* [FFmpeg-devel] [PATCH v2 0/4] Fix some issues in tls_openssl and udp @ 2025-07-11 13:20 Jack Lau 2025-07-11 13:20 ` [FFmpeg-devel] [PATCH v2 1/4] avformat/tls_openssl: add record trace function Jack Lau ` (3 more replies) 0 siblings, 4 replies; 8+ messages in thread From: Jack Lau @ 2025-07-11 13:20 UTC (permalink / raw) To: ffmpeg-devel; +Cc: Jack Lau v2 patchset add new udp option autodetect_dest. Original description: This patchset aims to fix some issues when i try to utilize DTLS using avio. I create a simple DTLS client and server case here https://github.com/JackLau1222/openssl-dtls-bio-example/tree/master/ffmpeg_case This patchset fix: 1. dtls_handshake can't return positive code when it still in progressing 2. udp server mode haven't dest_addr so we need set it through last_recv_addr 3. some code cleanup This patchset depends on Timo's latest schannel patchset More details: https://github.com/BtbN/FFmpeg/pull/3 Jack Lau (4): avformat/tls_openssl: add record trace function avformat/tls_openssl: fix dtls_handshake return code avformat/tls_openssl: remove all redundant "TLS: " in log with AVClass avformat/udp: fix udp server mode haven't dest_addr libavformat/tls_openssl.c | 78 +++++++++++++++++++++++++++++++-------- libavformat/udp.c | 4 ++ 2 files changed, 66 insertions(+), 16 deletions(-) -- 2.49.0 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 8+ messages in thread
* [FFmpeg-devel] [PATCH v2 1/4] avformat/tls_openssl: add record trace function 2025-07-11 13:20 [FFmpeg-devel] [PATCH v2 0/4] Fix some issues in tls_openssl and udp Jack Lau @ 2025-07-11 13:20 ` Jack Lau 2025-07-11 15:03 ` Steven Liu 2025-07-11 13:20 ` [FFmpeg-devel] [PATCH v2 2/4] avformat/tls_openssl: fix dtls_handshake return code Jack Lau ` (2 subsequent siblings) 3 siblings, 1 reply; 8+ messages in thread From: Jack Lau @ 2025-07-11 13:20 UTC (permalink / raw) To: ffmpeg-devel; +Cc: Jack Lau Signed-off-by: Jack Lau <jacklau1222@qq.com> --- libavformat/tls_openssl.c | 51 +++++++++++++++++++++++++++++++++++++-- 1 file changed, 49 insertions(+), 2 deletions(-) diff --git a/libavformat/tls_openssl.c b/libavformat/tls_openssl.c index 2a01fb387d..8639ac9758 100644 --- a/libavformat/tls_openssl.c +++ b/libavformat/tls_openssl.c @@ -20,6 +20,7 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ +#include "libavutil/intreadwrite.h" #include "libavutil/mem.h" #include "network.h" #include "os_support.h" @@ -559,6 +560,48 @@ static int tls_close(URLContext *h) return 0; } +/* + * Trace a single TLS/DTLS record. + * + * See RFC 5246 Section 6.2.1, RFC 6347 Section 4.1 + * + * @param data Raw record (network byte‑order). + * @param length Size of @data in bytes. + * @param incoming Non‑zero when the packet was received, zero when sent. + */ +static void openssl_state_trace(uint8_t *data, int length, int incoming) +{ + uint8_t content_type = 0; /* TLS/DTLS ContentType */ + uint16_t record_length = 0; /* Length field from header */ + uint8_t handshake_type = 0; /* First byte of Handshake msg */ + int is_dtls = 0; + + /* ContentType is always the very first byte */ + if (length >= 1) + content_type = AV_RB8(&data[0]); + if (length >= 3 && data[1] == DTLS1_VERSION_MAJOR) + is_dtls = 1; + /* TLS header is 5 bytes, DTLS header is 13 bytes */ + if (length >= 13 && is_dtls) + record_length = AV_RB16(&data[11]); + else if (length >= 5 && !is_dtls) + record_length = AV_RB16(&data[3]); + /* + * HandshakeType values (TLS 1.0–1.2, DTLS 1.0/1.2) + * See RFC 5246 Section 7.4, RFC 6347 Section 4.2 + * + * Only present when ContentType == handshake(22) + */ + if (content_type == 22) { + int hs_off = is_dtls ? 