUTLS_VERSION_NUMBER LIBGNUTLS_VERSION_NUMBER 42 #if HAVE_THREADS && GNUTLS_VERSION_NUMBER <= 0x020b00 45 GCRY_THREAD_OPTION_PTHREAD_IMPL;
52 gnutls_certificate_credentials_t
cred;
59 #if HAVE_THREADS && GNUTLS_VERSION_NUMBER < 0x020b00 60 if (gcry_control(GCRYCTL_ANY_INITIALIZATION_P) == 0)
61 gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
70 gnutls_global_deinit();
79 case GNUTLS_E_INTERRUPTED:
80 #ifdef GNUTLS_E_PREMATURE_TERMINATION 81 case GNUTLS_E_PREMATURE_TERMINATION:
84 case GNUTLS_E_WARNING_ALERT_RECEIVED:
98 gnutls_bye(c->
session, GNUTLS_SHUT_WR);
102 gnutls_certificate_free_credentials(c->
cred);
126 const void *
buf,
size_t len)
152 gnutls_init(&p->
session, c->
listen ? GNUTLS_SERVER : GNUTLS_CLIENT);
154 gnutls_server_name_set(p->
session, GNUTLS_NAME_DNS, c->
host, strlen(c->
host));
155 gnutls_certificate_allocate_credentials(&p->
cred);
157 ret = gnutls_certificate_set_x509_trust_file(p->
cred, c->
ca_file, GNUTLS_X509_FMT_PEM);
161 #if GNUTLS_VERSION_NUMBER >= 0x030020 163 gnutls_certificate_set_x509_system_trust(p->
cred);
165 gnutls_certificate_set_verify_flags(p->
cred, c->
verify ?
166 GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT : 0);
168 ret = gnutls_certificate_set_x509_key_file(p->
cred,
170 GNUTLS_X509_FMT_PEM);
173 "Unable to set cert/key files %s and %s: %s\n",
180 gnutls_credentials_set(p->
session, GNUTLS_CRD_CERTIFICATE, p->
cred);
184 gnutls_priority_set_direct(p->
session,
"NORMAL",
NULL);
185 ret = gnutls_handshake(p->
session);
192 unsigned int status, cert_list_size;
193 gnutls_x509_crt_t cert;
194 const gnutls_datum_t *cert_list;
195 if ((ret = gnutls_certificate_verify_peers2(p->
session, &status)) < 0) {
197 gnutls_strerror(ret));
201 if (status & GNUTLS_CERT_INVALID) {
206 if (gnutls_certificate_type_get(p->
session) != GNUTLS_CRT_X509) {
211 gnutls_x509_crt_init(&cert);
212 cert_list = gnutls_certificate_get_peers(p->
session, &cert_list_size);
213 gnutls_x509_crt_import(cert, cert_list, GNUTLS_X509_FMT_DER);
214 ret = gnutls_x509_crt_check_hostname(cert, c->
host);
215 gnutls_x509_crt_deinit(cert);
218 "The certificate's owner does not match hostname %s\n", c->
host);
237 ret = gnutls_record_recv(c->
session, buf, size);
252 ret = gnutls_record_send(c->
session, buf, size);
287 .priv_data_class = &tls_class,
#define URL_PROTOCOL_FLAG_NETWORK
#define AV_LOG_WARNING
Something somehow does not look correct.
#define LIBAVUTIL_VERSION_INT
int ffurl_write(URLContext *h, const unsigned char *buf, int size)
Write size bytes from buf to the resource accessed by h.
void ff_gnutls_deinit(void)
const char * av_default_item_name(void *ptr)
Return the context name.
static ssize_t gnutls_url_push(gnutls_transport_ptr_t transport, const void *buf, size_t len)
static ssize_t gnutls_url_pull(gnutls_transport_ptr_t transport, void *buf, size_t len)
gnutls_certificate_credentials_t cred
const char * class_name
The name of the class; usually it is the same name as the context structure type to which the AVClass...
miscellaneous OS support macros and functions.
static const AVClass tls_class
#define AVERROR_EOF
End of file.
void ff_gnutls_init(void)
#define AV_LOG_ERROR
Something went wrong and cannot losslessly be recovered.
static int tls_read(URLContext *h, uint8_t *buf, int size)
#define TLS_COMMON_OPTIONS(pstruct, options_field)
static int tls_close(URLContext *h)
int ffurl_get_file_handle(URLContext *h)
Return the file descriptor associated with this URL.
#define AVERROR_EXIT
Immediate exit was requested; the called function should not be restarted.
#define AVIO_FLAG_NONBLOCK
Use non-blocking mode.
static int print_tls_error(URLContext *h, int ret)
Describe the class of an AVClass context structure.
int ffurl_close(URLContext *h)
common internal api header.
int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AVDictionary **options)
static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **options)
static int tls_write(URLContext *h, const uint8_t *buf, int size)
unbuffered private I/O API
static int tls_get_file_handle(URLContext *h)
int ffurl_read(URLContext *h, unsigned char *buf, int size)
Read up to size bytes from the resource accessed by h, and store the read bytes in buf...
const URLProtocol ff_tls_protocol
static const AVOption options[]