From 2db025b18be995afea46dea6c15a3caf1d985a82 Mon Sep 17 00:00:00 2001
From: sfan5
Date: Wed, 4 Sep 2024 17:56:05 +0200
Subject: [PATCH v2] lavf/tls_mbedtls: restrict TLSv1.3 verification workaround
to affected version
Now that mbedTLS 3.6.1 is released we know that only 3.6.0 contains this
Am 09.09.24 um 12:21 schrieb Anton Khirnov:
Quoting sfan5 (2024-09-04 18:55:37)
From 57b37df52c7d528a1ce926cd7a7d75f62f6b46c6 Mon Sep 17 00:00:00 2001
From: sfan5
Date: Wed, 4 Sep 2024 17:56:05 +0200
Subject: [PATCH] lavf/tls_mbedtls: restrict TLSv1.3 verification workaround to
affected
From 57b37df52c7d528a1ce926cd7a7d75f62f6b46c6 Mon Sep 17 00:00:00 2001
From: sfan5
Date: Wed, 4 Sep 2024 17:56:05 +0200
Subject: [PATCH] lavf/tls_mbedtls: restrict TLSv1.3 verification workaround to
affected version
Now that mbedTLS 3.6.1 is released we know that only 3.6.0 contains this
revised commit message as suggested
From 9aa111c400cc3245edf870c431a5e271432ef5f2 Mon Sep 17 00:00:00 2001
From: sfan5
Date: Wed, 7 Aug 2024 17:48:06 +0200
Subject: [PATCH v2] avcodec/mediacodecdec: call MediaCodec.stop on close
Usually the MediaCodec context will be released immediately, or it
Am 08.08.24 um 17:29 schrieb Zhao Zhili:
On Aug 8, 2024, at 00:27, sfan5 wrote:
Hi all,
attached is a small fix for the MediaCodec code. Tested on Android 14.
This can free up vital resources in case of using multiple
decoding instances and there are buffer references left over
and not
Hi all,
attached is a small fix for the MediaCodec code. Tested on Android 14.
From 3f5d05920dc6826b4c0ea0ed7969e9259e08084e Mon Sep 17 00:00:00 2001
From: sfan5
Date: Wed, 7 Aug 2024 17:48:06 +0200
Subject: [PATCH] avcodec/mediacodecdec: call MediaCodec.stop on close
This can free up vital
Am 11.06.24 um 17:02 schrieb Anton Khirnov:
Quoting Sfan5 (2024-05-17 10:34:50)
As of mbedTLS 3.6.0 TLSv1.3 is enabled by default and certificate
verification
is now mandatory. Our default configuration does not do verification, so
downgrade to 1.2 in these situations to avoid breaking it.
ref
Am 04.06.24 um 12:25 schrieb sfan5:
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe&quo
From 2cfdd92e8b323a41b65e3d6be2fc9c7641bb26c0 Mon Sep 17 00:00:00 2001
From: sfan5
Date: Mon, 13 May 2024 20:27:17 +0200
Subject: [PATCH v3 4/6] lavf/tls_mbedtls: fix handling of certification
validation failures
We manually check the verification status after the handshake has completed
using
From 9e5993cf104cdc1b7c4eabe173f9ab3e8f0cfeca Mon Sep 17 00:00:00 2001
From: sfan5
Date: Mon, 13 May 2024 20:26:16 +0200
Subject: [PATCH v3 3/6] lavf/tls_mbedtls: hook up debug message callback
Unfortunately this won't work out-of-the-box because mbedTLS
only provides a global (not per-co
From 9df718654e45eb02c1f2b3f29b4554a6a90900ef Mon Sep 17 00:00:00 2001
From: sfan5
Date: Fri, 17 May 2024 10:06:42 +0200
Subject: [PATCH v3 6/6] lavf/tls_mbedtls: add workaround for TLSv1.3 vs.
verify=0
As of mbedTLS 3.6.0 TLSv1.3 is enabled by default and certificate verification
is now
From 8b2cab9a0ad225fc2b13850ff1bafb45d3d8ebaa Mon Sep 17 00:00:00 2001
From: sfan5
Date: Mon, 13 May 2024 20:24:43 +0200
Subject: [PATCH v3 2/6] lavf/tls_mbedtls: add missing call to psa_crypto_init
This is mandatory depending on configuration or at least with mbedTLS 3.6.0.
