This is an automated email from the git hooks/post-receive script. Git pushed a commit to branch master in repository ffmpeg.
commit 659892cda6767b1bcfe07933b20aadaef7f63150 Author: Jack Lau <[email protected]> AuthorDate: Mon Feb 9 15:57:23 2026 +0800 Commit: Jack Lau <[email protected]> CommitDate: Wed Feb 25 03:27:03 2026 +0000 avformat/tls_mbedtls: generate self-signed cert and key when none is provided in listen mode Signed-off-by: Jack Lau <[email protected]> --- libavformat/tls_mbedtls.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/libavformat/tls_mbedtls.c b/libavformat/tls_mbedtls.c index 4fe7dbd4a5..f13833b6ed 100644 --- a/libavformat/tls_mbedtls.c +++ b/libavformat/tls_mbedtls.c @@ -585,6 +585,22 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op } } + if (shr->listen && !shr->cert_file && !shr->cert_buf && !shr->key_file && !shr->key_buf) { + char buf[4096]; + if ((ret = mbedtls_gen_pkey(&tls_ctx->priv_key)) != 0) { + av_log(h, AV_LOG_ERROR, "failed to generate priv_key, returned %d\n", ret); + goto fail; + } + if ((ret = mbedtls_gen_x509_cert(&tls_ctx->priv_key, buf, sizeof(buf))) != 0) { + av_log(h, AV_LOG_ERROR, "failed to generate cert, returned %d\n", ret); + goto fail; + } + if ((ret = mbedtls_x509_crt_parse(&tls_ctx->own_cert, buf, sizeof(buf))) != 0) { + av_log(h, AV_LOG_ERROR, "failed to parse generated cert, returned %d\n", ret); + goto fail; + } + } + if ((ret = mbedtls_ssl_config_defaults(&tls_ctx->ssl_config, shr->listen ? MBEDTLS_SSL_IS_SERVER : MBEDTLS_SSL_IS_CLIENT, shr->is_dtls ? MBEDTLS_SSL_TRANSPORT_DATAGRAM : MBEDTLS_SSL_TRANSPORT_STREAM, _______________________________________________ ffmpeg-cvslog mailing list -- [email protected] To unsubscribe send an email to [email protected]
