[FFmpeg-devel] wolfSSL - new TLS backend patch
This patch was prepared and tested for version 3.4.2, but I think that it can
be used as base to discuss to add wolfSSL support. How do you think? diff
-Nur ffmpeg-3.4.2/configure ffmpeg-3.4.2_wolfssl_patch/con ---
ffmpeg-3.4.2/configure 2018-02 01:29:18.0 +0100 +++
ffmpeg-3.4.2_wolfssl_patch/con 17:38:46.0 +0200 @@ -215,7 +215,7 @@
--enable-gmp enable gmp, needed for rtmp(t)e support
if openssl or librtmp is not used [no] --enable-gnutls � enable
gnutls, needed for https support - � if openssl is not used [no]
+ � if openssl or wolfssl is not used [no] --disable-iconv
� disable iconv [autodetect] --disable-jack disable libjack
support [autodetect] --enable-jni enable JNI support [no] @@
-270,6 +270,8 @@ --enable-libvpx � enable VP8 and VP9 de/encoding via
libvpx [no] --enable-libwavpack enable wavpack encoding via libwavpack
[no] --enable-libwebp enable WebP encoding via libwebp [no] +
--enable-wolfssl enable WolfSSL), needed for https support +
� if openssl or gnutls is not used [no] --enable-libx264 enable
H.264 encoding via x264 [no] --enable-libx265 enable HEVC encoding
via x265 [no] --enable-libxavs enable AVS encoding via xavs [no] @@
-292,7 +294,7 @@ --enable-opencl � enable OpenCL code
--enable-opengl � enable OpenGL rendering [no] --enable-openssl
enable openssl, needed for https support - � if gnutls is not
used [no] + � if gnutls or wolfssl is not used [no]
--disable-sndio � disable sndio support [autodetect]
--disable-schannel disable SChannel SSP, needed for TLS support on
Windows if openssl and gnutls are not used [autodetect] @@ -1563,6
+1565,7 @@ libndi_newtek libfdk_aac openssl + wolfssl
" EXTERNAL_LIBRARY_VERSION3_LIST @@ -3164,14 +3167,17 @@
tls_gnutls_protocol_conflict=" tls_securetransport_protocol"
tls_gnutls_protocol_deps="gnut tls_gnutls_protocol_select="tc
-tls_openssl_protocol_conflict tls_securetransport_protocol
tls_gnutls_protocol" +tls_openssl_protocol_conflict
tls_securetransport_protocol tls_gnutls_protocol tls_wolfssl_protocol"
tls_openssl_protocol_deps="ope tls_openssl_protocol_select="t
+tls_wolfssl_protocol_conflict tls_securetransport_protocol
tls_gnutls_protocol" +tls_wolfssl_protocol_deps="wo
+tls_wolfssl_protocol_select=" tls_schannel_protocol_deps="sc
tls_schannel_protocol_select=" tls_securetransport_protocol_d
tls_securetransport_protocol_s -tls_protocol_deps_any="tls_sc
tls_securetransport_protocol tls_gnutls_protocol tls_openssl_protocol"
+tls_protocol_deps_any="tls_sc tls_securetransport_protocol
tls_gnutls_protocol tls_openssl_protocol tls_wolfssl_protocol"
udp_protocol_select="network" udplite_protocol_select="netwo
unix_protocol_deps="sys_un_h" @@ -5907,6 +5913,7 @@ enabled frei0r
&& require_header frei0r.h enabled gmp �
&& require gmp gmp.h mpz_export -lgmp enabled gnutls
&& require_pkg_config gnutls gnutls gnutls/gnutls.h gnutls_global_init