Signed-off-by
From c8d7f937f5d8f1cf001aec510d4f6f28c5d9fc59 Mon Sep 17 00:00:00 2001
From: sfan5
Date: Mon, 13 May 2024 20:29:10 +0200
Subject: [PATCH v3 5/6] lavf/tls_mbedtls: handle session ticket error code as
no-op
When TLSv1.3 and session tickets are enabled mbedtls_ssl_read()
will return an error code
From 7024782ebac9471194761fba9f60834ed7769efd Mon Sep 17 00:00:00 2001
From: sfan5
Date: Mon, 13 May 2024 20:22:44 +0200
Subject: [PATCH v3 1/6] lavf/tls_mbedtls: handle more error codes for
human-readable messages
Signed-off-by: sfan5
---
libavformat/tls_mbedtls.c | 9 +
1 file
Am 03.06.24 um 22:08 schrieb Jan Ekström:
On Wed, May 29, 2024 at 2:05 PM sfan5 wrote:
Did an initial tired look at the set, and in general it looks alright
and the wrapper still builds with Fedora's mbedtls 2.28.8.
(Of course then it fails to link due to unchecked usage of
`mbedtls_x509
From 98dd9aac129fbdf07f83da16b7307cb775ff8e66 Mon Sep 17 00:00:00 2001
From: sfan5
Date: Fri, 17 May 2024 10:06:42 +0200
Subject: [PATCH v2 6/6] lavf/tls_mbedtls: add workaround for TLSv1.3 vs.
verify=0
As of mbedTLS 3.6.0 TLSv1.3 is enabled by default and certificate verification
is now
From 87bf4c7de225036b5e4458c9de2de4b941f8f9b6 Mon Sep 17 00:00:00 2001
From: sfan5
Date: Mon, 13 May 2024 20:29:10 +0200
Subject: [PATCH v2 5/6] lavf/tls_mbedtls: handle session ticket error code as
no-op
When TLSv1.3 and session tickets are enabled mbedtls_ssl_read()
will return an error code
From d561732d7c05d820baeb9c8bff5e8a4b133fe624 Mon Sep 17 00:00:00 2001
From: sfan5
Date: Mon, 13 May 2024 20:27:17 +0200
Subject: [PATCH v2 4/6] lavf/tls_mbedtls: fix handling of certification
validation failures
We manually check the verification status after the handshake has completed
using
From f51387a129e93af13751237ec2c6e25ad07c8dc4 Mon Sep 17 00:00:00 2001
From: sfan5
Date: Mon, 13 May 2024 20:26:16 +0200
Subject: [PATCH v2 3/6] lavf/tls_mbedtls: hook up debug message callback
Unfortunately this won't work out-of-the-box because mbedTLS
only provides a global (not per-co
From 18142d98aed9e48a78a37590341bf48f1fe2339e Mon Sep 17 00:00:00 2001
From: sfan5
Date: Mon, 13 May 2024 20:24:43 +0200
Subject: [PATCH v2 2/6] lavf/tls_mbedtls: add missing call to psa_crypto_init
This is mandatory depending on configuration or at least with mbedTLS 3.6.0.
