mirror of
https://git.ffmpeg.org/ffmpeg.git
synced 2024-12-24 16:22:37 +00:00
lavf/tls: let the user specify what name to verify against
This can be useful for debugging, or in scenarios where the user doesn't want to use the system's DNS settings for whatever reason. Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
parent
7630cce4b3
commit
6dd5371e34
@ -67,7 +67,7 @@ int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AV
|
||||
if (c->listen)
|
||||
snprintf(opts, sizeof(opts), "?listen=1");
|
||||
|
||||
av_url_split(NULL, 0, NULL, 0, c->host, sizeof(c->host), &port, NULL, 0, uri);
|
||||
av_url_split(NULL, 0, NULL, 0, c->underlying_host, sizeof(c->underlying_host), &port, NULL, 0, uri);
|
||||
|
||||
p = strchr(uri, '?');
|
||||
|
||||
@ -78,16 +78,19 @@ int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AV
|
||||
c->listen = 1;
|
||||
}
|
||||
|
||||
ff_url_join(buf, sizeof(buf), "tcp", NULL, c->host, port, "%s", p);
|
||||
ff_url_join(buf, sizeof(buf), "tcp", NULL, c->underlying_host, port, "%s", p);
|
||||
|
||||
hints.ai_flags = AI_NUMERICHOST;
|
||||
if (!getaddrinfo(c->host, NULL, &hints, &ai)) {
|
||||
if (!getaddrinfo(c->underlying_host, NULL, &hints, &ai)) {
|
||||
c->numerichost = 1;
|
||||
freeaddrinfo(ai);
|
||||
}
|
||||
|
||||
if (!c->host && !(c->host = av_strdup(c->underlying_host)))
|
||||
return AVERROR(ENOMEM);
|
||||
|
||||
proxy_path = getenv("http_proxy");
|
||||
use_proxy = !ff_http_match_no_proxy(getenv("no_proxy"), c->host) &&
|
||||
use_proxy = !ff_http_match_no_proxy(getenv("no_proxy"), c->underlying_host) &&
|
||||
proxy_path && av_strstart(proxy_path, "http://", NULL);
|
||||
|
||||
if (use_proxy) {
|
||||
@ -96,7 +99,7 @@ int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AV
|
||||
av_url_split(NULL, 0, proxy_auth, sizeof(proxy_auth),
|
||||
proxy_host, sizeof(proxy_host), &proxy_port, NULL, 0,
|
||||
proxy_path);
|
||||
ff_url_join(dest, sizeof(dest), NULL, NULL, c->host, port, NULL);
|
||||
ff_url_join(dest, sizeof(dest), NULL, NULL, c->underlying_host, port, NULL);
|
||||
ff_url_join(buf, sizeof(buf), "httpproxy", proxy_auth, proxy_host,
|
||||
proxy_port, "/%s", dest);
|
||||
}
|
||||
|
@ -35,7 +35,9 @@ typedef struct TLSShared {
|
||||
char *key_file;
|
||||
int listen;
|
||||
|
||||
char host[200];
|
||||
char *host;
|
||||
|
||||
char underlying_host[200];
|
||||
int numerichost;
|
||||
|
||||
URLContext *tcp;
|
||||
@ -48,7 +50,8 @@ typedef struct TLSShared {
|
||||
{"tls_verify", "Verify the peer certificate", offsetof(pstruct, options_field . verify), AV_OPT_TYPE_INT, { .i64 = 0 }, 0, 1, .flags = TLS_OPTFL }, \
|
||||
{"cert_file", "Certificate file", offsetof(pstruct, options_field . cert_file), AV_OPT_TYPE_STRING, .flags = TLS_OPTFL }, \
|
||||
{"key_file", "Private key file", offsetof(pstruct, options_field . key_file), AV_OPT_TYPE_STRING, .flags = TLS_OPTFL }, \
|
||||
{"listen", "Listen for incoming connections", offsetof(pstruct, options_field . listen), AV_OPT_TYPE_INT, { .i64 = 0 }, 0, 1, .flags = TLS_OPTFL }
|
||||
{"listen", "Listen for incoming connections", offsetof(pstruct, options_field . listen), AV_OPT_TYPE_INT, { .i64 = 0 }, 0, 1, .flags = TLS_OPTFL }, \
|
||||
{"verifyhost", "Verify against a specific hostname", offsetof(pstruct, options_field . host), AV_OPT_TYPE_STRING, .flags = TLS_OPTFL }
|
||||
|
||||
int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AVDictionary **options);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user