13 : 5; + if (length > hs_off) + handshake_type = AV_RB8(&data[hs_off]); + } + + av_log(NULL, AV_LOG_TRACE ,"TLS: Trace %s, len=%u, cnt=%u, size=%u, hs=%u\n", + (incoming? "RECV":"SEND"), length, content_type, record_length, handshake_type); +} + static int url_bio_create(BIO *b) { BIO_set_init(b, 1); @@ -576,8 +619,10 @@ static int url_bio_bread(BIO *b, char *buf, int len) { TLSContext *c = BIO_get_data(b); int ret = ffurl_read(c->tls_shared.is_dtls ? c->tls_shared.udp : c->tls_shared.tcp, buf, len); - if (ret >= 0) + if (ret >= 0) { + openssl_state_trace((uint8_t*)buf, ret, 1); return ret; + } BIO_clear_retry_flags(b); if (ret == AVERROR_EXIT) return 0; @@ -592,8 +637,10 @@ static int url_bio_bwrite(BIO *b, const char *buf, int len) { TLSContext *c = BIO_get_data(b); int ret = ffurl_write(c->tls_shared.is_dtls ? c->tls_shared.udp : c->tls_shared.tcp, buf, len); - if (ret >= 0) + if (ret >= 0) { + openssl_state_trace((uint8_t*)buf, ret, 0); return ret; + } BIO_clear_retry_flags(b); if (ret == AVERROR_EXIT) return 0; -- 2.49.0 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [FFmpeg-devel] [PATCH v2 1/4] avformat/tls_openssl: add record trace function 2025-07-11 13:20 ` [FFmpeg-devel] [PATCH v2 1/4] avformat/tls_openssl: add record trace function Jack Lau @ 2025-07-11 15:03 ` Steven Liu 0 siblings, 0 replies; 8+ messages in thread From: Steven Liu @ 2025-07-11 15:03 UTC (permalink / raw) To: FFmpeg development discussions and patches; +Cc: Jack Lau Jack Lau <jacklau1222gm-at-gmail.com@ffmpeg.org> 于2025年7月11日周五 21:21写道: > > Signed-off-by: Jack Lau <jacklau1222@qq.com> > --- > libavformat/tls_openssl.c | 51 +++++++++++++++++++++++++++++++++++++-- > 1 file changed, 49 insertions(+), 2 deletions(-) > > diff --git a/libavformat/tls_openssl.c b/libavformat/tls_openssl.c > index 2a01fb387d..8639ac9758 100644 > --- a/libavformat/tls_openssl.c > +++ b/libavformat/tls_openssl.c > @@ -20,6 +20,7 @@ > * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA > */ > > +#include "libavutil/intreadwrite.h" > #include "libavutil/mem.h" > #include "network.h" > #include "os_support.h" > @@ -559,6 +560,48 @@ static int tls_close(URLContext *h) > return 0; > } > > +/* > + * Trace a single TLS/DTLS record. > + * > + * See RFC 5246 Section 6.2.1, RFC 6347 Section 4.1 > + * > + * @param data Raw record (network byte‑order). > + * @param length Size of @data in bytes. > + * @param incoming Non‑zero when the packet was received, zero when sent. > + */ > +static void openssl_state_trace(uint8_t *data, int length, int incoming) > +{ > + uint8_t content_type = 0; /* TLS/DTLS ContentType */ > + uint16_t record_length = 0; /* Length field from header */ > + uint8_t handshake_type = 0; /* First byte of Handshake msg */ > + int is_dtls = 0; > + > + /* ContentType is always the very first byte */ > + if (length >= 1) > + content_type = AV_RB8(&data[0]); > + if (length >= 3 && data[1] == DTLS1_VERSION_MAJOR) > + is_dtls = 1; > + /* TLS header is 5 bytes, DTLS header is 13 bytes */ > + if (length >= 13 && is_dtls) > + record_length = AV_RB16(&data[11]); > + else if (length >= 5 && !is_dtls) > + record_length = AV_RB16(&data[3]); > + /* > + * HandshakeType values (TLS 1.0–1.2, DTLS 1.0/1.2) > + * See RFC 5246 Section 7.4, RFC 6347 Section 4.2 > + * > + * Only present when ContentType == handshake(22) > + */ > + if (content_type == 22) { use #define or enum should understand easyer than only number 22. #define CONTENT_TYPE_CHANGE_CIPHER_SPEC 20 #define CONTENT_TYPE_CHANGE_ALERT 21 #define CONTENT_TYPE_HANDSHAKE 22 #define CONTENT_TYPE_APPLICATION_DATA 23 or enum { content_type_change_cipher_spec = 20, contentt_ype_alert = 21, content_type_handshake = 22, content_type_application_data = 23, content_type_others = 255 } ContentType; perhapes enum better than define? > + int hs_off = is_dtls ? 13 : 5; > + if (length > hs_off) > + handshake_type = AV_RB8(&data[hs_off]); > + } > + > + av_log(NULL, AV_LOG_TRACE ,"TLS: Trace %s, len=%u, cnt=%u, size=%u, hs=%u\n", > + (incoming? "RECV":"SEND"), length, content_type, record_length, handshake_type); > +} > + > static int url_bio_create(BIO *b) > { > BIO_set_init(b, 1); > @@ -576,8 +619,10 @@ static int url_bio_bread(BIO *b, char *buf, int len) > { > TLSContext *c = BIO_get_data(b); > int ret = ffurl_read(c->tls_shared.is_dtls ? c->tls_shared.udp : c->tls_shared.tcp, buf, len); > - if (ret >= 0) > + if (ret >= 0) { > + openssl_state_trace((uint8_t*)buf, ret, 1); > return ret; > + } > BIO_clear_retry_flags(b); > if (ret == AVERROR_EXIT) > return 0; > @@ -592,8 +637,10 @@ static int url_bio_bwrite(BIO *b, const char *buf, int len) > { > TLSContext *c = BIO_get_data(b); > int ret = ffurl_write(c->tls_shared.is_dtls ? c->tls_shared.udp : c->tls_shared.tcp, buf, len); > - if (ret >= 0) > + if (ret >= 0) { > + openssl_state_trace((uint8_t*)buf, ret, 0); > return ret; > + } > BIO_clear_retry_flags(b); > if (ret == AVERROR_EXIT) > return 0; > -- > 2.49.0 > > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 8+ messages in thread
* [FFmpeg-devel] [PATCH v2 2/4] avformat/tls_openssl: fix dtls_handshake return code 2025-07-11 13:20 [FFmpeg-devel] [PATCH v2 0/4] Fix some issues in tls_openssl and udp Jack Lau 2025-07-11 13:20 ` [FFmpeg-devel] [PATCH v2 1/4] avformat/tls_openssl: add record trace function Jack Lau @ 2025-07-11 13:20 ` Jack Lau 2025-07-11 15:05 ` Steven Liu 2025-07-11 13:20 ` [FFmpeg-devel] [PATCH v2 3/4] avformat/tls_openssl: remove all redundant "TLS: " in log with AVClass Jack Lau 2025-07-11 13:20 ` [FFmpeg-devel] [PATCH v2 4/4] avformat/udp: fix udp server mode haven't dest_addr Jack Lau 3 siblings, 1 reply; 8+ messages in thread From: Jack Lau @ 2025-07-11 13:20 UTC (permalink / raw) To: ffmpeg-devel; +Cc: Jack Lau If the handshake is still in progress, dtls_handshake should return a positive status code. Signed-off-by: Jack Lau <jacklau1222@qq.com> --- libavformat/tls_openssl.