From patchwork Fri Jan 18 08:46:01 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Rodger Combs X-Patchwork-Id: 11793 Return-Path: X-Original-To: patchwork@ffaux-bg.ffmpeg.org Delivered-To: patchwork@ffaux-bg.ffmpeg.org Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by ffaux.localdomain (Postfix) with ESMTP id D39EC44E019 for ; Fri, 18 Jan 2019 10:46:19 +0200 (EET) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 043A368AC63; Fri, 18 Jan 2019 10:46:08 +0200 (EET) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-it1-f193.google.com (mail-it1-f193.google.com [209.85.166.193]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 479BB68AC5F for ; Fri, 18 Jan 2019 10:46:01 +0200 (EET) Received: by mail-it1-f193.google.com with SMTP id m8so505346itk.0 for ; Fri, 18 Jan 2019 00:46:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=JNDT6B3gcvQKM/Zev+34px5j7+wtw3Ms8GIBa1La4Pc=; b=BSsOzuz3ESM1hZvozjCDpfr6HI7xddgLhjOYAZJ8BV2xWYl/Xk7CqD0RF6FEtPdMBB Pdi+HuF/DOAeqORIIEEo9OdZwiGY2TgVQJEejCT1+s/aS7QOgqxIStWS617bG1ZTZfmK 1xgQi4XchPplLVsAqTQjZS9ufvf/Rdg5+wgP5UtyuanfYD1nwYnRAfucfV2sdU9l4p3I cd3GnFftrWrBUGtYvBX61wC9EAWuZdfBt7hwAGbjWkBuLS0ZFt0Og0U5dpoD6hGT5T4X gi3V3tjCoWfU9IvAyJ1MouPgC4KToBrGXUh0NRYKH59y+njeqXsvYwXejQ3J5XoIHNe/ doqA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=JNDT6B3gcvQKM/Zev+34px5j7+wtw3Ms8GIBa1La4Pc=; b=WtLSguOJnSGpKNWHGZuGu0k5gmBbXTWqAYnQaUpN9LrE9j6zbGvlEZ8lDMP6UCBsgK JnWqmVRcJND6o8qp6I/D3lG+jl6HYWLF78ginnknUhuUA3vzgCxWtWD1ZhJqoTLcqlHT Is41wxEq9PPYfGkRhawsbQjAUlmLMgTClNUZ+RqxvSeJQ5nckhwDBLzkW4It4OtaGJ/W OXpqrdYfRpHGhp8wH6yuyZgm412oLNXybeCAVWJDc0hohvXEhOZlR15KWylXiMuH6/Uu NFoS+kYFU3hnjPUQjoPi8lmJ4UuKjtpWtWs/INpmCTPko07aCVOhGjo4GFI6rA6q2rfJ TPCg== X-Gm-Message-State: AJcUukc/MFvK4zuNyZKMwLtfAR9gYnUt/JrWkZzgXht3Y9woyBrIhSLG 4070q8iBhXOidh3c2ND8wB1tPVTC X-Google-Smtp-Source: ALg8bN6U6xJKqVw48H7VrxmQLXolKUmCfKj0q7FF1U912quOk/6oazSrQexjO38jbjcVCaoSPROkFw== X-Received: by 2002:a02:ba01:: with SMTP id z1mr10367028jan.100.1547801175069; Fri, 18 Jan 2019 00:46:15 -0800 (PST) Received: from Rodgers-MBP.localdomain ([71.201.155.37]) by smtp.gmail.com with ESMTPSA id b25sm1477777iot.10.2019.01.18.00.46.14 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 18 Jan 2019 00:46:14 -0800 (PST) From: Rodger Combs To: ffmpeg-devel@ffmpeg.org Date: Fri, 18 Jan 2019 02:46:01 -0600 Message-Id: <20190118084604.82324-2-rodger.combs@gmail.com> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190118084604.82324-1-rodger.combs@gmail.com> References: <20190118084604.82324-1-rodger.combs@gmail.com> MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH 2/5] lavf/tls_openssl: if no CA path is set, use the system default X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" This is consistent with the other TLS wrappers --- libavformat/tls_openssl.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/libavformat/tls_openssl.c b/libavformat/tls_openssl.c index 9dd53c6fc0..ae3fd6e236 100644 --- a/libavformat/tls_openssl.c +++ b/libavformat/tls_openssl.c @@ -253,6 +253,9 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op if (c->ca_file) { if (!SSL_CTX_load_verify_locations(p->ctx, c->ca_file, NULL)) av_log(h, AV_LOG_ERROR, "SSL_CTX_load_verify_locations %s\n", ERR_error_string(ERR_get_error(), NULL)); + } else { + if (!SSL_CTX_set_default_verify_paths(p->ctx)) + av_log(h, AV_LOG_ERROR, "SSL_CTX_set_default_verify_paths %s\n", ERR_error_string(ERR_get_error(), NULL)); } if (c->cert_file && !SSL_CTX_use_certificate_chain_file(p->ctx, c->cert_file)) { av_log(h, AV_LOG_ERROR, "Unable to load cert file %s: %s\n",