* [FFmpeg-devel] [PATCH 3/6] lavf/tls_mbedtls: hook up debug message callback
@ 2024-05-17 8:34 Sfan5
2024-05-17 9:51 ` Rémi Denis-Courmont
0 siblings, 1 reply; 4+ messages in thread
From: Sfan5 @ 2024-05-17 8:34 UTC (permalink / raw)
To: ffmpeg-devel
Signed-off-by: sfan5 <sfan5@live.de>
---
libavformat/tls_mbedtls.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/libavformat/tls_mbedtls.c b/libavformat/tls_mbedtls.c
index 24c3afd94c..9508fe3436 100644
--- a/libavformat/tls_mbedtls.c
+++ b/libavformat/tls_mbedtls.c
@@ -26,6 +26,7 @@
#include <mbedtls/platform.h>
#include <mbedtls/ssl.h>
#include <mbedtls/x509_crt.h>
+#include <mbedtls/debug.h>
#ifdef MBEDTLS_PSA_CRYPTO_C
#include <psa/crypto.h>
#endif
@@ -36,6 +37,7 @@
#include "tls.h"
#include "libavutil/mem.h"
#include "libavutil/parseutils.h"
+#include "libavutil/avstring.h"
typedef struct TLSContext {
const AVClass *class;
@@ -112,6 +114,13 @@ static int mbedtls_recv(void *ctx, unsigned char
*buf, size_t len)
return handle_transport_error(h, "ffurl_read",
MBEDTLS_ERR_SSL_WANT_READ, ret);
}
+static void mbedtls_debug(void *ctx, int lvl, const char *file, int
line, const char *msg)
+{
+ URLContext *h = (URLContext*) ctx;
+ int av_lvl = lvl >= 4 ? AV_LOG_TRACE : AV_LOG_DEBUG;
+ av_log(h, av_lvl, "%s:%d: %s", av_basename(file), line, msg);
+}
+
static void handle_pk_parse_error(URLContext *h, int ret)
{
switch (ret) {
@@ -201,6 +210,11 @@ static int tls_open(URLContext *h, const char *uri,
int flags, AVDictionary **op
mbedtls_x509_crt_init(&tls_ctx->ca_cert);
mbedtls_pk_init(&tls_ctx->priv_key);
+ if (av_log_get_level() >= AV_LOG_DEBUG) {
+ mbedtls_ssl_conf_dbg(&tls_ctx->ssl_config, mbedtls_debug,
shr->tcp);
+ mbedtls_debug_set_threshold(4); // maximum
+ }
+
// load trusted CA
if (shr->ca_file) {
if ((ret = mbedtls_x509_crt_parse_file(&tls_ctx->ca_cert,
shr->ca_file)) != 0) {
--
2.45.1
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [FFmpeg-devel] [PATCH 3/6] lavf/tls_mbedtls: hook up debug message callback
2024-05-17 8:34 [FFmpeg-devel] [PATCH 3/6] lavf/tls_mbedtls: hook up debug message callback Sfan5
@ 2024-05-17 9:51 ` Rémi Denis-Courmont
2024-05-21 10:14 ` sfan5
0 siblings, 1 reply; 4+ messages in thread
From: Rémi Denis-Courmont @ 2024-05-17 9:51 UTC (permalink / raw)
To: FFmpeg development discussions and patches
Le 17 mai 2024 11:34:35 GMT+03:00, Sfan5 <sfan5@live.de> a écrit :
>Signed-off-by: sfan5 <sfan5@live.de>
>---
> libavformat/tls_mbedtls.c | 14 ++++++++++++++
> 1 file changed, 14 insertions(+)
>
>diff --git a/libavformat/tls_mbedtls.c b/libavformat/tls_mbedtls.c
>index 24c3afd94c..9508fe3436 100644
>--- a/libavformat/tls_mbedtls.c
>+++ b/libavformat/tls_mbedtls.c
>@@ -26,6 +26,7 @@
> #include <mbedtls/platform.h>
> #include <mbedtls/ssl.h>
> #include <mbedtls/x509_crt.h>
>+#include <mbedtls/debug.h>
> #ifdef MBEDTLS_PSA_CRYPTO_C
> #include <psa/crypto.h>
> #endif
>@@ -36,6 +37,7 @@
> #include "tls.h"
> #include "libavutil/mem.h"
> #include "libavutil/parseutils.h"
>+#include "libavutil/avstring.h"
> typedef struct TLSContext {
> const AVClass *class;