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/libavformat/tls_openssl.c b/libavformat/tls_openssl.c index 8639ac9758..ffd9cd51d2 100644 --- a/libavformat/tls_openssl.c +++ b/libavformat/tls_openssl.c @@ -716,15 +716,14 @@ static int openssl_dtls_verify_callback(int preverify_ok, X509_STORE_CTX *ctx) static int dtls_handshake(URLContext *h) { - int ret = 0, r0, r1; + int ret = EINPROGRESS, r0, r1; TLSContext *p = h->priv_data; r0 = SSL_do_handshake(p->ssl); r1 = SSL_get_error(p->ssl, r0); if (r0 <= 0) { if (r1 != SSL_ERROR_WANT_READ && r1 != SSL_ERROR_WANT_WRITE && r1 != SSL_ERROR_ZERO_RETURN) { - av_log(p, AV_LOG_ERROR, "TLS: Read failed, r0=%d, r1=%d %s\n", r0, r1, openssl_get_error(p)); - ret = AVERROR(EIO); + ret = print_ssl_error(h, r1); goto end; } } else { @@ -734,7 +733,7 @@ static int dtls_handshake(URLContext *h) /* Check whether the DTLS is completed. */ if (SSL_is_init_finished(p->ssl) != 1) goto end; - + ret = 0; p->tls_shared.state = DTLS_STATE_FINISHED; end: return ret; -- 2.49.0 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [FFmpeg-devel] [PATCH v2 2/4] avformat/tls_openssl: fix dtls_handshake return code 2025-07-11 13:20 ` [FFmpeg-devel] [PATCH v2 2/4] avformat/tls_openssl: fix dtls_handshake return code Jack Lau @ 2025-07-11 15:05 ` Steven Liu 0 siblings, 0 replies; 8+ messages in thread From: Steven Liu @ 2025-07-11 15:05 UTC (permalink / raw) To: FFmpeg development discussions and patches; +Cc: Jack Lau Jack Lau <jacklau1222gm-at-gmail.com@ffmpeg.org> 于2025年7月11日周五 21:22写道: > > If the handshake is still in progress, dtls_handshake should > return a positive status code. > > Signed-off-by: Jack Lau <jacklau1222@qq.com> > --- > libavformat/tls_openssl.c | 7 +++---- > 1 file changed, 3 insertions(+), 4 deletions(-) > > diff --git a/libavformat/tls_openssl.c b/libavformat/tls_openssl.c > index 8639ac9758..ffd9cd51d2 100644 > --- a/libavformat/tls_openssl.c > +++ b/libavformat/tls_openssl.c > @@ -716,15 +716,14 @@ static int openssl_dtls_verify_callback(int preverify_ok, X509_STORE_CTX *ctx) > > static int dtls_handshake(URLContext *h) > { > - int ret = 0, r0, r1; > + int ret = EINPROGRESS, r0, r1; AVERROR(EINPROGRESS) ? > TLSContext *p = h->priv_data; > > r0 = SSL_do_handshake(p->ssl); > r1 = SSL_get_error(p->ssl, r0); > if (r0 <= 0) { > if (r1 != SSL_ERROR_WANT_READ && r1 != SSL_ERROR_WANT_WRITE && r1 != SSL_ERROR_ZERO_RETURN) { > - av_log(p, AV_LOG_ERROR, "TLS: Read failed, r0=%d, r1=%d %s\n", r0, r1, openssl_get_error(p)); > - ret = AVERROR(EIO); > + ret = print_ssl_error(h, r1); > goto end; > } > } else { > @@ -734,7 +733,7 @@ static int dtls_handshake(URLContext *h) > /* Check whether the DTLS is completed. */ > if (SSL_is_init_finished(p->ssl) != 1) > goto end; > - > + ret = 0; > p->tls_shared.state = DTLS_STATE_FINISHED; > end: > return ret; > -- > 2.49.0 > > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 8+ messages in thread
