diff options
| author | Rodger Combs <rodger.combs@gmail.com> | 2015-06-08 16:59:32 -0500 |
|---|---|---|
| committer | Michael Niedermayer <michaelni@gmx.at> | 2015-06-09 01:06:32 +0200 |
| commit | ecefce41d9f9fd10a8f564b011cd565cff2eb3ef (patch) | |
| tree | 66c0794c0a55d2077288519be63f4e12a214cb1e | |
| parent | 074159ed70acd379d94378b72a9202283e651ba0 (diff) | |
| download | ffmpeg-ecefce41d9f9fd10a8f564b011cd565cff2eb3ef.tar.gz | |
lavf/tls_securetransport: fix SNI support when not verifying
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
| -rw-r--r-- | libavformat/tls_securetransport.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/libavformat/tls_securetransport.c b/libavformat/tls_securetransport.c index 9951b905b4..73662d78d2 100644 --- a/libavformat/tls_securetransport.c +++ b/libavformat/tls_securetransport.c @@ -273,13 +273,13 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op if (s->ca_file) { if ((ret = load_ca(h)) < 0) goto fail; - CHECK_ERROR(SSLSetSessionOption, c->ssl_context, kSSLSessionOptionBreakOnServerAuth, true); } + if (s->ca_file || !s->verify) + CHECK_ERROR(SSLSetSessionOption, c->ssl_context, kSSLSessionOptionBreakOnServerAuth, true); if (s->cert_file) if ((ret = load_cert(h)) < 0) goto fail; - if (s->verify) - CHECK_ERROR(SSLSetPeerDomainName, c->ssl_context, s->host, strlen(s->host)); + CHECK_ERROR(SSLSetPeerDomainName, c->ssl_context, s->host, strlen(s->host)); CHECK_ERROR(SSLSetIOFuncs, c->ssl_context, tls_read_cb, tls_write_cb); CHECK_ERROR(SSLSetConnection, c->ssl_context, h); while (1) { |