[FFmpeg-devel] [PATCH v5 15/15] doc: add doc for dtls and whip

From: Jack Lau <jacklau1222gm@gmail.com>
To: ffmpeg-devel@ffmpeg.org
Cc: Jack Lau <jacklau1222@qq.com>
Subject: [FFmpeg-devel] [PATCH v5 15/15] doc: add doc for dtls and whip
Date: Tue, 22 Jul 2025 20:36:16 +0800
Message-ID: <20250722123616.53164-16-jacklau1222@qq.com> (raw)
In-Reply-To: <20250722123616.53164-1-jacklau1222@qq.com>

Signed-off-by: Jack Lau <jacklau1222@qq.com>
---
 doc/muxers.texi    | 29 ++++++++++++++---
 doc/protocols.texi | 78 ++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 103 insertions(+), 4 deletions(-)

diff --git a/doc/muxers.texi b/doc/muxers.texi
index d2ee90bf33..393e606e12 100644
--- a/doc/muxers.texi
+++ b/doc/muxers.texi
@@ -3915,16 +3915,37 @@ Default value is 5000.
 
 @item pkt_size @var{integer}
 Set the maximum size, in bytes, of RTP packets that send out.
-Default value is 1500.
+Default value is 1200.
 
 @item authorization @var{string}
-The optional Bearer token for WHIP Authorization.
+Optional Bearer token for WHIP Authorization.
 
 @item cert_file @var{string}
-The optional certificate file path for DTLS.
+Optional certificate file path for DTLS.
 
 @item key_file @var{string}
-The optional private key file path for DTLS.
+Optional private key file path for DTLS.
+
+@item whip_flags @var{flags}
+Possible values:
+
+@table @samp
+@item ignore_ipv6
+Ignore any IPv6 ICE candidates.
+
+@item disable_rtx
+Disable RFC 4588 RTX (Retransmission) support.
+This disables the retransmission mechanism for lost RTP packets.
+
+@item dtls_active
+Set DTLS role as active (client role) instead of passive (server role).
+By default, WHIP uses passive DTLS role, but some servers may require active role.
+@end table
+
+@item rtx_history_size @var{integer}
+Set the packet history size for RTX (retransmission) support.
+This determines how many recent RTP packets are kept in memory for potential
+retransmission requests. Range is 64 to 2048, default is 256.
 
 @end table
 
diff --git a/doc/protocols.texi b/doc/protocols.texi
index 969f4bf022..1e74653329 100644
--- a/doc/protocols.texi
+++ b/doc/protocols.texi
@@ -2028,6 +2028,84 @@ To play back a stream from the TLS/SSL server using @command{ffplay}:
 ffplay tls://@var{hostname}:@var{port}
 @end example
 
+@section dtls
+
+Datagram Transport Layer Security (DTLS)
+
+The required syntax for a DTLS URL is:
+@example
+dtls://@var{hostname}:@var{port}
+@end example
+
+DTLS shares most options with TLS, but operates over UDP instead of TCP.
+The following parameters can be set via command line options
+(or in code via @code{AVOption}s):
+
+@table @option
+
+@item ca_file, cafile=@var{filename}
+A file containing certificate authority (CA) root certificates to treat
+as trusted. If the linked TLS library contains a default this might not
+need to be specified for verification to work, but not all libraries and
+setups have defaults built in.
+The file must be in OpenSSL PEM format.
+
+@item tls_verify=@var{1|0}
+If enabled, try to verify the peer that we are communicating with.
+Note, if using OpenSSL, this currently only makes sure that the
+peer certificate is signed by one of the root certificates in the CA
+database, but it does not validate that the certificate actually
+matches the host name we are trying to connect to.
+
+This is disabled by default since it requires a CA database to be
+provided by the caller in many cases.
+
+@item cert_file, cert=@var{filename}
+A file containing a certificate to use in the handshake with the peer.
+(When operating as server, in listen mode, this is more often required
+by the peer, while client certificates only are mandated in certain
+setups.)
+
+@item key_file, key=@var{filename}
+A file containing the private key for the certificate.
+
+@item cert_pem=@var{string}
+A PEM-encoded certificate string to use in the handshake with the peer.
+
+@item key_pem=@var{string}
+A PEM-encoded private key string for the certificate.
+
+@item listen=@var{1|0}
+If enabled, listen for connections on the provided port, and assume
+the server role in the handshake instead of the client role.
+
+@item mtu=@var{size}
+Set the Maximum Transmission Unit (MTU) for DTLS packets.
+
+@item use_srtp=@var{1|0}
+Enable the use_srtp DTLS extension.
+This is used in WebRTC applications to establish SRTP encryption keys
+through the DTLS handshake. Default is disabled.
+
+@item external_sock=@var{1|0}
+Use an external socket instead of creating a new one. Default is disabled.
+
+@end table
+
+Example command lines:
+
+To create a DTLS server:
+
+@example
+ffmpeg -listen 1 -i dtls://@var{hostname}:@var{port} @var{output}
+@end example
+
+To create a DTLS server and send data to server:
+
+@example
+ffmpeg -i @var{input} -f @var{format} dtls://@var{hostname}:@var{port}
+@end example
+
 @section udp
 
 User Datagram Protocol.
-- 
2.49.0

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
