virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-08-04 22:03:09 +02:00
Code Issues Releases Activity

avformat/tls_openssl: load default verify locations

Browse Source 
When no explicit CAs file is set, load the default locations,
else there is no way for verification to succeed.

This matches the behavior of other TLS backends.
This commit is contained in:
Marvin Scholz
2025-07-08 20:05:47 +02:00
parent f4befeb767
commit 080dc4cf54
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
libavformat/tls_openssl.c
View File

@ -740,6 +740,12 @@ static av_cold int openssl_init_ca_key_cert(URLContext *h)
if (c->ca_file) {
if (!SSL_CTX_load_verify_locations(p->ctx, c->ca_file, NULL))
av_log(h, AV_LOG_ERROR, "SSL_CTX_load_verify_locations %s\n", openssl_get_error(p));
} else {
if (!SSL_CTX_set_default_verify_paths(p->ctx)) {
// Only log the failure but do not error out, as this is not fatal
av_log(h, AV_LOG_WARNING, "Failure setting default verify locations: %s\n",
openssl_get_error(p));
}
}
if (c->cert_file) {