+enabled wolfssl && require_pkg_config wolfssl wolfssl
wolfssl/ssl.h wolfSSL_library_init enabled jni � && { [
$target_os = "android" ] && check_header jni.h &&
enabled pthreads || die "ERROR: jni not found"; } enabled ladspa
&& require_header ladspa.h enabled libiec61883 &&
require libiec61883 libiec61883/iec61883.h iec61883_cmp_connect -lraw1394
-lavc1394 -lrom1394 -liec61883 diff -Nur ffmpeg-3.4.2/libavformat/Makef
ffmpeg-3.4.2_wolfssl_patch/lib --- ffmpeg-3.4.2/libavformat/Makef
01:29:06.0 +0100 +++ ffmpeg-3.4.2_wolfssl_patch/lib 17:38:47.0
+0200 @@ -589,6 +589,7 @@ OBJS-$(CONFIG_TCP_PROTOCOL) � += tcp.o
OBJS-$(CONFIG_TLS_GNUTLS_PROTO += tls_gnutls.o tls.o
OBJS-$(CONFIG_TLS_OPENSSL_PROT += tls_openssl.o tls.o
+OBJS-$(CONFIG_TLS_WOLFSSL_PRO += tls_wolfssl.o tls.o
OBJS-$(CONFIG_TLS_SCHANNEL_PRO += tls_schannel.o tls.o
OBJS-$(CONFIG_TLS_SECURETRANSP += tls_securetransport.o tls.o
OBJS-$(CONFIG_UDP_PROTOCOL) � += udp.o diff -Nur
ffmpeg-3.4.2/libavformat/netwo ffmpeg-3.4.2_wolfssl_patch/lib ---
ffmpeg-3.4.2/libavformat/netwo 01:29:06.0 +0100 +++
ffmpeg-3.4.2_wolfssl_patch/lib 17:38:47.0 +0200 @@ -37,6 +37,9 @@ #if
CONFIG_TLS_GNUTLS_PROTOCOL ff_gnutls_init(); #endif +#if
CONFIG_TLS_WOLFSSL_PROTOCOL + ff_wolfssl_init(); +#endif return 0;
} @@ -48,6 +51,9 @@ #if CONFIG_TLS_GNUTLS_PROTOCOL ff_gnutls_deinit();
#endif +#if CONFIG_TLS_WOLFSSL_PROTOCOL + ff_wolfssl_deinit(); +#endif
} int ff_network_inited_globally; diff -Nur ffmpeg-3.4.2/libavformat/proto
ffmpeg-3.4.2_wolfssl_patch/lib --- ffmpeg-3.4.2/libavformat/proto
01:29:06.000
[FFmpeg-devel] Odp: Re: [PATCH v15] avformat/dashdec: add dash demuxer base version
get_repl_pattern_and_format, you should have a fixed value of something like
`"%0*"PRId64` If you afraid about safety then the only thing which
need to be added to get_repl_pattern_and_format is validation of format.
Simple loop to validate format will be enough. Do you agree? Anyway we are
talking about safety but parser for mp4 atoms missing checking and there is
quite easy to make segfault of the libavformat when try to prepared mp4 file.
I understand that you want to have maximum safety with new code but I hope you
know that ffmpeg at all is not safety. Regards, SSS
Dnia 27 sierpnia 2017 16:34 Rodger Combs
<rodger.co...@gmail.com> napisał(a):
You're still calling snprintf with a string derived from
the XML, which is still not safe. Rather than having a format copied from the
source in get_repl_pattern_and_format, you should have a fixed value of
something like `"%0*"PRId64`, and specify an additional
"precision" argument you parse from the XML yourself. I can't
reiterate this enough: _never pass data from the XML into the format-string arg
of a printf-family function_.
Also, rather than calling snprintf() twice with an av_malloc() in between, you
can just call av_asprintf(). That's what it does internally anyway.