Signed-off-by
From e8b5b6dee2d29690d1ae18090659120399b84e7c Mon Sep 17 00:00:00 2001
From: sfan5
Date: Mon, 13 May 2024 20:22:44 +0200
Subject: [PATCH v2 1/6] lavf/tls_mbedtls: handle more error codes for
human-readable message
Signed-off-by: sfan5
---
libavformat/tls_mbedtls.c | 6 ++
1 file changed
Am 18.05.24 um 21:53 schrieb Michael Niedermayer:
On Fri, May 17, 2024 at 10:34:41AM +0200, Sfan5 wrote:
We manually check the verification status after the handshake has completed
using mbedtls_ssl_get_verify_result(). However with VERIFY_REQUIRED
mbedtls_ssl_handshake() already returns an
Am 17.05.24 um 11:42 schrieb Andrew Sayers:
On Fri, May 17, 2024 at 10:34:26AM +0200, Sfan5 wrote:
Signed-off-by: sfan5
---
libavformat/tls_mbedtls.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/libavformat/tls_mbedtls.c b/libavformat/tls_mbedtls.c
index 1a182e735e..fd6ba0b1f5
Am 17.05.24 um 11:51 schrieb Rémi Denis-Courmont:
Le 17 mai 2024 11:34:35 GMT+03:00, Sfan5 a écrit :
Signed-off-by: sfan5
---
libavformat/tls_mbedtls.c | 14 ++
1 file changed, 14 insertions(+)
diff --git a/libavformat/tls_mbedtls.c b/libavformat/tls_mbedtls.c
index 24c3afd94c
As of mbedTLS 3.6.0 TLSv1.3 is enabled by default and certificate
verification
is now mandatory. Our default configuration does not do verification, so
downgrade to 1.2 in these situations to avoid breaking it.
ref: https://github.com/Mbed-TLS/mbedtls/issues/7075
Signed-off-by: sfan5
When TLSv1.3 and session tickets are enabled mbedtls_ssl_read()
will return an error code to inform about a received session ticket.
This can simply be handled like EAGAIN instead of errornously
aborting the connection.
ref: https://github.com/Mbed-TLS/mbedtls/issues/8749
Signed-off-by: sfan5
does not abort the handshake.
Signed-off-by: sfan5
---
libavformat/tls_mbedtls.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libavformat/tls_mbedtls.c b/libavformat/tls_mbedtls.c
index 9508fe3436..67d5c568b9 100644
--- a/libavformat/tls_mbedtls.c
+++ b/libavformat
Signed-off-by: sfan5
---
libavformat/tls_mbedtls.c | 14 ++
1 file changed, 14 insertions(+)
diff --git a/libavformat/tls_mbedtls.c b/libavformat/tls_mbedtls.c
index 24c3afd94c..9508fe3436 100644
--- a/libavformat/tls_mbedtls.c
+++ b/libavformat/tls_mbedtls.c
@@ -26,6 +26,7
This is mandatory depending on configuration or at least with mbedTLS 3.6.0.
Signed-off-by: sfan5
---
libavformat/tls_mbedtls.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/libavformat/tls_mbedtls.c b/libavformat/tls_mbedtls.c
index fd6ba0b1f5..24c3afd94c 100644
--- a
Signed-off-by: sfan5
---
libavformat/tls_mbedtls.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/libavformat/tls_mbedtls.c b/libavformat/tls_mbedtls.c
index 1a182e735e..fd6ba0b1f5 100644
--- a/libavformat/tls_mbedtls.c
+++ b/libavformat/tls_mbedtls.c
@@ -138,6 +138,9 @@ static void
got mangled somehow)
From c3a5edd940c503cca706b3d92954b8cd5c715e26 Mon Sep 17 00:00:00 2001
From: sfan5
Date: Sun, 18 Sep 2022 18:26:43 +0200
Subject: [PATCH] mediacodecdec_common: enable refcounting of buffers
unconditionally
This allows av_mediacodec_release_buffer to be called safely after
the
This allows av_mediacodec_release_buffer to be called safely after
the decoder is closed, this was already the case with delay_flush=1.
Note that this causes holding onto frames to keep the decoding context
alive which is generally considered to be the intended behavior.
