From 65197e9c98f46a79dd02c993cfcb0e70f65878cf Mon Sep 17 00:00:00 2001 From: sfan5 Date: Mon, 13 Dec 2021 21:55:41 +0100 Subject: [PATCH] lavf/tls_mbedtls: fix handling of tls_verify=0 If ca_file was set, setting tls_verify=0 would not actually disable verification. --- libavformat/tls_mbedtls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavformat/tls_mbedtls.c b/libavformat/tls_mbedtls.c index aadf17760d..5754d0d018 100644 --- a/libavformat/tls_mbedtls.c +++ b/libavformat/tls_mbedtls.c @@ -223,7 +223,7 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op } mbedtls_ssl_conf_authmode(&tls_ctx->ssl_config, - shr->ca_file ? MBEDTLS_SSL_VERIFY_REQUIRED : MBEDTLS_SSL_VERIFY_NONE); + shr->verify ? MBEDTLS_SSL_VERIFY_REQUIRED : MBEDTLS_SSL_VERIFY_NONE); mbedtls_ssl_conf_rng(&tls_ctx->ssl_config, mbedtls_ctr_drbg_random, &tls_ctx->ctr_drbg_context); mbedtls_ssl_conf_ca_chain(&tls_ctx->ssl_config, &tls_ctx->ca_cert, NULL);