>@@ -112,6 +114,13 @@ static int mbedtls_recv(void *ctx, unsigned char *buf, size_t len)
> return handle_transport_error(h, "ffurl_read", MBEDTLS_ERR_SSL_WANT_READ, ret);
> }
> +static void mbedtls_debug(void *ctx, int lvl, const char *file, int line, const char *msg)
>+{
>+ URLContext *h = (URLContext*) ctx;
>+ int av_lvl = lvl >= 4 ? AV_LOG_TRACE : AV_LOG_DEBUG;
>+ av_log(h, av_lvl, "%s:%d: %s", av_basename(file), line, msg);
>+}
>+
> static void handle_pk_parse_error(URLContext *h, int ret)
> {
> switch (ret) {
>@@ -201,6 +210,11 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op
> mbedtls_x509_crt_init(&tls_ctx->ca_cert);
> mbedtls_pk_init(&tls_ctx->priv_key);
> + if (av_log_get_level() >= AV_LOG_DEBUG) {
>+ mbedtls_ssl_conf_dbg(&tls_ctx->ssl_config, mbedtls_debug, shr->tcp);
>+ mbedtls_debug_set_threshold(4); // maximum
This doesn't look thread-safe / reentrant.
>+ }
>+
> // load trusted CA
> if (shr->ca_file) {
> if ((ret = mbedtls_x509_crt_parse_file(&tls_ctx->ca_cert, shr->ca_file)) != 0) {
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [FFmpeg-devel] [PATCH 3/6] lavf/tls_mbedtls: hook up debug message callback
2024-05-17 9:51 ` Rémi Denis-Courmont
@ 2024-05-21 10:14 ` sfan5
2024-05-21 11:44 ` Rémi Denis-Courmont
0 siblings, 1 reply; 4+ messages in thread
From: sfan5 @ 2024-05-21 10:14 UTC (permalink / raw)
To: ffmpeg-devel
Am 17.05.24 um 11:51 schrieb Rémi Denis-Courmont:
> Le 17 mai 2024 11:34:35 GMT+03:00, Sfan5<sfan5@live.de> a écrit :
>> Signed-off-by: sfan5<sfan5@live.de>
>> ---
>> libavformat/tls_mbedtls.c | 14 ++++++++++++++
>> 1 file changed, 14 insertions(+)
>>
>> diff --git a/libavformat/tls_mbedtls.c b/libavformat/tls_mbedtls.c
>> index 24c3afd94c..9508fe3436 100644
>> --- a/libavformat/tls_mbedtls.c
>> +++ b/libavformat/tls_mbedtls.c
>> @@ -26,6 +26,7 @@
>> #include <mbedtls/platform.h>
>> #include <mbedtls/ssl.h>
>> #include <mbedtls/x509_crt.h>
>> +#include <mbedtls/debug.h>
>> #ifdef MBEDTLS_PSA_CRYPTO_C
>> #include <psa/crypto.h>
>> #endif
>> @@ -36,6 +37,7 @@
>> #include "tls.h"
>> #include "libavutil/mem.h"
>> #include "libavutil/parseutils.h"
>> +#include "libavutil/avstring.h"
>> typedef struct TLSContext {
>> const AVClass *class;
>> @@ -112,6 +114,13 @@ static int mbedtls_recv(void *ctx, unsigned char *buf, size_t len)
>> return handle_transport_error(h, "ffurl_read", MBEDTLS_ERR_SSL_WANT_READ, ret);
>> }
>> +static void mbedtls_debug(void *ctx, int lvl, const char *file, int line, const char *msg)
>> +{
>> + URLContext *h = (URLContext*) ctx;
>> + int av_lvl = lvl >= 4 ? AV_LOG_TRACE : AV_LOG_DEBUG;
>> + av_log(h, av_lvl, "%s:%d: %s", av_basename(file), line, msg);
>> +}
>> +
>> static void handle_pk_parse_error(URLContext *h, int ret)
>> {
>> switch (ret) {
>> @@ -201,6 +210,11 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op
>> mbedtls_x509_crt_init(&tls_ctx->ca_cert);
>> mbedtls_pk_init(&tls_ctx->priv_key);
>> + if (av_log_get_level() >= AV_LOG_DEBUG) {
>> + mbedtls_ssl_conf_dbg(&tls_ctx->ssl_config, mbedtls_debug, shr->tcp);
>> + mbedtls_debug_set_threshold(4); // maximum
> This doesn't look thread-safe / reentrant.