On Aug 27, 2017, at 09:19, Steven Liu <l...@chinaffmpeg.org> wrote:
ffmpeg need a dash demuxer for demux the dash formats base on
github.com github.com
TODO:
1. support multi bitrate dash
v2 fixed:
1. from autodetect to disabled
2. from camelCase code style to ffmpeg code style
3. from RepType to AVMediaType
4. fix variable typo
5. change time value from uint32_t to uint64_t
6. removed be used once API
7. change 'time(NULL)`, except it is not 2038-safe.' to av_gettime and
av_timegm
8. merge complex free operation to free_fragment
9. use API from snprintf to av_asprintf
v3 fixed:
1. fix typo from --enabled-xml2 to --enable-xml2
v4 fixed:
1. from --enable-xml2 to --enable-libxml2
2. move system includes to top
3. remove nouse includes
4. rename enum name
5. add a trailing comma for the last entry enum
6. fix comment typo
7. add const to DASHContext class front
8. check sscanf if return arguments and give warning message when error
9. check validity before free seg->url and seg
10. check if the val is null, before use atoll
v5 fixed:
1. fix typo from mainifest to manifest
v6 fixed:
1. from realloc to av_realloc
2. from free to av_free
v7 fixed:
1. remove the -lxml2 from configure when require_pkg_config
v8 fixed:
1. fix replace filename template by av_asprintf secure problem
v9 modified:
1. make manifest parser clearly
v10 fixed:
1. fix function API name code style
2. remove redundant strreplace call
3. remove redundant memory operation and check return value from
get_content_url()
4. add space between ) and {
5. remove no need to log the value for print
v11 fixed:
1. from atoll to strtoll
v12 fixed:
1. remove strreplace and instead by av_strreplace
v13 fixed:
1. fix bug: cannot play:
dash.edgesuite.net dash.edgesuite.net
v14 fixed:
1. fix bug: TLS connection was non-properly terminated
2. fix bug: No trailing CRLF found in HTTP header
v15 fixed:
1. play youtube link: ffmpeg -i $(youtube-dl -J " www.youtube.com
www.youtube.com | jq -r ".requested_formats[0].manifes
2. code refine for timeline living stream
Reviewed-by: Clément Bœsch <u...@pkh.me>
Reviewed-by: Michael Niedermayer <mich...@niedermayer.cc>
Reviewed-by: Carl Eugen Hoyos <ceho...@ag.or.at>
Reviewed-by: Rodger Combs <rodger.co...@gmail.com>
Reviewed-by: Moritz Barsnick <barsn...@gmx.net>
Reviewed-by: Nicolas George <geo...@nsup.org>
Reviewed-by: Ricardo Constantino <wiia...@gmail.com>
Reviewed-by: wm4 <nfx...@googlemail.com>
Tested-by: Andy Furniss <adf.li...@gmail.com>
Reported-by: Andy Furniss <adf.li...@gmail.com>
Signed-off-by: Steven Liu <l...@chinaffmpeg.org>
Signed-off-by: samsamsam <samsam...@o2.pl>
---
configure 4 +
libavformat/Makefile | 1 +
libavformat/allformats.c | 2 +-
libavformat/dashdec.c | 1981 ++
4 files changed, 1987 insertions(+), 1 deletion(-)
create mode 100644 libavformat/dashdec.c
diff --git a/configure b/configure
index 05f6dcc99a..7a7d61fa13 100755
--- a/configure
+++ b/configure
@@ -272,6 +272,7 @@ External library support:
--enable-libxcb-shape enable X11 grabbing shape rendering [autodetect]
--enable-libxvid enable Xvid encoding via xvidcore,
MPEG-4/Xvid encoder exi
Re: [FFmpeg-devel] Odp: Re: [PATCH v15] avformat/dashdec: add dash demuxer base version
OK. I will. What about adding validation of format instead of adding "
something like `"%0*"PRId64`"? Dnia 28 sierpnia 2017 03:30 Rodger
Combs <rodger.co...@gmail.com> napisał(a): If you know of such a
vulnerability, report it toffmpeg-secur...@ffmpeg.org . New code with known
vulnerabilities will not be accepted. Sent from my iPhone On Aug 27, 2017,
at 14:04, samsamsam < samsam...@o2.pl > wrote:
get_repl_pattern_and_format, you should have a fixed value of something like
`"%0*"PRId64` If you afraid about safety then the only thing which
need to be added to get_repl_pattern_and_format is validation of format.
Simple loop to validate format will be enough. Do you agree? Anyway we are
talking about safety but parser for mp4 atoms missing checking and there is
quite easy to make segfault of the libavformat when try to prepared mp4 file.
I understand that you want to have maximum safety with new code but I hope you
know that ffmpeg at all is not safety. Regards, SSS Dnia 27 sierpnia 2017
16:34 Rodger Combs < rodger.co...@gmail.com > napisał(a): You're
still calling snprintf with a string derived from the XML, which is still not
safe. Rather than having a format copied from the source in
get_repl_pattern_and_format, you should have a fixed value of something like
`"%0*"PRId64`, and specify an additional "precision" argument
you parse from the XML yourself. I can't reiterate this enough: _never pass
data from the XML into the format-string arg of a printf-family function_.
