aboutsummaryrefslogtreecommitdiffstats
path: root/libavformat
Commit message (Collapse)AuthorAgeFilesLines
...
* avformat/tls_openssl: avoid unusual inline-if styleTimo Rothenpieler2025-07-171-2/+5
|
* avformat/tls_openssl: make tls and dtls use one close functionJack Lau2025-07-171-15/+3
| | | | | Signed-off-by: Jack Lau <jacklau1222@qq.com> Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
* avformat/tls_openssl: remove all redundant "TLS: " in log with AVClassJack Lau2025-07-171-5/+5
| | | | | Signed-off-by: Jack Lau <jacklau1222@qq.com> Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
* avformat/tls_openssl: replace 1 with TLS_ST_OK to be more clearJack Lau2025-07-171-1/+2
| | | | | Signed-off-by: Jack Lau <jacklau1222@qq.com> Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
* avformat/whip: free udp socket after dtls freeJack Lau2025-07-171-1/+1
| | | | | | | | the SSL_shutdown in tls_close need call the url_bio_bwrite so we should keep udp still alive Signed-off-by: Jack Lau <jacklau1222@qq.com> Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
* avformat/tls_openssl: unset nonblock flag on correct URLContext during dtls ↵Timo Rothenpieler2025-07-171-4/+1
| | | | | | | handshake The internal BIO functions do not in fact look at this flag, only the outer tls_read and tls_write functions do.
* avformat/tls_openssl: set tlsext host name after init sslJack Lau2025-07-171-3/+3
| | | | | Signed-off-by: Jack Lau <jacklau1222@qq.com> Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
* avformat/flvdec: don't skip backwards or over EOFTimo Rothenpieler2025-07-161-2/+10
| | | | | | | | | | | Skipping backwards (and even forwards) resets the EOF flag, and can thus lead to infinite looping if the conditions are just right. Fixes: Infinite loop Fixes: 427538726/clusterfuzz-testcase-minimized-ffmpeg_dem_FLV_fuzzer-6582567304495104 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
* avformat/tls_openssl: automatically generate self-signed certificate when ↵Timo Rothenpieler2025-07-161-5/+30
| | | | none is provided in listen mode
* avformat/tls_openssl: make generating fingerprints optionalTimo Rothenpieler2025-07-161-8/+12
|
* avformat/tls_openssl: don't expose deprecated EC_KEY outside of its functionTimo Rothenpieler2025-07-161-11/+9
|
* avformat/tls_openssl: properly free generated/read keys and certificatesTimo Rothenpieler2025-07-161-2/+24
|
* avformat/tls_openssl: don't enable read_ahead in dtls modeTimo Rothenpieler2025-07-161-3/+0
| | | | | OpenSSL docs say: These functions have no impact when used with DTLS.
* avformar/tls_openssl: use correct info callback in DTLS modeTimo Rothenpieler2025-07-161-1/+1
|
* avformat/tls_openssl: clean up peer verify logic in dtls modeTimo Rothenpieler2025-07-161-14/+8
|
* avformat/tls_openssl: don't hardcode ciphers and curves for dtlsTimo Rothenpieler2025-07-161-22/+0
|
* avformat/tls_openssl: properly limit written size to data mtuTimo Rothenpieler2025-07-161-0/+5
|
* avformat/tls_openssl: set default MTU if none is setTimo Rothenpieler2025-07-161-2/+6
|
* avformat/tls_openssl: initialize DTLS context with correct methodTimo Rothenpieler2025-07-161-1/+2
|
* avformat/tls_openssl: don't abort if dtls has no key/cert setTimo Rothenpieler2025-07-161-8/+0
|
* avformat/tls_openssl: force dtls handshake to be blockingTimo Rothenpieler2025-07-161-6/+12
| | | | | There is no sensible way to handle this otherwise anyway, one just has to loop over this function until it succeeds.
* avformat/tls_openssl: set dtls remote addr in listen modeTimo Rothenpieler2025-07-161-1/+17
| | | | | Taken from the first received packet, which will signify the now permanent peer of this DTLS "connection".
