From patchwork Tue May 12 22:05:24 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?q?Jan_Ekstr=C3=B6m?= X-Patchwork-Id: 19659 Return-Path: X-Original-To: patchwork@ffaux-bg.ffmpeg.org Delivered-To: patchwork@ffaux-bg.ffmpeg.org Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by ffaux.localdomain (Postfix) with ESMTP id BDE0844A3BC for ; Wed, 13 May 2020 01:35:31 +0300 (EEST) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 983EB68A16F; Wed, 13 May 2020 01:35:31 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-wr1-f67.google.com (mail-wr1-f67.google.com [209.85.221.67]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 7843F689AE3 for ; Wed, 13 May 2020 01:35:25 +0300 (EEST) Received: by mail-wr1-f67.google.com with SMTP id e1so4133743wrt.5 for ; Tue, 12 May 2020 15:35:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=rP/S9nSKe6dzHL2j4GiNRAhvm5mYRIvkR1VLFUJd7vo=; b=OrMeBqZdkg1/DAkBKWEZk7vKyUmwbz3Zy+YOAo2X7ZQTHizSMoG9ynEkZVXmLkdurG cVhvdko1Z83TyyNCVYZdoiL6V/8bO5YrcnRKTKp9MLe658lNhkn2VGETP2gDpK2v2eM3 GfeBLk5MrADLjlgEmFrMiraPuEFv3GPSz/qLi0lBrfmTlrwSrLdSCAZdsCcbxAD/Ag6v W0DtHuaU0U1FIkrYi33+g0cUyIP2au9Lw7D0+FEiBIDoOn5aBOGz7V236kCZabKLwYko 2Xz/7d8qOdoC1P1uy8v9EeJubZ7g9LJZnEE0okduu2K8XJLhOvXTf1vS9pDKIcbdpPEP 3/3g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=rP/S9nSKe6dzHL2j4GiNRAhvm5mYRIvkR1VLFUJd7vo=; b=Hk6xmQrIwA5hyYWKTsVpR8v9ojawRw9HxjxfukGh4lwzw17YFNUg/7AkL2Z/d5lxkW odftXYnXOIphNCi32wb6eWAbJehl2QgBhfXFFvU/n4x2Mr88uMF1MATgkIDAJXggSayZ VYf8eKzLTtFTPoDI8wIfze2mi1DfXBQMn+mUxs1w5y/SRT/n56FKaiVoXALF+a2oP5T7 oWk92f9xNCEWuNa90SB4Ik8ouWwK4Vfd4Xjx9VyGpIovKdwRldhmqPSmid1dlUNwLuLT qhgGdmD/Vn6NTXQk1cAlEOjoDx5eYZqsHZ6SdkbZwhIU6QyfDYDZiO4x4Gw8NPZfblWw r70Q== X-Gm-Message-State: AGi0PuZSQovoSk99W4V91vdahjA9iOx7qdbBdWN9xqUdmufbR3vEejNh 9hYMlmkrIeI6LFlIAmUa5Ai8WkvO X-Google-Smtp-Source: ABdhPJxC8B7kEb0Xavy5lnGi0yJdDSFNr70izxTqMsBjzEEwc2WKMlpM93po4hHES1x0Rr7Vr/UY/A== X-Received: by 2002:a2e:9094:: with SMTP id l20mr522253ljg.115.1589321128344; Tue, 12 May 2020 15:05:28 -0700 (PDT) Received: from localhost.localdomain (91-159-194-103.elisa-laajakaista.fi. [91.159.194.103]) by smtp.gmail.com with ESMTPSA id s11sm14858178lfo.86.2020.05.12.15.05.27 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 May 2020 15:05:27 -0700 (PDT) From: =?utf-8?q?Jan_Ekstr=C3=B6m?= To: ffmpeg-devel@ffmpeg.org Date: Wed, 13 May 2020 01:05:24 +0300 Message-Id: <20200512220525.9911-2-jeebjp@gmail.com> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200512220525.9911-1-jeebjp@gmail.com> References: <20200512220525.9911-1-jeebjp@gmail.com> MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH 1/2] avformat/tls_schannel: always decrypt all received data X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" The dec_buf seems to be properly managed between read calls, and we have no logic to decrypt before attempting socket I/O. Thus - until now - such data would not be decrypted in case of connections such as HTTP keep-alive, as the recv call would always get executed first, block until rw_timeout, and then get retried by retry_transfer_wrapper. Thus - if data is received - decrypt all of it right away. This way it is available for the following requests in case they can be satisfied with it. --- libavformat/tls_schannel.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavformat/tls_schannel.c b/libavformat/tls_schannel.c index 4f0badcb8d..7a8842e7fe 100644 --- a/libavformat/tls_schannel.c +++ b/libavformat/tls_schannel.c @@ -424,7 +424,7 @@ static int tls_read(URLContext *h, uint8_t *buf, int len) c->enc_buf_offset += ret; } - while (c->enc_buf_offset > 0 && sspi_ret == SEC_E_OK && c->dec_buf_offset < len) { + while (c->enc_buf_offset > 0 && sspi_ret == SEC_E_OK) { /* input buffer */ init_sec_buffer(&inbuf[0], SECBUFFER_DATA, c->enc_buf, c->enc_buf_offset);