Also, rather than calling snprintf() twice with an av_malloc() in between, you
can just call av_asprintf(). That's what it does internally anyway. On
Aug 27, 2017, at 09:19, Steven Liu < l...@chinaffmpeg.org > wrote:
ffmpeg need a dash demuxer for demux the dash formats base on github.com
github.com TODO: 1. support multi bitrate dash v2 fixed: 1. from
autodetect to disabled 2. from camelCase code style to ffmpeg code style 3.
from RepType to AVMediaType 4. fix variable typo 5. change time value from
uint32_t to uint64_t 6. removed be used once API 7. change 'time(NULL)`,
except it is not 2038-safe.' to av_gettime and av_timegm 8. merge complex
free operation to free_fragment 9. use API from snprintf to av_asprintf v3
fixed: 1. fix typo from --enabled-xml2 to --enable-xml2 v4 fixed: 1. from
--enable-xml2 to --enable-libxml2 2. move system includes to top 3. remove
nouse includes 4. rename enum name 5. add a trailing comma for the last entry
enum 6. fix comment typo 7. add const to DASHContext class front 8. check
sscanf if return arguments and give warning message when error 9. check
validity before free seg->url and seg 10. check if the val is null, before
use atoll v5 fixed: 1. fix typo from mainifest to manifest v6 fixed: 1.
from realloc to av_realloc 2. from free to av_free v7 fixed: 1. remove the
-lxml2 from configure when require_pkg_config v8 fixed: 1. fix replace
filename template by av_asprintf secure problem v9 modified: 1. make
manifest parser clearly v10 fixed: 1. fix function API name code style 2.
remove redundant strreplace call 3. remove redundant memory operation and
check return value from get_content_url() 4. add space between ) and { 5.
remove no need to log the value for print v11 fixed: 1. from atoll to
strtoll v12 fixed: 1. remove strreplace and instead by av_strreplace v13
fixed: 1. fix bug: cannot play: dash.edgesuite.net dash.edgesuite.net v14
fixed: 1. fix bug: TLS connection was non-properly terminated 2. fix bug: No
trailing CRLF found in HTTP header v15 fixed: 1. play youtube link: ffmpeg
-i $(youtube-dl -J " www.youtube.com www.youtube.com | jq -r
".requested_formats[0].manifes 2. code refine for timeline living stream
Reviewed-by: Clément Bœsch < u...@pkh.me > Reviewed-by: Michael
Niedermayer < mich...@niedermayer.cc > Reviewed-by: Carl Eugen Hoyos
< ceho...@ag.or.at > Reviewed-by: Rodger Combs <
rodger.co...@gmail.com > Reviewed-by: Moritz Barsnick <
barsn...@gmx.net > Reviewed-by: Nicolas George < geo...@nsup.org >
Reviewed-by: Ricardo Constantino < wiia...@gmail.com > Reviewed-by:
wm4 < nfx...@googlemail.com > Tested-by: Andy Furniss <
adf.li...@gmail.com > Reported-by: Andy Furniss < adf.li...@gmail.com
> Signed-off-by: Steven Liu < l...@chinaffmpeg.org >
Signed-off-by: samsamsam < samsam...@o2.pl > --- configure
4 + libavformat/Makefile | 1 + libavformat/allformats.c | 2
+- libavformat/dashdec.c | 1981 ++ 4 files
changed, 1987 insertions(+), 1 deletion(-) create mode 100644
libavformat/dashdec.c diff --git a/configure b/configure index
05f
[FFmpeg-devel] Odp: Re: [PATCH v15] avformat/dashdec: add dash demuxer base version
Validation will be very simple. I am talking about something like this: static
int get_repl_pattern_and_format(co char *i_url, const char *i_marker, char
**o_pattern, char **o_format) { ... + for(ptr=start + marker_len;
ptr < (end - 1); ++ptr) { /*there is need to check this condition :P */ +
if (*ptr != '0') { + // Unknown format add log
here + � goto finish; + } + }
format_len = end - start - marker_len - 1 + strlen(PRId64); *o_format
= av_mallocz(format_len+1); strncpy(*o_format, start + marker_len, end
- start - marker_len -1); strcat(*o_format, PRId64); ... }
Dnia 28 sierpnia 2017 11:30 Rodger Combs
<rodger.co...@gmail.com> napisał(a):
I would expect parsing the number internally and using the
additional arg to be simpler and easier to verify than format string
validation. On Aug 28, 2017, at 04:28, samsamsam < samsam...@o2.pl >
wrote: OK. I will. What about adding validation of format instead of adding
" something like `"%0*"PRId64`"? Dnia 28 sierpnia 2017 03:30
Rodger Combs < rodger.co...@gmail.com > napisał(a): If you know of
such a vulnerability, report it to ffmpeg-secur...@ffmpeg.org . New code
with known vulnerabilities will not be accepted. Sent from my iPhone On Aug
27, 2017, at 14:04, samsamsam <samsam...@o2.pl > wrote:
get_repl_pattern_and_format, you should have a fixed value of something like
`"%0*"PRId64` If you afraid about safety then the only thing which
need to be added to get_repl_pattern_and_format is validation of format.
