|
|
@ -54,7 +54,7 @@ static int print_tls_error(URLContext *h, int ret) |
|
|
|
TLSContext *c = h->priv_data; |
|
|
|
TLSContext *c = h->priv_data; |
|
|
|
switch (ret) { |
|
|
|
switch (ret) { |
|
|
|
case errSSLWouldBlock: |
|
|
|
case errSSLWouldBlock: |
|
|
|
break; |
|
|
|
return AVERROR(EAGAIN); |
|
|
|
case errSSLXCertChainInvalid: |
|
|
|
case errSSLXCertChainInvalid: |
|
|
|
av_log(h, AV_LOG_ERROR, "Invalid certificate chain\n"); |
|
|
|
av_log(h, AV_LOG_ERROR, "Invalid certificate chain\n"); |
|
|
|
return AVERROR(EIO); |
|
|
|
return AVERROR(EIO); |
|
|
@ -197,7 +197,8 @@ static OSStatus tls_read_cb(SSLConnectionRef connection, void *data, size_t *dat |
|
|
|
{ |
|
|
|
{ |
|
|
|
URLContext *h = (URLContext*)connection; |
|
|
|
URLContext *h = (URLContext*)connection; |
|
|
|
TLSContext *c = h->priv_data; |
|
|
|
TLSContext *c = h->priv_data; |
|
|
|
int read = ffurl_read_complete(c->tls_shared.tcp, data, *dataLength); |
|
|
|
size_t requested = *dataLength; |
|
|
|
|
|
|
|
int read = ffurl_read(c->tls_shared.tcp, data, requested); |
|
|
|
if (read <= 0) { |
|
|
|
if (read <= 0) { |
|
|
|
*dataLength = 0; |
|
|
|
*dataLength = 0; |
|
|
|
switch(AVUNERROR(read)) { |
|
|
|
switch(AVUNERROR(read)) { |
|
|
@ -214,7 +215,10 @@ static OSStatus tls_read_cb(SSLConnectionRef connection, void *data, size_t *dat |
|
|
|
} |
|
|
|
} |
|
|
|
} else { |
|
|
|
} else { |
|
|
|
*dataLength = read; |
|
|
|
*dataLength = read; |
|
|
|
return noErr; |
|
|
|
if (read < requested) |
|
|
|
|
|
|
|
return errSSLWouldBlock; |
|
|
|
|
|
|
|
else |
|
|
|
|
|
|
|
return noErr; |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
@ -326,12 +330,13 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op |
|
|
|
if (peerTrust) |
|
|
|
if (peerTrust) |
|
|
|
CFRelease(peerTrust); |
|
|
|
CFRelease(peerTrust); |
|
|
|
} |
|
|
|
} |
|
|
|
if (status == noErr) |
|
|
|
if (status == noErr) { |
|
|
|
break; |
|
|
|
break; |
|
|
|
|
|
|
|
} else if (status != errSSLWouldBlock) { |
|
|
|
av_log(h, AV_LOG_ERROR, "Unable to negotiate TLS/SSL session: %i\n", (int)status); |
|
|
|
av_log(h, AV_LOG_ERROR, "Unable to negotiate TLS/SSL session: %i\n", (int)status); |
|
|
|
ret = AVERROR(EIO); |
|
|
|
ret = AVERROR(EIO); |
|
|
|
goto fail; |
|
|
|
goto fail; |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
return 0; |
|
|
|
return 0; |
|
|
@ -348,6 +353,9 @@ static int map_ssl_error(OSStatus status, size_t processed) |
|
|
|
case errSSLClosedGraceful: |
|
|
|
case errSSLClosedGraceful: |
|
|
|
case errSSLClosedNoNotify: |
|
|
|
case errSSLClosedNoNotify: |
|
|
|
return 0; |
|
|
|
return 0; |
|
|
|
|
|
|
|
case errSSLWouldBlock: |
|
|
|
|
|
|
|
if (processed > 0) |
|
|
|
|
|
|
|
return processed; |
|
|
|
default: |
|
|
|
default: |
|
|
|
return (int)status; |
|
|
|
return (int)status; |
|
|
|
} |
|
|
|
} |
|
|
|