[FFmpeg-devel] [PATCH] lavf/tls_mbedtls: add support for mbedtls version 3
Timo Rothenpieler
timo at rothenpieler.org
Mon Apr 25 01:48:00 EEST 2022
On 24.04.2022 01:32, Timo Rothenpieler wrote:
> - certs.h is gone. Only contains test data, and was not used at all.
> - config.h is renamed. Was seemingly not used, so can be removed.
> - MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE is gone, instead
> MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE will be thrown.
> - mbedtls_pk_parse_keyfile now needs to be passed a properly seeded
> RNG. Hence, move the call to after RNG seeding.
>
I'd really like some review on this, and merge it rather sooner than later.
Also, I think this should be backported to all currently maintained
branches, since mbedtls<3 is no longer maintained, so lack of support
for recent versions is a potential security issue.
Would hate to just push it without review, even though it looks trivial
enough to me, it is touching TLS code.
More information about the ffmpeg-devel
mailing list