Simple loop to validate format will be enough. Do you agree? Anyway we are
talking about safety but parser for mp4 atoms missing checking and there is
quite easy to make segfault of the libavformat when try to prepared mp4 file.
I understand that you want to have maximum safety with new code but I hope you
know that ffmpeg at all is not safety. Regards, SSS Dnia 27 sierpnia 2017
16:34 Rodger Combs <rodger.co...@gmail.com > napisał(a): You're
still calling snprintf with a string derived from the XML, which is still not
safe. Rather than having a format copied from the source in
get_repl_pattern_and_format, you should have a fixed value of something like
`"%0*"PRId64`, and specify an additional "precision" argument
you parse from the XML yourself. I can't reiterate this enough: _never pass
data from the XML into the format-string arg of a printf-family function_.
Also, rather than calling snprintf() twice with an av_malloc() in between, you
can just call av_asprintf(). That's what it does internally anyway. On
Aug 27, 2017, at 09:19, Steven Liu <l...@chinaffmpeg.org > wrote:
ffmpeg need a dash demuxer for demux the dash formats base on github.com
github.com TODO: 1. support multi bitrate dash v2 fixed: 1. from
autodetect to disabled 2. from camelCase code style to ffmpeg code style 3.
from RepType to AVMediaType 4. fix variable typo 5. change time value from
uint32_t to uint64_t 6. removed be used once API 7. change 'time(NULL)`,
except it is not 2038-safe.' to av_gettime and av_timegm 8. merge complex
free operation to free_fragment 9. use API from snprintf to av_asprintf v3
fixed: 1. fix typo from --enabled-xml2 to --enable-xml2 v4 fixed: 1. from
--enable-xml2 to --enable-libxml2 2. move system includes to top 3. remove
nouse includes 4. rename enum name 5. add a trailing comma for the last entry
enum 6. fix comment typo 7. add const to DASHContext class front 8. check
sscanf if return arguments and give warning message when error 9. check
validity before free seg->url and seg 10. check if the val is null, before
use atoll v5 fixed: 1. fix typo from mainifest to manifest v6 fixed: 1.
from realloc to av_realloc 2. from free to av_free v7 fixed: 1. remove the
-lxml2 from configure when require_pkg_config v8 fixed: 1. fix replace
filename template by av_asprintf secure problem v9 modified: 1. make
manifest parser clearly v10 fixed: 1. fix function API name code style 2.
remove redundant strreplace call 3. remove redundant memory operation and
check return value from get_content_url() 4. add space between ) and { 5.
remove no need to log the value for print v11 fixed: 1. from atoll to
strtoll v12 fixed: 1. remove strreplace and instead by av_strreplace v13
fixed: 1. fix bug: cannot play: dash.edgesuite.net dash.edgesuite.net v14
fixed: 1. fix bug: TLS connection was non-properly terminated 2. fix bug: No
trailing CRLF found in HTTP header v15 fixed: 1. play youtube link: ffmpeg
-i $(youtube-dl -J " www.youtube.com www.youtube.com | jq -r
".requested_formats[0].manifes 2. code refine for timeline
[FFmpeg-devel] Odp: Re: [PATCH v15] avformat/dashdec: add dash demuxer base version
and think about the safety : %02c%lld %s%d%d%d%d What? With my solution
this is not problem. Why you think %s%d%d%d%d or %02c%lld give any problem?