* [FFmpeg-devel] [PATCH v2 3/4] avformat/tls_openssl: remove all redundant "TLS: " in log with AVClass 2025-07-11 13:20 [FFmpeg-devel] [PATCH v2 0/4] Fix some issues in tls_openssl and udp Jack Lau 2025-07-11 13:20 ` [FFmpeg-devel] [PATCH v2 1/4] avformat/tls_openssl: add record trace function Jack Lau 2025-07-11 13:20 ` [FFmpeg-devel] [PATCH v2 2/4] avformat/tls_openssl: fix dtls_handshake return code Jack Lau @ 2025-07-11 13:20 ` Jack Lau 2025-07-11 15:05 ` Steven Liu 2025-07-11 13:20 ` [FFmpeg-devel] [PATCH v2 4/4] avformat/udp: fix udp server mode haven't dest_addr Jack Lau 3 siblings, 1 reply; 8+ messages in thread From: Jack Lau @ 2025-07-11 13:20 UTC (permalink / raw) To: ffmpeg-devel; +Cc: Jack Lau Signed-off-by: Jack Lau <jacklau1222@qq.com> --- libavformat/tls_openssl.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/libavformat/tls_openssl.c b/libavformat/tls_openssl.c index ffd9cd51d2..a519c8c880 100644 --- a/libavformat/tls_openssl.c +++ b/libavformat/tls_openssl.c @@ -509,7 +509,7 @@ int ff_dtls_export_materials(URLContext *h, char *dtls_srtp_materials, size_t ma ret = SSL_export_keying_material(c->ssl, dtls_srtp_materials, materials_sz, dst, strlen(dst), NULL, 0, 0); if (!ret) { - av_log(c, AV_LOG_ERROR, "TLS: Failed to export SRTP material, %s\n", openssl_get_error(c)); + av_log(c, AV_LOG_ERROR, "Failed to export SRTP material, %s\n", openssl_get_error(c)); return -1; } return 0; @@ -727,7 +727,7 @@ static int dtls_handshake(URLContext *h) goto end; } } else { - av_log(p, AV_LOG_TRACE, "TLS: Read %d bytes, r0=%d, r1=%d\n", r0, r0, r1); + av_log(p, AV_LOG_TRACE, "Read %d bytes, r0=%d, r1=%d\n", r0, r0, r1); } /* Check whether the DTLS is completed. */ @@ -768,7 +768,7 @@ static av_cold int openssl_init_ca_key_cert(URLContext *h) return ret; } } else if (c->is_dtls){ - av_log(p, AV_LOG_ERROR, "TLS: Init cert failed, %s\n", openssl_get_error(p)); + av_log(p, AV_LOG_ERROR, "Init cert failed, %s\n", openssl_get_error(p)); ret = AVERROR(EINVAL); goto fail; } @@ -784,12 +784,12 @@ static av_cold int openssl_init_ca_key_cert(URLContext *h) } else if (c->key_buf) { p->pkey = pkey = pkey_from_pem_string(c->key_buf, 1); if (SSL_CTX_use_PrivateKey(p->ctx, pkey) != 1) { - av_log(p, AV_LOG_ERROR, "TLS: Init SSL_CTX_use_PrivateKey failed, %s\n", openssl_get_error(p)); + av_log(p, AV_LOG_ERROR, "Init SSL_CTX_use_PrivateKey failed, %s\n", openssl_get_error(p)); ret = AVERROR(EINVAL); return ret; } } else if (c->is_dtls) { - av_log(p, AV_LOG_ERROR, "TLS: Init pkey failed, %s\n", openssl_get_error(p)); + av_log(p, AV_LOG_ERROR, "Init pkey failed, %s\n", openssl_get_error(p)); ret = AVERROR(EINVAL); goto fail; } @@ -826,7 +826,7 @@ static int dtls_start(URLContext *h, const char *url, int flags, AVDictionary ** /* For ECDSA, we could set the curves list. */ if (SSL_CTX_set1_curves_list(p->ctx, curves) != 1) { - av_log(p, AV_LOG_ERROR, "TLS: Init SSL_CTX_set1_curves_list failed, curves=%s, %s\n", + av_log(p, AV_LOG_ERROR, "Init SSL_CTX_set1_curves_list failed, curves=%s, %s\n", curves, openssl_get_error(p)); ret = AVERROR(EINVAL); return ret; @@ -837,7 +837,7 @@ static int dtls_start(URLContext *h, const char *url, int flags, AVDictionary ** * ensuring maximum compatibility. */ if (SSL_CTX_set_cipher_list(p->ctx, ciphers) != 1) { - av_log(p, AV_LOG_ERROR, "TLS: Init SSL_CTX_set_cipher_list failed, ciphers=%s, %s\n", + av_log(p, AV_LOG_ERROR, "Init SSL_CTX_set_cipher_list failed, ciphers=%s, %s\n", ciphers, openssl_get_error(p)); ret = AVERROR(EINVAL); return