From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.ffmpeg.org (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTPS id 995544B016 for ; Tue, 23 Sep 2025 01:47:03 +0000 (UTC) Authentication-Results: ffbox; dkim=fail (body hash mismatch (got b'N0Sd1UH75fGGQb2s3iAtByEiC1G/krGEPt0o8RjAcIk=', expected b'6Tx6TMEhxdjINQt8wH5gvOUaizoHWNuHzGTVZgLnj+0=')) header.d=ffmpeg.org header.i=@ffmpeg.org header.a=rsa-sha256 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ffmpeg.org; i=@ffmpeg.org; q=dns/txt; s=mail; t=1758592020; h=mime-version : to : date : message-id : reply-to : subject : list-id : list-archive : list-archive : list-help : list-owner : list-post : list-subscribe : list-unsubscribe : from : cc : content-type : content-transfer-encoding : from; bh=N0Sd1UH75fGGQb2s3iAtByEiC1G/krGEPt0o8RjAcIk=; b=FkwxyeaHmUhhJ+4zD5tE3tcEBLxGEiPRG4l37oS2Ckx1NY/sfN7EUFstsoKVWZ4gt4cqv +ZMOEf+cWpDjcuJ6pigGuCMPC74FXiJNCDXsMCXSGbocK70XZizUYcCSQnLv2M4q8Rnxhqi q6DH2U45ghmdCxrFZR8u+SpgkksAwddcgqZcZ/LzJrF9KTu0XobGhSjB0IGbZ00Bwof4sMp 2xVRuSmevtfGrQqXPOyRGBtxmM0fYG+0zmMcnoat/VimTZ+xWhrmsoaX3enGMiozYxo7Kim 6TDdj3jFiPCFdchK1A2+pWkpkas6meYBO/dbCYFvPlMmqENRYslIRiVHv9OA== Received: from [172.19.0.4] (unknown [172.19.0.4]) by ffbox0-bg.ffmpeg.org (Postfix) with ESMTP id 4B2AD68EB46; Tue, 23 Sep 2025 04:47:00 +0300 (EEST) ARC-Seal: i=1; cv=none; a=rsa-sha256; d=ffmpeg.org; s=arc; t=1758592019; b=jYR3CSEx7FVFBoWO//N0Nln/Qhb2sjWMLf9Ne34f+hlLC9ig52rYKQfcgjN9MIgZ+8gqV HH2TMc/NITOZFw1UFLB14y5kfBSbqM/7Q/Y2oZf7JUHBCU2dnPvZvN0ZAFuw3QOlh2A3B63 qC74PmSUdXC8h7o1C1VnJQX0VQ8qVW9DKlX6IMUUcZmekIWE0LzkSZ56ZeKDcfwElotPq23 TS/7xMgnq0i0tYSAkMYcOj02MnK0Rq+xfan5QMxBShXJ1ULSg0hnKu11pyZcd0DkJq93HZC RGQUnePnK6AuUpsqBq7ZgqUg7GAR2GR4QIXAXTa09pPcqwJPx/HulAJY0GjA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=ffmpeg.org; s=arc; t=1758592019; h=from : sender : reply-to : subject : date : message-id : to : cc : mime-version : content-type : content-transfer-encoding : content-id : content-description : resent-date : resent-from : resent-sender : resent-to : resent-cc : resent-message-id : in-reply-to : references : list-id : list-help : list-unsubscribe : list-subscribe : list-post : list-owner : list-archive; bh=YfJHnTB4FS4qob7p1FXBHhge2tgmR11LEnpDf0MEz7s=; b=BTIibetxx/7DHSKACS6P1HBevhFq/mwsg7wHGyNLcGFp7bATck4XJIWL7RijdvdF0yk5+ oma8jr9rDd5vpG1KfoVUPFNabmjKH2/oGqMp/PrfKxFvMJgp1pl+YLPxGDCosbnHllMB0rS BU2S33oj4IjoyQZ3eEMutelRUwlZSPtP8CmpGAQ9L0ChUKhoV7ooOdz8V//iGH5UJBZzavD xcylXn0N6QsULzsXfkP+HMOO1KOISVpKlCpX0BlY6+JR+B9MsDoKb65jFaHRizf223PP3Lr V+qijaug9iSNciFmRjTJMkTrfU8+opeB0B2WrNaJ65qU2Bs2d4E5gUfe6srg== ARC-Authentication-Results: i=1; ffmpeg.org; dkim=pass header.d=ffmpeg.org header.i=@ffmpeg.org; arc=none; dmarc=pass header.from=ffmpeg.org policy.dmarc=quarantine Authentication-Results: ffmpeg.org; dkim=pass header.d=ffmpeg.org header.i=@ffmpeg.org; arc=none (Message is not ARC signed); dmarc=pass (Used From Domain Record) header.from=ffmpeg.org