From f51387a129e93af13751237ec2c6e25ad07c8dc4 Mon Sep 17 00:00:00 2001 From: sfan5 Date: Mon, 13 May 2024 20:26:16 +0200 Subject: [PATCH v2 3/6] lavf/tls_mbedtls: hook up debug message callback Unfortunately this won't work out-of-the-box because mbedTLS only provides a global (not per-context) debug toggle. Signed-off-by: sfan5 --- libavformat/tls_mbedtls.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/libavformat/tls_mbedtls.c b/libavformat/tls_mbedtls.c index 1a61fc57d6..f53e918e04 100644 --- a/libavformat/tls_mbedtls.c +++ b/libavformat/tls_mbedtls.c @@ -26,6 +26,7 @@ #include #include #include +#include #ifdef MBEDTLS_PSA_CRYPTO_C #include #endif @@ -36,6 +37,7 @@ #include "tls.h" #include "libavutil/mem.h" #include "libavutil/parseutils.h" +#include "libavutil/avstring.h" typedef struct TLSContext { const AVClass *class; @@ -112,6 +114,13 @@ static int mbedtls_recv(void *ctx, unsigned char *buf, size_t len) return handle_transport_error(h, "ffurl_read", MBEDTLS_ERR_SSL_WANT_READ, ret); } +static void mbedtls_debug(void *ctx, int lvl, const char *file, int line, const char *msg) +{ + URLContext *h = (URLContext*) ctx; + int av_lvl = lvl >= 4 ? AV_LOG_TRACE : AV_LOG_DEBUG; + av_log(h, av_lvl, "%s:%d: %s", av_basename(file), line, msg); +} + static void handle_pk_parse_error(URLContext *h, int ret) { switch (ret) { @@ -201,6 +210,14 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op mbedtls_x509_crt_init(&tls_ctx->ca_cert); mbedtls_pk_init(&tls_ctx->priv_key); + if (av_log_get_level() >= AV_LOG_DEBUG) { + mbedtls_ssl_conf_dbg(&tls_ctx->ssl_config, mbedtls_debug, shr->tcp); + /* + * Note: we can't call mbedtls_debug_set_threshold() here because + * it's global state. The user is thus expected to manage this. + */ + } + // load trusted CA if (shr->ca_file) { if ((ret = mbedtls_x509_crt_parse_file(&tls_ctx->ca_cert, shr->ca_file)) != 0) { -- 2.45.1