Indeed. But what alternative is there?
mbedTLS provides only this mechanism to get debug messages from it.
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [FFmpeg-devel] [PATCH 3/6] lavf/tls_mbedtls: hook up debug message callback
2024-05-21 10:14 ` sfan5
@ 2024-05-21 11:44 ` Rémi Denis-Courmont
0 siblings, 0 replies; 4+ messages in thread
From: Rémi Denis-Courmont @ 2024-05-21 11:44 UTC (permalink / raw)
To: FFmpeg development discussions and patches
Le 21 mai 2024 13:14:59 GMT+03:00, sfan5 <sfan5@live.de> a écrit :
>Am 17.05.24 um 11:51 schrieb Rémi Denis-Courmont:
>> Le 17 mai 2024 11:34:35 GMT+03:00, Sfan5<sfan5@live.de> a écrit :
>>> Signed-off-by: sfan5<sfan5@live.de>
>>> ---
>>> libavformat/tls_mbedtls.c | 14 ++++++++++++++
>>> 1 file changed, 14 insertions(+)
>>>
>>> diff --git a/libavformat/tls_mbedtls.c b/libavformat/tls_mbedtls.c
>>> index 24c3afd94c..9508fe3436 100644
>>> --- a/libavformat/tls_mbedtls.c
>>> +++ b/libavformat/tls_mbedtls.c
>>> @@ -26,6 +26,7 @@
>>> #include <mbedtls/platform.h>
>>> #include <mbedtls/ssl.h>
>>> #include <mbedtls/x509_crt.h>
>>> +#include <mbedtls/debug.h>
>>> #ifdef MBEDTLS_PSA_CRYPTO_C
>>> #include <psa/crypto.h>
>>> #endif
>>> @@ -36,6 +37,7 @@
>>> #include "tls.h"
>>> #include "libavutil/mem.h"
>>> #include "libavutil/parseutils.h"
>>> +#include "libavutil/avstring.h"
>>> typedef struct TLSContext {
>>> const AVClass *class;
>>> @@ -112,6 +114,13 @@ static int mbedtls_recv(void *ctx, unsigned char *buf, size_t len)
>>> return handle_transport_error(h, "ffurl_read", MBEDTLS_ERR_SSL_WANT_READ, ret);
>>> }
>>> +static void mbedtls_debug(void *ctx, int lvl, const char *file, int line, const char *msg)
>>> +{
>>> + URLContext *h = (URLContext*) ctx;
>>> + int av_lvl = lvl >= 4 ? AV_LOG_TRACE : AV_LOG_DEBUG;
>>> + av_log(h, av_lvl, "%s:%d: %s", av_basename(file), line, msg);
>>> +}
>>> +
>>> static void handle_pk_parse_error(URLContext *h, int ret)
>>> {
>>> switch (ret) {
>>> @@ -201,6 +210,11 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op
>>> mbedtls_x509_crt_init(&tls_ctx->ca_cert);
>>> mbedtls_pk_init(&tls_ctx->priv_key);
>>> + if (av_log_get_level() >= AV_LOG_DEBUG) {
>>> + mbedtls_ssl_conf_dbg(&tls_ctx->ssl_config, mbedtls_debug, shr->tcp);
>>> + mbedtls_debug_set_threshold(4); // maximum
>> This doesn't look thread-safe / reentrant.
>
>Indeed. But what alternative is there?
>
>mbedTLS provides only this mechanism to get debug messages from it.
Either this is made thread-safe, e.g. using an atomic variable inside the library, or we can't have that here, as callers will expect thread-safe semantics AFAIU.
>
>_______________________________________________
>ffmpeg-devel mailing list
>ffmpeg-devel@ffmpeg.org
>https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
>To unsubscribe, visit link above, or email
>ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2024-05-21 11:44 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-05-17 8:34 [FFmpeg-devel] [PATCH 3/6] lavf/tls_mbedtls: hook up debug message callback Sfan5
2024-05-17 9:51 ` Rémi Denis-Courmont
2024-05-21 10:14 ` sfan5
2024-05-21 11:44 ` Rémi Denis-Courmont
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git