From 5970f4bb027c4eb8aca3cdca677fcca03aef1e82 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Mon, 14 Oct 2013 00:56:32 +0200 Subject: [PATCH] avformat/http: check the auth string contents not the pointer which cannot be NULL It appears this bug originates from a "work in progress" patch from ffmpeg-devel that was heavily redesigned by and integrated in libav And that patch even had a reply and review on the mailing list pointing out that it had a bug. This fixes a deadlock with ffserver See: [FFmpeg-devel] [PATCH] Fix HTTP authentication problem for POST actions. [FFmpeg-devel] [PATCH 1/3] Introduce auth_phase flag, which will be true if authorization needs to be sent, but the type of authorization is not known yet Partial fix #3036 [FFmpeg-devel] [PATCH 2/3] Only add Transfer-Encoding header when not in authorization phase, because server will wait (indefinitely) for data when receiving this header Partial fix #3036 [FFmpeg-devel] [PATCH 3/3] Only allow posting data and/or forcing a 200 code, enabling posting isml chunks, -after- we did a possible first request to get a 403 from the server telling us which type of authentication to apply Final part fix #3036 See: 71549a857b13edf4c4f95037de6ed5bb4c4bd4af Signed-off-by: Michael Niedermayer --- libavformat/http.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavformat/http.c b/libavformat/http.c index f88d58f024..3d477366ae 100644 --- a/libavformat/http.c +++ b/libavformat/http.c @@ -609,7 +609,7 @@ static int http_connect(URLContext *h, const char *path, const char *local_path, * send Expect: 100-continue to get the 401 response including the * WWW-Authenticate header, or an 100 continue if no auth actually * is needed. */ - if (auth && s->auth_state.auth_type == HTTP_AUTH_NONE && + if (*auth && s->auth_state.auth_type == HTTP_AUTH_NONE && s->http_code != 401) send_expect_100 = 1; }