[FFmpeg-cvslog] lavf/tls_mbedtls: fix handling of tls_verify=0

sfan5 git at videolan.org
Thu Dec 30 19:43:25 EET 2021


ffmpeg | branch: master | sfan5 <sfan5 at live.de> | Mon Dec 13 21:55:41 2021 +0100| [65197e9c98f46a79dd02c993cfcb0e70f65878cf] | committer: Jan Ekström

lavf/tls_mbedtls: fix handling of tls_verify=0

If ca_file was set, setting tls_verify=0 would not actually disable
verification.

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=65197e9c98f46a79dd02c993cfcb0e70f65878cf
---

 libavformat/tls_mbedtls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavformat/tls_mbedtls.c b/libavformat/tls_mbedtls.c
index aadf17760d..5754d0d018 100644
--- a/libavformat/tls_mbedtls.c
+++ b/libavformat/tls_mbedtls.c
@@ -223,7 +223,7 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op
     }
 
     mbedtls_ssl_conf_authmode(&tls_ctx->ssl_config,
-                              shr->ca_file ? MBEDTLS_SSL_VERIFY_REQUIRED : MBEDTLS_SSL_VERIFY_NONE);
+                              shr->verify ? MBEDTLS_SSL_VERIFY_REQUIRED : MBEDTLS_SSL_VERIFY_NONE);
     mbedtls_ssl_conf_rng(&tls_ctx->ssl_config, mbedtls_ctr_drbg_random, &tls_ctx->ctr_drbg_context);
     mbedtls_ssl_conf_ca_chain(&tls_ctx->ssl_config, &tls_ctx->ca_cert, NULL);
 



More information about the ffmpeg-cvslog mailing list