ffmpeg | branch: master | James Almer <jamr...@gmail.com> | Sun Jul 13 16:56:20 2025 -0300| [307983b292adb60c82e75c8e5e41deedc89efbf0] | committer: James Almer
avformat/tls_schannel: add check for Windows 10 only types and defines Old Mingw-w64 releases provided by some distros seemingly don't have them, so check for them and disable the dtls protocol if unavailable. Signed-off-by: James Almer <jamr...@gmail.com> > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=307983b292adb60c82e75c8e5e41deedc89efbf0 --- configure | 4 ++++ libavformat/tls_schannel.c | 33 +++++++++++++++++++++++++++++++-- 2 files changed, 35 insertions(+), 2 deletions(-) diff --git a/configure b/configure index 6df8fa4deb..fc082d5467 100755 --- a/configure +++ b/configure @@ -2498,6 +2498,7 @@ TYPES_LIST=" kCVImageBufferTransferFunction_ITU_R_2020 kCVImageBufferTransferFunction_SMPTE_ST_428_1 kVTQPModulationLevel_Default + SecPkgContext_KeyingMaterialInfo socklen_t struct_addrinfo struct_group_source_req @@ -6822,6 +6823,7 @@ check_type "windows.h d3d12video.h" "ID3D12VideoEncoder" test_code cc "windows.h d3d12video.h" "D3D12_FEATURE_VIDEO feature = D3D12_FEATURE_VIDEO_ENCODER_CODEC" && \ test_code cc "windows.h d3d12video.h" "D3D12_FEATURE_DATA_VIDEO_ENCODER_RESOURCE_REQUIREMENTS req" && enable d3d12_encoder_feature check_type "windows.h" "DPI_AWARENESS_CONTEXT" -D_WIN32_WINNT=0x0A00 +check_type "windows.h security.h schnlsp.h" SecPkgContext_KeyingMaterialInfo -DSECURITY_WIN32 check_type "d3d9.h dxva2api.h" DXVA2_ConfigPictureDecode -D_WIN32_WINNT=0x0602 check_func_headers mfapi.h MFCreateAlignedMemoryBuffer -lmfplat @@ -7271,6 +7273,8 @@ enabled schannel && schannel_extralibs="-lsecur32 -lncrypt -lcrypt32" || disable schannel +enabled schannel && check_cc dtls_protocol "windows.h security.h schnlsp.h" "int i = SP_PROT_DTLS1_X_CLIENT;" -DSECURITY_WIN32 + makeinfo --version > /dev/null 2>&1 && enable makeinfo || disable makeinfo enabled makeinfo \ && [ 0$(makeinfo --version | grep "texinfo" | sed 's/.*texinfo[^0-9]*\([0-9]*\)\..*/\1/') -ge 5 ] \ diff --git a/libavformat/tls_schannel.c b/libavformat/tls_schannel.c index da6a284376..c92870347f 100644 --- a/libavformat/tls_schannel.c +++ b/libavformat/tls_schannel.c @@ -20,6 +20,9 @@ /** Based on the CURL SChannel module */ +#include "config.h" +#include "config_components.h" + #include "libavutil/mem.h" #include "avformat.h" #include "internal.h" @@ -634,6 +637,7 @@ int ff_tls_set_external_socket(URLContext *h, URLContext *sock) int ff_dtls_export_materials(URLContext *h, char *dtls_srtp_materials, size_t materials_sz) { +#if HAVE_SECPKGCONTEXT_KEYINGMATERIALINFO TLSContext *c = h->priv_data; SecPkgContext_KeyingMaterialInfo keying_info = { 0 }; @@ -672,6 +676,9 @@ int ff_dtls_export_materials(URLContext *h, char *dtls_srtp_materials, size_t ma } return 0; +#else + return AVERROR(ENOSYS); +#endif } int ff_dtls_state(URLContext *h) @@ -773,7 +780,11 @@ static int tls_shutdown_client(URLContext *h) } FreeContextBuffer(outbuf.pvBuffer); } - } while(sspi_ret == SEC_I_MESSAGE_FRAGMENT || sspi_ret == SEC_I_CONTINUE_NEEDED); + } while( +#ifdef SEC_I_MESSAGE_FRAGMENT + sspi_ret == SEC_I_MESSAGE_FRAGMENT || +#endif + sspi_ret == SEC_I_CONTINUE_NEEDED); av_log(h, AV_LOG_DEBUG, "Close session result: 0x%lx\n", sspi_ret); @@ -928,7 +939,11 @@ static int tls_handshake_loop(URLContext *h, int initial) } /* continue handshake */ - if (sspi_ret == SEC_I_CONTINUE_NEEDED || sspi_ret == SEC_I_MESSAGE_FRAGMENT || sspi_ret == SEC_E_OK) { + if (sspi_ret == SEC_I_CONTINUE_NEEDED || +#ifdef SEC_I_MESSAGE_FRAGMENT + sspi_ret == SEC_I_MESSAGE_FRAGMENT || +#endif + sspi_ret == SEC_E_OK) { for (i = 0; i < 3; i++) { if (outbuf[i].BufferType == SECBUFFER_TOKEN && outbuf[i].cbBuffer > 0) { ret = ffurl_write(uc, outbuf[i].pvBuffer, outbuf[i].cbBuffer); @@ -953,11 +968,13 @@ static int tls_handshake_loop(URLContext *h, int initial) goto fail; } +#ifdef SEC_I_MESSAGE_FRAGMENT if (sspi_ret == SEC_I_MESSAGE_FRAGMENT) { av_log(h, AV_LOG_TRACE, "Writing fragmented output message part\n"); read_data = 0; continue; } +#endif if (inbuf[1].BufferType == SECBUFFER_EXTRA && inbuf[1].cbBuffer > 0) { if (c->enc_buf_offset > inbuf[1].cbBuffer) { @@ -1080,6 +1097,7 @@ static int tls_handshake(URLContext *h) if (ret < 0) goto fail; +#if CONFIG_DTLS_PROTOCOL if (s->is_dtls && s->mtu > 0) { ULONG mtu = s->mtu; sspi_ret = SetContextAttributes(&c->ctxt_handle, SECPKG_ATTR_DTLS_MTU, &mtu, sizeof(mtu)); @@ -1090,6 +1108,7 @@ static int tls_handshake(URLContext *h) } av_log(h, AV_LOG_VERBOSE, "Set DTLS MTU to %d\n", s->mtu); } +#endif c->connected = 1; s->state = DTLS_STATE_FINISHED; @@ -1136,8 +1155,10 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op schannel_cred.dwFlags = SCH_CRED_NO_SYSTEM_MAPPER | SCH_CRED_MANUAL_CRED_VALIDATION; +#if CONFIG_DTLS_PROTOCOL if (s->is_dtls) schannel_cred.grbitEnabledProtocols = SP_PROT_DTLS1_X_SERVER; +#endif } else { if (s->verify) schannel_cred.dwFlags = SCH_CRED_AUTO_CRED_VALIDATION | @@ -1147,8 +1168,10 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op SCH_CRED_IGNORE_NO_REVOCATION_CHECK | SCH_CRED_IGNORE_REVOCATION_OFFLINE; +#if CONFIG_DTLS_PROTOCOL if (s->is_dtls) schannel_cred.grbitEnabledProtocols = SP_PROT_DTLS1_X_CLIENT; +#endif } /* Get credential handle */ @@ -1183,6 +1206,7 @@ end: return ret; } +#if CONFIG_DTLS_PROTOCOL static int dtls_open(URLContext *h, const char *uri, int flags, AVDictionary **options) { TLSContext *c = h->priv_data; @@ -1192,6 +1216,7 @@ static int dtls_open(URLContext *h, const char *uri, int flags, AVDictionary **o return tls_open(h, uri, flags, options); } +#endif static int tls_read(URLContext *h, uint8_t *buf, int len) { @@ -1439,6 +1464,7 @@ static const AVOption options[] = { { NULL } }; +#if CONFIG_TLS_PROTOCOL static const AVClass tls_class = { .class_name = "tls", .item_name = av_default_item_name, @@ -1458,7 +1484,9 @@ const URLProtocol ff_tls_protocol = { .flags = URL_PROTOCOL_FLAG_NETWORK, .priv_data_class = &tls_class, }; +#endif +#if CONFIG_DTLS_PROTOCOL static const AVClass dtls_class = { .class_name = "dtls", .item_name = av_default_item_name, @@ -1479,3 +1507,4 @@ const URLProtocol ff_dtls_protocol = { .flags = URL_PROTOCOL_FLAG_NETWORK, .priv_data_class = &dtls_class, }; +#endif _______________________________________________ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
