1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-11-21 10:55:51 +02:00

lavf/tls_mbedtls: hook up debug message callback

Unfortunately this won't work out-of-the-box because mbedTLS
only provides a global (not per-context) debug toggle.

Signed-off-by: Anton Khirnov <anton@khirnov.net>
This commit is contained in:
sfan5 2024-05-13 20:26:16 +02:00 committed by Anton Khirnov
parent 807d1505bf
commit 827578ca76

View File

@ -26,6 +26,7 @@
#include <mbedtls/platform.h>
#include <mbedtls/ssl.h>
#include <mbedtls/x509_crt.h>
#include <mbedtls/debug.h>
#ifdef MBEDTLS_PSA_CRYPTO_C
#include <psa/crypto.h>
#endif
@ -36,6 +37,7 @@
#include "tls.h"
#include "libavutil/mem.h"
#include "libavutil/parseutils.h"
#include "libavutil/avstring.h"
typedef struct TLSContext {
const AVClass *class;
@ -112,6 +114,13 @@ static int mbedtls_recv(void *ctx, unsigned char *buf, size_t len)
return handle_transport_error(h, "ffurl_read", MBEDTLS_ERR_SSL_WANT_READ, ret);
}
static void mbedtls_debug(void *ctx, int lvl, const char *file, int line, const char *msg)
{
URLContext *h = (URLContext*) ctx;
int av_lvl = lvl >= 4 ? AV_LOG_TRACE : AV_LOG_DEBUG;
av_log(h, av_lvl, "%s:%d: %s", av_basename(file), line, msg);
}
static void handle_pk_parse_error(URLContext *h, int ret)
{
switch (ret) {
@ -204,6 +213,14 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op
mbedtls_x509_crt_init(&tls_ctx->ca_cert);
mbedtls_pk_init(&tls_ctx->priv_key);
if (av_log_get_level() >= AV_LOG_DEBUG) {
mbedtls_ssl_conf_dbg(&tls_ctx->ssl_config, mbedtls_debug, shr->tcp);
/*
* Note: we can't call mbedtls_debug_set_threshold() here because
* it's global state. The user is thus expected to manage this.
*/
}
// load trusted CA
if (shr->ca_file) {
if ((ret = mbedtls_x509_crt_parse_file(&tls_ctx->ca_cert, shr->ca_file)) != 0) {