* avformat/tls_schannel: add check for Windows 10 only types and definesJames Almer2025-07-151-2/+31
| | | | | | | Old Mingw-w64 releases provided by some distros seemingly don't have them, so check for them and disable the dtls protocol if unavailable. Signed-off-by: James Almer <jamrial@gmail.com>
* avformat/tls_schannel: fix non-blocking write breaking TLS sessionsTimo Rothenpieler2025-07-111-32/+79
|
* avformat/tls_schannel: add option to load server certificate from storeTimo Rothenpieler2025-07-111-7/+40
|
* avformat/tls_schannel: add DTLS supportTimo Rothenpieler2025-07-112-63/+829
|
* avformat/tls: make passing an external socket universalTimo Rothenpieler2025-07-113-11/+16
|
* avformat/udp: add function to set remote address directlyTimo Rothenpieler2025-07-112-0/+31
|
* avformat/udp: separate rx and tx fifoTimo Rothenpieler2025-07-111-20/+27
|
* avformat/udp: make recv addr of each packet availableTimo Rothenpieler2025-07-112-18/+36
|
* avformat/tls: move whip specific init out of generic tls codeTimo Rothenpieler2025-07-113-13/+13
|
* avformat/rtsp: check copy_tls_opts_dictMarvin Scholz2025-07-111-10/+33
| | | | | Properly check av_dict_set return values and propagate them to the caller so they can be handled.
* avformat/rtsp: use av_unreachableMarvin Scholz2025-07-111-1/+1
|
* avformat/rtsp: fix misleading indentationMarvin Scholz2025-07-111-2/+2
|
* avformat/scd: ensure SCD_MIN_HEADER_SIZE bytes are readKacper Michajłow2025-07-111-1/+2
| | | | | | | | | | | Instead of accessing unintialized data when input is shorter than expected size. Fixes use of uninitialized value in MSAN build. Found by OSS-Fuzz. Signed-off-by: Kacper Michajłow <kasper93@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/rtsp: fix leak of options dict on errorMarvin Scholz2025-07-101-0/+3
| | | | | | Fix CID 1655306 Reviewed-by: Kieran Kunhya <kierank@obe.tv>
* avformat/tls: rename accidentally changed optionsMarvin Scholz2025-07-081-2/+2
| | | | | | | These were accidentally renamed back to the old names in ba9817df9df5911ceb2edff37d9ec970c29329e2 Reviewed-by: Timo Rothenpieler <timo@rothenpieler.org>
* avformat/mov: add support for APV streamsDawid Kozinski2025-07-073-2/+9
| | | | | Signed-off-by: Dawid Kozinski <d.kozinski@samsung.com> Signed-off-by: James Almer <jamrial@gmail.com>
* avformat: rtsp: export AV_PKT_DATA_RTCP_SRMarvin Scholz2025-07-071-0/+18
|
* lavf: add and use AVRTCPSenderReport structMarvin Scholz2025-07-073-17/+23
| | | | This will be used in a future commit to expose the SR as side-data.
* lavf/rtpdec: fix RTCP SR packet length checkMarvin Scholz2025-07-071-1/+1
| | | | | | | | | The minimum valid packet length is 28, given that the length includes the packet header. This didn't cause any issues so far as the code did not care about the last two fields in the SR section, but will be relevant in a future commit.
* avformat/tls_openssl: use SSL_CTX_set_min_proto_versionMarvin Scholz2025-07-071-1/+5
| | | | | | Using SSL_CTX_set_options to disallow specific versions is discouraged by the documentation, which recommends to use SSL_CTX_set_min_proto_version instead.
* avformat/tls_openssl: use TLS_[client|server]_methodMarvin Scholz2025-07-071-2/+2
| | | | | SSLv23_*_method was just a define for these anyway since OpenSSL 1.1.0 and the old functions are deprecated.
* avformat/tls_openssl: remove unnecessary checksMarvin Scholz2025-07-071-4/+4
| | | | Calling av_free with NULL is a no-op so this check is not needed.
* avformat/tls_openssl: remove leftover commentMarvin Scholz2025-07-071-1/+0
|
* avformat/tls_openssl: properly get new BIO indexMarvin Scholz2025-07-071-4/+12
| | | | | | As noted in the OpenSSL documentation, BIO_get_new_index must be used to get a new BIO index. This is ORd with the proper type flag BIO_TYPE_SOURCE_SINK.
* avformat/tls_openssl: remove now unnecessary defineMarvin Scholz2025-07-071-4/+2
| | | | | This was used previously when multiple OpenSSL versions were supported that required this to be handled differently.
* avformat: tls: drop support for OpenSSL < 1.1.0Marvin Scholz2025-07-072-172/+2
|
* avformat/rtsp: add TLS optionsDaniel N Pettersson2025-07-072-1/+36
| | | | | | | Add TLS options to RTSP for when TLS is used for the lower protocol. Signed-off-by: Marvin Scholz <epirat07@gmail.com> Co-authored-by: Marvin Scholz <epirat07@gmail.com>
* avformat/tls: move common client options into their own defineMarvin Scholz2025-07-071-5/+9
| | | | Used in a future commit to not duplicate options.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 05:15:04 +0000