policy.dmarc=quarantine DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ffmpeg.org; i=@ffmpeg.org; q=dns/txt; s=mail; t=1758592010; h=content-type : mime-version : content-transfer-encoding : from : to : reply-to : subject : date : from; bh=6Tx6TMEhxdjINQt8wH5gvOUaizoHWNuHzGTVZgLnj+0=; b=LpLD9bMMauGVioLDTaPggY3tV+joE7s4Hq1Lrk1/VO3HZ7Vni4yOqOT0SafmoUFTNnH31 fpl+9rz2dkNWcnLjl/ewkHPX19kfFdm+OjUzNfNxS3RHGCcZ0NwUqAgoK0/N0O7Kxp08Mk/ KeX8OONSmYMCi4uNXlLMPor8vYiYxs8Yc2ngTNOmAgwkgWoL3ZqOT+zMxzTwJRE06bZ9rtu zegkFcn4ha7ICJpRraZ2PLhj1cZc66+gTCbT09R2MGOVlViw2sgYC5YhH6HjADwBFwDSRjK xDm9KDSmFpjrboXdvMNvci7KRKrqbtn5CCAB11B3VQk4GdSgEVYIHQ1zyIVA== Received: from ed19c606a818 (code.ffmpeg.org [188.245.149.3]) by ffbox0-bg.ffmpeg.org (Postfix) with ESMTPS id C3DA168EB36 for ; Tue, 23 Sep 2025 04:46:50 +0300 (EEST) MIME-Version: 1.0 To: ffmpeg-devel@ffmpeg.org Date: Tue, 23 Sep 2025 01:46:50 -0000 Message-ID: <175859201094.25.17087140219576026084@463a07221176> Message-ID-Hash: 2XZZV7BQMHEXXFEFBVBBVI5DNVMFNSYI X-Message-ID-Hash: 2XZZV7BQMHEXXFEFBVBBVI5DNVMFNSYI X-MailFrom: code@ffmpeg.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-ffmpeg-devel.ffmpeg.org-0; header-match-ffmpeg-devel.ffmpeg.org-1; header-match-ffmpeg-devel.ffmpeg.org-2; header-match-ffmpeg-devel.ffmpeg.org-3; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list Reply-To: FFmpeg development discussions and patches Subject: [FFmpeg-devel] [PATCH] avformat/tls_gnutls: implement dtls handshake logic (PR #20580) List-Id: FFmpeg development discussions and patches Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Jack Lau via ffmpeg-devel Cc: Jack Lau Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Archived-At: List-Archive: List-Post: PR #20580 opened by Jack Lau (JackLau) URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20580 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20580.patch Get and set remote addr when dtls server mode. (Refer to url_bio_bread in tls_openssl.c) Add tls_handshake function. TODO: add gnutls_pull_timeout function to make dtls handshake really work. Signed-off-by: Jack Lau >>From bf1cd40dcd31d63f75110c5e54030859d13207bf Mon Sep 17 00:00:00 2001 From: Jack Lau Date: Tue, 23 Sep 2025 09:35:07 +0800 Subject: [PATCH] avformat/tls_gnutls: implement dtls handshake logic Get and set remote addr when dtls server mode. (Refer to url_bio_bread in tls_openssl.c) Add tls_handshake function. TODO: add gnutls_pull_timeout function to make dtls handshake really work. Signed-off-by: Jack Lau --- libavformat/tls_gnutls.c | 66 +++++++++++++++++++++++++++++++--------- 1 file changed, 51 insertions(+), 15 deletions(-) diff --git a/libavformat/tls_gnutls.c b/libavformat/tls_gnutls.c index e4fe53318c..c991a712df 100644 --- a/libavformat/tls_gnutls.c +++ b/libavformat/tls_gnutls.c @@ -48,6 +48,8 @@ typedef struct TLSContext { gnutls_certificate_credentials_t cred; int need_shutdown; int io_err; + struct sockaddr_storage dest_addr; + socklen_t