From: Timo Rothenpieler <timo@rothenpieler.org>
To: ffmpeg-devel@ffmpeg.org
Subject: Re: [FFmpeg-devel] [PATCH 2/4] avformat/tls_openssl: fix dtls_handshake return code
Date: Wed, 9 Jul 2025 16:14:15 +0200
Message-ID: <0a871863-bf8c-4727-bf52-96bf1adb53f8@rothenpieler.org> (raw)
In-Reply-To: <20250709133635.22936-3-jacklau1222@qq.com>
On 09/07/2025 15:36, Jack Lau wrote:
> If the handshake is still in progress, dtls_handshake should
> return a positive status code.
Shouldn't dtls_open/start also be calling it in a loop then?
I don't think it's expected that you might be needed to call the
handshake function in a loop after a urlcontext was successfully opened.
What I've done for the schannel implementation is force nonblocking off
for the handshake, since there is just no good way to perform it in a
nonblocking way, and you just always end up looping until it's done anyway.
> Signed-off-by: Jack Lau <jacklau1222@qq.com>
> ---
> libavformat/tls_openssl.c | 7 +++----
> 1 file changed, 3 insertions(+), 4 deletions(-)
>
> diff --git a/libavformat/tls_openssl.c b/libavformat/tls_openssl.c
> index 8639ac9758..ffd9cd51d2 100644
> --- a/libavformat/tls_openssl.c
> +++ b/libavformat/tls_openssl.c
> @@ -716,15 +716,14 @@ static int openssl_dtls_verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
>
> static int dtls_handshake(URLContext *h)
> {
> - int ret = 0, r0, r1;
> + int ret = EINPROGRESS, r0, r1;
> TLSContext *p = h->priv_data;
>
> r0 = SSL_do_handshake(p->ssl);
> r1 = SSL_get_error(p->ssl, r0);
> if (r0 <= 0) {
> if (r1 != SSL_ERROR_WANT_READ && r1 != SSL_ERROR_WANT_WRITE && r1 != SSL_ERROR_ZERO_RETURN) {
> - av_log(p, AV_LOG_ERROR, "TLS: Read failed, r0=%d, r1=%d %s\n", r0, r1, openssl_get_error(p));
> - ret = AVERROR(EIO);
> + ret = print_ssl_error(h, r1);
> goto end;
> }
> } else {
> @@ -734,7 +733,7 @@ static int dtls_handshake(URLContext *h)
> /* Check whether the DTLS is completed. */
> if (SSL_is_init_finished(p->ssl) != 1)
> goto end;
> -
> + ret = 0;
> p->tls_shared.state = DTLS_STATE_FINISHED;
> end:
> return ret;
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
next prev parent reply other threads:[~2025-07-09 14:14 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-09 13:36 [FFmpeg-devel] [PATCH 0/4] Fix some issues in tls_openssl and udp Jack Lau
2025-07-09 13:36 ` [FFmpeg-devel] [PATCH 1/4] avformat/tls_openssl: add record trace function Jack Lau
2025-07-09 13:36 ` [FFmpeg-devel] [PATCH 2/4] avformat/tls_openssl: fix dtls_handshake return code Jack Lau
2025-07-09 14:14 ` Timo Rothenpieler [this message]
2025-07-09 13:36 ` [FFmpeg-devel] [PATCH 3/4] avformat/tls_openssl: remove all redundant "TLS: " in log with AVClass Jack Lau
2025-07-09 13:36 ` [FFmpeg-devel] [PATCH 4/4] avformat/udp: fix udp server mode haven't dest_addr Jack Lau
2025-07-09 14:16 ` Timo Rothenpieler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0a871863-bf8c-4727-bf52-96bf1adb53f8@rothenpieler.org \
--to=timo@rothenpieler.org \
--cc=ffmpeg-devel@ffmpeg.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git