Dnia 28 sierpnia 2017 12:27 刘歧 <l...@chinaffmpeg.org>
napisał(a):
在 2017年8月28日,18:12,sam <samsam...@o2.pl> 写道:
Validation will be very simple. I am talking about something like this:
static int get_repl_pattern_and_format(co char *i_url, const char *i_marker,
char **o_pattern, char **o_format)
{
...
+ for(ptr=start + marker_len; ptr < (end - 1); ++ptr) { /*there is
need to check this condition :P */
+ if (*ptr != '0') {
+ // Unknown format add log here
+ finish;
+ }
+ }
format_len = end - start - marker_len - 1 + strlen(PRId64);
*o_format = av_mallocz(format_len+1);
strncpy(*o_forma start + marker_len, end - start - marker_len -1);
strcat(*o_format PRId64);
…
}
maybe more complex than this way, for example:
%d
%lld
%04lld
%PRId64
%PRId32
%PRId16
and think about the safety :
%02c%lld
%s%d%d%d%d
and so on,blablabla.
maybe we need to think a perfect solution.
Dnia 28 sierpnia 2017 11:30 Rodger Combs <rodger.co...@gmail.com>
napisał(a):
I would expect parsing the number internally and using the additional arg to
be simpler and easier to verify than format string validation.
On Aug 28, 2017, at 04:28, samsamsam <samsam...@o2.pl> wrote:
OK. I will.
What about adding validation of format instead of adding "something like
`"%0*"PRId64`"?
Dnia 28 sierpnia 2017 03:30 Rodger Combs <rodger.co...@gmail.com>
napisał(a):
If you know of such a vulnerability, report it to ffmpeg-secur...@ffmpeg.org.
New code with known vulnerabilities will not be accepted.
Sent from my iPhone
On Aug 27, 2017, at 14:04, samsamsam <samsam...@o2.pl> wrote:
get_repl_pattern_and_format, you should have a fixed value of something like
`"%0*"PRId64`
If you afraid about safety then the only thing which need to be added to
get_repl_pattern_and_format is validation of format.
Simple loop to validate format will be enough. Do you agree?
Anyway we are talking about safety but parser for mp4 atoms missing checking
and there is quite easy to make segfault of the libavformat when try to
prepared mp4 file.
I understand that you want to have maximum safety with new code but I hope you
know that ffmpeg at all is not safety.
Regards,
SSS
Dnia 27 sierpnia 2017 16:34 Rodger Combs <rodger.co...@gmail.com>
napisał(a):
You're still calling snprintf with a string derived from the XML, which is
still not safe. Rather than having a format copied from the source in
get_repl_pattern_and_format, you should have a fixed value of something like
`"%0*"PRId64`, and specify an additional "precision" argument
you parse from the XML yourself. I can't reiterate this enough: _never pass
data from the XML into the format-string arg of a printf-family function_.
Also, rather than calling snprintf() twice with an av_malloc() in between, you
can just call av_asprintf(). That's what it does internally anyway.
On Aug 27, 2017, at 09:19, Steven Liu <l...@chinaffmpeg.org> wrote:
ffmpeg need a dash demuxer for demux the dash formats base on
github.com github.com
TODO:
1. support multi bitrate dash
v2 fixed:
1. from autodetect to disabled
2. from camelCase code style to ffmpeg code style
3. from RepType to AVMediaType
4. fix variable typo
5. change time value from uint32_t to uint64_t
6. removed be used once API
7. change 'time(NULL)`, except it is not 2038-safe.' to av_gettime and
av_timegm
8. merge complex free operation to free_fragment
9. use API from snprintf to av_asprintf
v3 fixed:
1. fix typo from --enabled-xml2 to --enable-xml2
v4 fixed:
1. from --enable-xml2 to --enable-libxml2
2. move system includes to top
3. remove nouse includes
4. rename enum name
5. add a trailing comma for the last entry enum
6. fix comment typo
7. add const to DASHContext class front
8. check sscanf if return arguments and give warning message when error
9. check validity before free seg->url and seg
10. check if the val is null, before use atoll
v5 fixed:
1. fix typo from mainifest to manifest
v6 fixed:
1. from realloc to av_realloc
2. from free to av_free
v7 fixed:
1. remove the -lxml2 from configure when require_pkg_config
v8 fixed:
1. fix replace filename template by av_asprintf secure problem
v9 modified:
1. make manifest parser clearly
v10 fixed:
1. fix function AP
