24 #include <gnutls/gnutls.h> 25 #include <gnutls/x509.h> 38 #if HAVE_THREADS && GNUTLS_VERSION_NUMBER <= 0x020b00 41 GCRY_THREAD_OPTION_PTHREAD_IMPL;
48 gnutls_certificate_credentials_t
cred;
55 #if HAVE_THREADS && GNUTLS_VERSION_NUMBER < 0x020b00 56 if (gcry_control(GCRYCTL_ANY_INITIALIZATION_P) == 0)
57 gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
66 gnutls_global_deinit();
74 case GNUTLS_E_INTERRUPTED:
76 case GNUTLS_E_WARNING_ALERT_RECEIVED:
90 gnutls_bye(c->
session, GNUTLS_SHUT_WR);
94 gnutls_certificate_free_credentials(c->
cred);
102 void *buf,
size_t len)
115 const void *buf,
size_t len)
138 gnutls_init(&p->
session, c->
listen ? GNUTLS_SERVER : GNUTLS_CLIENT);
140 gnutls_server_name_set(p->
session, GNUTLS_NAME_DNS, c->
host, strlen(c->
host));
141 gnutls_certificate_allocate_credentials(&p->
cred);
143 gnutls_certificate_set_x509_trust_file(p->
cred, c->
ca_file, GNUTLS_X509_FMT_PEM);
144 #if GNUTLS_VERSION_MAJOR >= 3 146 gnutls_certificate_set_x509_system_trust(p->
cred);
148 gnutls_certificate_set_verify_flags(p->
cred, c->
verify ?
149 GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT : 0);
151 ret = gnutls_certificate_set_x509_key_file(p->
cred,
153 GNUTLS_X509_FMT_PEM);
156 "Unable to set cert/key files %s and %s: %s\n",
162 gnutls_credentials_set(p->
session, GNUTLS_CRD_CERTIFICATE, p->
cred);
166 gnutls_priority_set_direct(p->
session,
"NORMAL",
NULL);
167 ret = gnutls_handshake(p->
session);
174 unsigned int status, cert_list_size;
175 gnutls_x509_crt_t cert;
176 const gnutls_datum_t *cert_list;
177 if ((ret = gnutls_certificate_verify_peers2(p->
session, &status)) < 0) {
179 gnutls_strerror(ret));
183 if (status & GNUTLS_CERT_INVALID) {
188 if (gnutls_certificate_type_get(p->
session) != GNUTLS_CRT_X509) {
193 gnutls_x509_crt_init(&cert);
194 cert_list = gnutls_certificate_get_peers(p->
session, &cert_list_size);
195 gnutls_x509_crt_import(cert, cert_list, GNUTLS_X509_FMT_DER);
196 ret = gnutls_x509_crt_check_hostname(cert, c->
host);
197 gnutls_x509_crt_deinit(cert);
200 "The certificate's owner does not match hostname %s\n", c->
host);
215 int ret = gnutls_record_recv(c->
session, buf, size);
226 int ret = gnutls_record_send(c->
session, buf, size);
254 .priv_data_class = &tls_class,
#define URL_PROTOCOL_FLAG_NETWORK
int avpriv_unlock_avformat(void)
#define AV_LOG_WARNING
Something somehow does not look correct.
int ffurl_write(URLContext *h, const unsigned char *buf, int size)
Write size bytes from buf to the resource accessed by h.
void ff_gnutls_deinit(void)
av_log(ac->avr, AV_LOG_TRACE, "%d samples - audio_convert: %s to %s (%s)\, len, av_get_sample_fmt_name(ac->in_fmt), av_get_sample_fmt_name(ac->out_fmt), use_generic ? ac->func_descr_generic :ac->func_descr)
static ssize_t gnutls_url_push(gnutls_transport_ptr_t transport, const void *buf, size_t len)
static ssize_t gnutls_url_pull(gnutls_transport_ptr_t transport, void *buf, size_t len)
gnutls_certificate_credentials_t cred
const char * class_name
The name of the class; usually it is the same name as the context structure type to which the AVClass...
miscellaneous OS support macros and functions.
static const AVClass tls_class
#define AVERROR_EOF
End of file.
void ff_gnutls_init(void)
#define AV_LOG_ERROR
Something went wrong and cannot losslessly be recovered.
static int tls_read(URLContext *h, uint8_t *buf, int size)
int avpriv_lock_avformat(void)
#define TLS_COMMON_OPTIONS(pstruct, options_field)
static int tls_close(URLContext *h)
#define AVERROR_EXIT
Immediate exit was requested; the called function should not be restarted.
static int print_tls_error(URLContext *h, int ret)
Describe the class of an AVClass context structure.
int ffurl_close(URLContext *h)
Close the resource accessed by the URLContext h, and free the memory used by it.
common internal api header.
int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AVDictionary **options)
const URLProtocol ff_tls_gnutls_protocol
static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **options)
static int tls_write(URLContext *h, const uint8_t *buf, int size)
unbuffered private I/O API
int ffurl_read(URLContext *h, unsigned char *buf, int size)
Read up to size bytes from the resource accessed by h, and store the read bytes in buf...
static const AVOption options[]