ret; @@ -854,7 +854,7 @@ static int dtls_start(URLContext *h, const char *url, int flags, AVDictionary ** SSL_CTX_set_read_ahead(p->ctx, 1); /* Setup the SRTP context */ if (SSL_CTX_set_tlsext_use_srtp(p->ctx, profiles)) { - av_log(p, AV_LOG_ERROR, "TLS: Init SSL_CTX_set_tlsext_use_srtp failed, profiles=%s, %s\n", + av_log(p, AV_LOG_ERROR, "Init SSL_CTX_set_tlsext_use_srtp failed, profiles=%s, %s\n", profiles, openssl_get_error(p)); ret = AVERROR(EINVAL); return ret; @@ -906,12 +906,12 @@ static int dtls_start(URLContext *h, const char *url, int flags, AVDictionary ** ret = dtls_handshake(h); // Fatal SSL error, for example, no available suite when peer is DTLS 1.0 while we are DTLS 1.2. if (ret < 0) { - av_log(p, AV_LOG_ERROR, "TLS: Failed to drive SSL context, ret=%d\n", ret); + av_log(p, AV_LOG_ERROR, "Failed to drive SSL context, ret=%d\n", ret); return AVERROR(EIO); } } - av_log(p, AV_LOG_VERBOSE, "TLS: Setup ok, MTU=%d\n", p->tls_shared.mtu); + av_log(p, AV_LOG_VERBOSE, "Setup ok, MTU=%d\n", p->tls_shared.mtu); ret = 0; fail: -- 2.49.0 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [FFmpeg-devel] [PATCH v2 3/4] avformat/tls_openssl: remove all redundant "TLS: " in log with AVClass 2025-07-11 13:20 ` [FFmpeg-devel] [PATCH v2 3/4] avformat/tls_openssl: remove all redundant "TLS: " in log with AVClass Jack Lau @ 2025-07-11 15:05 ` Steven Liu 0 siblings, 0 replies; 8+ messages in thread From: Steven Liu @ 2025-07-11 15:05 UTC (permalink / raw) To: FFmpeg development discussions and patches; +Cc: Jack Lau Jack Lau <jacklau1222gm-at-gmail.com@ffmpeg.org> 于2025年7月11日周五 21:22写道: > > Signed-off-by: Jack Lau <jacklau1222@qq.com> > --- > libavformat/tls_openssl.c | 20 ++++++++++---------- > 1 file changed, 10 insertions(+), 10 deletions(-) > > diff --git a/libavformat/tls_openssl.c b/libavformat/tls_openssl.c > index ffd9cd51d2..a519c8c880 100644 > --- a/libavformat/tls_openssl.c > +++ b/libavformat/tls_openssl.c > @@ -509,7 +509,7 @@ int ff_dtls_export_materials(URLContext *h, char *dtls_srtp_materials, size_t ma > ret = SSL_export_keying_material(c->ssl, dtls_srtp_materials, materials_sz, > dst, strlen(dst), NULL, 0, 0); > if (!ret) { > - av_log(c, AV_LOG_ERROR, "TLS: Failed to export SRTP material, %s\n", openssl_get_error(c)); > + av_log(c, AV_LOG_ERROR, "Failed to export SRTP material, %s\n", openssl_get_error(c)); > return -1; > } > return 0; > @@ -727,7 +727,7 @@ static int dtls_handshake(URLContext *h) > goto end; > } > } else { > - av_log(p, AV_LOG_TRACE, "TLS: Read %d bytes, r0=%d, r1=%d\n", r0, r0, r1); > + av_log(p, AV_LOG_TRACE, "Read %d bytes, r0=%d, r1=%d\n", r0, r0, r1); > } > > /* Check whether the DTLS is completed. */ > @@ -768,7 +768,7 @@ static av_cold int openssl_init_ca_key_cert(URLContext *h) > return ret; > } > } else if (c->is_dtls){ > - av_log(p, AV_LOG_ERROR, "TLS: Init cert failed, %s\n", openssl_get_error(p)); > + av_log(p, AV_LOG_ERROR, "Init cert failed, %s\n", openssl_get_error(p)); > ret = AVERROR(EINVAL); > goto fail; > } > @@ -784,12 +784,12 @@ static av_cold int openssl_init_ca_key_cert(URLContext *h) > } else if (c->key_buf) { > p->pkey = pkey = pkey_from_pem_string(c->key_buf, 1); > if (SSL_CTX_use_PrivateKey(p->ctx, pkey) != 1) { > - av_log(p, AV_LOG_ERROR, "TLS: Init SSL_CTX_use_PrivateKey failed, %s\n", openssl_get_error(p)); > + av_log(p, AV_LOG_ERROR, "Init SSL_CTX_use_PrivateKey failed, %s\n", openssl_get_error(p)); > ret = AVERROR(EINVAL); > return ret; > } > } else if (c->is_dtls) { > - av_log(p, AV_LOG_ERROR, "TLS: Init pkey failed, %s\n", openssl_get_error(p)); > + av_log(p, AV_LOG_ERROR, "Init pkey failed, %s\n", openssl_get_error(p)); > ret = AVERROR(EINVAL); > goto fail; > } > @@ -826,7 +826,7 @@ static int dtls_start(URLContext *h, const char *url, int flags, AVDictionary ** > > /* For ECDSA, we could set the curves list. */ > if (SSL_CTX_set1_curves_list(p->ctx, curves) != 1) { > - av_log(p, AV_LOG_ERROR, "TLS: Init SSL_CTX_set1_curves_list failed, curves=%s, %s\n", > + av_log(p, AV_LOG_ERROR, "Init SSL_CTX_set1_curves_list failed, curves=%s, %s\n", > curves, openssl_get_error(p)); > ret = AVERROR(EINVAL); > return ret; > @@ -837,7 +837,7 @@ static int dtls_start(URLContext *h, const char *url, int flags, AVDictionary ** > * ensuring maximum compatibility. > */ > if (SSL_CTX_set_cipher_list(p->ctx, ciphers) != 1) { > - av_log(p, AV_LOG_ERROR, "TLS: Init SSL_CTX_set_cipher_list failed, ciphers=%s, %s\n", > + av_log(p, AV_LOG_ERROR, "Init SSL_CTX_set_cipher_list failed, ciphers=%s, %s\n", > ciphers, openssl_get_error(p)); > ret = AVERROR(EINVAL); > return ret; > @@ -854,7 +854,7 @@ static int dtls_start(URLContext *h, const char *url, int flags, AVDictionary ** > SSL_CTX_set_read_ahead(p->ctx, 1); > /* Setup the SRTP context */ > if (SSL_CTX_set_tlsext_use_srtp(p->ctx, profiles)) { > - av_log(p, AV_LOG_ERROR, "TLS: Init SSL_CTX_set_tlsext_use_srtp failed, profiles=%s, %s\n", > + av_log(p, AV_LOG_ERROR, "Init SSL_CTX_set_tlsext_use_srtp failed, profiles=%s, %s\n", > profiles, openssl_get_error(p)); > ret = AVERROR(EINVAL); > return ret; > @@ -906,12 +906,12 @@ static int dtls_start(URLContext *h, const char *url, int flags, AVDictionary ** > ret = dtls_handshake(h); > // Fatal SSL error, for example, no available suite when peer is DTLS 1.0 while we are DTLS 1.2. > if (ret < 0) { > - av_log(p, AV_LOG_ERROR, "TLS: Failed to drive SSL context, ret=%d\n", ret); > + av_log(p, AV_LOG_ERROR, "Failed to drive SSL context, ret=%d\n", ret); > return AVERROR(EIO); > } > } > > - av_log(p, AV_LOG_VERBOSE, "TLS: Setup ok, MTU=%d\n", p->tls_shared.mtu); > + av_log(p, AV_LOG_VERBOSE, "Setup ok, MTU=%d\n", p->tls_shared.mtu); > > ret = 0; > fail: > -- > 2.49.0 > > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". LGTM Thanks Steven _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 8+ messages in thread
* [FFmpeg-devel] [PATCH v2 4/4] avformat/udp: fix udp server mode haven't dest_addr 2025-07-11 13:20 [FFmpeg-devel] [PATCH v2 0/4] Fix some issues in tls_openssl and udp Jack Lau ` (2 preceding siblings ...) 2025-07-11 13:20 ` [FFmpeg-devel] [PATCH v2 3/4] avformat/tls_openssl: remove all redundant "TLS: " in log with AVClass Jack Lau @ 2025-07-11 13:20 ` Jack Lau 3 siblings, 0 replies; 8+ messages in thread From: Jack Lau @ 2025-07-11 13:20 UTC (permalink / raw) To: ffmpeg-devel; +Cc: Jack Lau If udp is in server mode(init local addr and port through url), then it maybe haven't dest_addr, so we should set it after udp_read get the client addr and port This feature only enable when the new udp option autodetect_dest is specified Signed-off-by: Jack Lau <jacklau1222@qq.com> --- libavformat/udp.