---
libavcodec/mediacodec
On 29.12.2021 at 21:02 Anton Khirnov wrote:
Quoting sfan5 (2021-12-13 21:55:41)
If ca_file was set, setting tls_verify=0 would not actually disable
verification.
From 2677353187c4e3c20b50a3f9aab53130e3ead99b Mon Sep 17 00:00:00 2001
From: sfan5
Date: Mon, 13 Dec 2021 21:35:40 +0100
Subject
ping. I'll look at getting this pushed in a few days if there are no
objections.
If ca_file was set, setting tls_verify=0 would not actually disable
verification.
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listi
2001
From: sfan5
Date: Mon, 13 Dec 2021 21:01:00 +0100
Subject: [PATCH] lavc/mediacodecdec: set codec profile and level from
extradata for H264+HEVC
This value is later passed to MediaCodec and checked at decoder init.
Notably decoding of 10-bit streams before this commit would "work&quo
If ca_file was set, setting tls_verify=0 would not actually disable
verification.
From 2677353187c4e3c20b50a3f9aab53130e3ead99b Mon Sep 17 00:00:00 2001
From: sfan5
Date: Mon, 13 Dec 2021 21:35:40 +0100
Subject: [PATCH] lavf/tls_mbedtls: fix handling of tls_verify=0
If ca_file was set, setting
>From 22ebde779f61fb030633a881ef320264ea446b6b Mon Sep 17 00:00:00 2001
From: sfan5
Date: Thu, 11 Feb 2021 20:48:54 +0100
Subject: [PATCH 2/2] avcodec/mediacodec_wrapper: use
MediaCodecInfo.isSoftwareOnly() when available
Added in Android 10 it provides a reliable way of filtering
Hi,
while looking into mediacodec for unrelated reasons I saw some room for
improvement.
Therefore, here's a series with two small patches.
>From cadd2b2d4a5ffbb4dcc34faf2d3e139e1d4d608b Mon Sep 17 00:00:00 2001
From: sfan5
Date: Thu, 11 Feb 2021 19:23:26 +0100
Subject: [PATCH 1/2]
12.02.21 - 21:43 - Andreas Rheinhardt:
sfan5:
Hi,
attached v2 patch after discussion on IRC with JEEB (as he already
mentioned).
Only change is that the log level turns to debug when missing parameter
sets are within spec (cf. 14496-15).
-av_log(avctx, AV_LOG_ERROR, "Coul
Hi,
attached v2 patch after discussion on IRC with JEEB (as he already
mentioned).
Only change is that the log level turns to debug when missing parameter
sets are within spec (cf. 14496-15).
>From 2fc46b8b22361d02f8c4008c3f47b2c3d0046b3a Mon Sep 17 00:00:00 2001
From: sfan5
Date:
26.01.21 - 02:22 - Steven Liu:
sfan5 于2021年1月25日周一 下午11:25写道:
---
libavformat/dashdec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/dashdec.c b/libavformat/dashdec.c
index 693fc7372b..dc56e89f11 100644
--- a/libavformat/dashdec.c
+++ b/libavformat
Although rare, extradata can be present but empty and extraction will fail.
However Android also supports passing codec-specific data inline and
will likely play such a stream anyway. So there's no reason to abort
initialization before we know for sure.
---
libavcodec/mediacodecdec.c | 8
This isn't supposed to happen, but unfinished support for non-templated
manifests and lack of e.g. presentationTimeOffset handling can provoke
such a situation even with well-formed input.
---
libavformat/dashdec.c | 10 +-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/liba
---
libavformat/dashdec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/dashdec.c b/libavformat/dashdec.c
index 693fc7372b..dc56e89f11 100644
--- a/libavformat/dashdec.c
+++ b/libavformat/dashdec.c
@@ -161,7 +161,7 @@ typedef struct DASHContext {
static int isht
44 matches
Mail list logo
