Message ID | 69b8a7a5-3826-4aef-88e1-2984d61a58bb@skybound.link |
---|---|
State | New |
Headers | show |
Series | [FFmpeg-devel,v2] libavformat/tls_mbedtls: Changes the return code handling of mbedtls_x509_crt_parse_file | expand |
Context | Check | Description |
---|---|---|
andriy/configure_x86 | warning | Failed to apply patch |
Hi, good day, I think something is wrong with this v2 patch, it is showing as corrupt in the patchwork system. See here: https://patchwork.ffmpeg.org/project/ffmpeg/patch/69b8a7a5-3826-4aef-88e1-2984d61a58bb@skybound.link/ By chance did you modify the .patch file directly?
Interesting, I did not personally. I sent it by generating an .eml file with git and then opening that in Thunderbird to send. I wonder if Thunderbird editor mangled it or something. Let me try sending directly via git as a -v3. On 01/08/2024 05:50, Marth64 wrote: > Hi, good day, > > I think something is wrong with this v2 patch, it is showing as corrupt in > the patchwork system. > See here: > https://patchwork.ffmpeg.org/project/ffmpeg/patch/69b8a7a5-3826-4aef-88e1-2984d61a58bb@skybound.link/ > By chance did you modify the .patch file directly? > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
diff --git a/libavformat/tls_mbedtls.c b/libavformat/tls_mbedtls.c index 567b95b129..ccf5ee38ad 100644 --- a/libavformat/tls_mbedtls.c +++ b/libavformat/tls_mbedtls.c @@ -223,9 +223,11 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op // load trusted CA if (shr->ca_file) { - if ((ret = mbedtls_x509_crt_parse_file(&tls_ctx->ca_cert, shr->ca_file)) != 0) { + if ((ret = mbedtls_x509_crt_parse_file(&tls_ctx->ca_cert, shr->ca_file)) < 0) { av_log(h, AV_LOG_ERROR, "mbedtls_x509_crt_parse_file for CA cert returned %d\n", ret); goto fail; + } else if (ret > 0) { + av_log(h, AV_LOG_WARNING, "Failed to process %d
mbedtls_x509_crt_parse_file returns an error with negative numbers, and positive numbers indicate the number of failed certificates to load from certificate specific issues, such as critical extensions. This would fix ticket #11079. Signed-off-by: Mohit Gupta <git@skybound.link> --- libavformat/tls_mbedtls.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) certificate(s) from the CA bundle, ignoring these certificates\n", ret); } } -- 2.45.2