dest_addr_len; } TLSContext; static AVMutex gnutls_mutex = AV_MUTEX_INITIALIZER; @@ -117,9 +119,23 @@ static ssize_t gnutls_url_pull(gnutls_transport_ptr_t transport, void *buf, size_t len) { TLSContext *c = (TLSContext*) transport; - int ret = ffurl_read(c->tls_shared.tcp, buf, len); - if (ret >= 0) + TLSShared *s = &c->tls_shared; + URLContext *uc = s->is_dtls ? s->udp : s->tcp; + int ret = ffurl_read(uc, buf, len); + if (ret >= 0) { + if (s->is_dtls && s->listen && !c->dest_addr_len) { + int err_ret; + + ff_udp_get_last_recv_addr(s->udp, &c->dest_addr, &c->dest_addr_len); + err_ret = ff_udp_set_remote_addr(s->udp, (struct sockaddr *)&c->dest_addr, c->dest_addr_len, 1); + if (err_ret < 0) { + av_log(c, AV_LOG_ERROR, "Failed connecting udp context\n"); + return err_ret; + } + av_log(c, AV_LOG_TRACE, "Set UDP remote addr on UDP socket, now 'connected'\n"); + } return ret; + } if (ret == AVERROR_EXIT) return 0; if (ret == AVERROR(EAGAIN)) { @@ -135,7 +151,9 @@ static ssize_t gnutls_url_push(gnutls_transport_ptr_t transport, const void *buf, size_t len) { TLSContext *c = (TLSContext*) transport; - int ret = ffurl_write(c->tls_shared.tcp, buf, len); + TLSShared *s = &c->tls_shared; + URLContext *uc = s->is_dtls ? s->udp : s->tcp; + int ret = ffurl_write(uc, buf, len); if (ret >= 0) return ret; if (ret == AVERROR_EXIT) @@ -149,6 +167,32 @@ static ssize_t gnutls_url_push(gnutls_transport_ptr_t transport, return -1; } +static int tls_handshake(URLContext *h) +{ + TLSContext *c = h->priv_data; + TLSShared *s = &c->tls_shared; + URLContext *uc = s->is_dtls ? s->udp : s->tcp; + int ret; + + uc->flags &= ~AVIO_FLAG_NONBLOCK; + + do { + if (ff_check_interrupt(&h->interrupt_callback)) { + ret = AVERROR_EXIT; + goto end; + } + + ret = gnutls_handshake(c->session); + if (gnutls_error_is_fatal(ret)) { + ret = print_tls_error(h, ret); + goto end; + } + } while (ret); + +end: + return ret; +} + static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **options) { TLSContext *c = h->priv_data; @@ -204,18 +248,9 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op if (s->mtu) gnutls_dtls_set_mtu(c->session, s->mtu); gnutls_set_default_priority(c->session); - do { - if (ff_check_interrupt(&h->interrupt_callback)) { - ret = AVERROR_EXIT; - goto fail; - } - - ret = gnutls_handshake(c->session); - if (gnutls_error_is_fatal(ret)) { - ret = print_tls_error(h, ret); - goto fail; - } - } while (ret); + ret = tls_handshake(h); + if (ret < 0) + goto fail; c->need_shutdown = 1; if (s->verify) { unsigned int status, cert_list_size; @@ -345,6 +380,7 @@ static const AVClass dtls_class = { const URLProtocol ff_dtls_protocol = { .name = "dtls", .url_open2 = dtls_open, + .url_handshake = tls_handshake, .url_read = tls_read, .url_write = tls_write, .url_close = tls_close, -- 2.49.1 _______________________________________________ ffmpeg-devel mailing list -- ffmpeg-devel@ffmpeg.org To unsubscribe send an email to ffmpeg-devel-leave@ffmpeg.org