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/libavformat/udp.c b/libavformat/udp.c index 0fde3548e7..7d05e18dcd 100644 --- a/libavformat/udp.c +++ b/libavformat/udp.c @@ -99,6 +99,7 @@ typedef struct UDPContext { struct sockaddr_storage dest_addr; int dest_addr_len; int is_connected; + int autodetect_dest; /* Circular Buffer variables for use in UDP receive code */ int circular_buffer_size; @@ -143,6 +144,7 @@ static const AVOption options[] = { { "broadcast", "explicitly allow or disallow broadcast destination", OFFSET(is_broadcast), AV_OPT_TYPE_BOOL, { .i64 = 0 }, 0, 1, E }, { "ttl", "Time to live (multicast only)", OFFSET(ttl), AV_OPT_TYPE_INT, { .i64 = 16 }, 0, 255, E }, { "connect", "set if connect() should be called on socket", OFFSET(is_connected), AV_OPT_TYPE_BOOL, { .i64 = 0 }, 0, 1, .flags = D|E }, + { "autodetect_dest", "Auto detect destination from last received addr", OFFSET(autodetect_dest), AV_OPT_TYPE_BOOL, {.i64 = 0}, 0, 1, D|E }, { "fifo_size", "set the UDP receiving circular buffer size, expressed as a number of packets with size of 188 bytes", OFFSET(circular_buffer_size), AV_OPT_TYPE_INT, {.i64 = 7*4096}, 0, INT_MAX, D }, { "overrun_nonfatal", "survive in case of UDP receiving circular buffer overrun", OFFSET(overrun_nonfatal), AV_OPT_TYPE_BOOL, {.i64 = 0}, 0, 1, D }, { "timeout", "set raise error timeout, in microseconds (only in read mode)",OFFSET(timeout), AV_OPT_TYPE_INT, {.i64 = 0}, 0, INT_MAX, D }, @@ -1144,6 +1146,8 @@ static int udp_write(URLContext *h, const uint8_t *buf, int size) } if (!s->is_connected) { + if (s->autodetect_dest && !s->dest_addr_len && !s->dest_addr.ss_family) + ff_udp_get_last_recv_addr(h, &s->dest_addr, &s->dest_addr_len); ret = sendto (s->udp_fd, buf, size, 0, (struct sockaddr *) &s->dest_addr, s->dest_addr_len); -- 2.49.0 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2025-07-11 15:06 UTC | newest] Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2025-07-11 13:20 [FFmpeg-devel] [PATCH v2 0/4] Fix some issues in tls_openssl and udp Jack Lau 2025-07-11 13:20 ` [FFmpeg-devel] [PATCH v2 1/4] avformat/tls_openssl: add record trace function Jack Lau 2025-07-11 15:03 ` Steven Liu 2025-07-11 13:20 ` [FFmpeg-devel] [PATCH v2 2/4] avformat/tls_openssl: fix dtls_handshake return code Jack Lau 2025-07-11 15:05 ` Steven Liu 2025-07-11 13:20 ` [FFmpeg-devel] [PATCH v2 3/4] avformat/tls_openssl: remove all redundant "TLS: " in log with AVClass Jack Lau 2025-07-11 15:05 ` Steven Liu 2025-07-11 13:20 ` [FFmpeg-devel] [PATCH v2 4/4] avformat/udp: fix udp server mode haven't dest_addr Jack Lau
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel This inbox may be cloned and mirrored by anyone: git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \ ffmpegdev@gitmailbox.com public-inbox-index ffmpegdev Example config snippet for mirrors. AGPL code for this site: git clone https://public-inbox.org/public-inbox.git