videolan
/
ffmpeg
mirror of https://git.videolan.org/git/ffmpeg.git
1
Fork 0
Code Releases Activity

lavf/tls_securetransport: handle incomplete reads gracefully 

Signed-off-by: Aman Gupta <aman at tmm1.net>
This commit is contained in:
Rodger Combs 2017-11-13 14:46:17 -06:00
parent e7e7d56a85
commit a36a3d7fec
1 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
libavformat/tls_securetransport.c
View File

@ -54,7 +54,7 @@ static int print_tls_error(URLContext *h, int ret)
TLSContext *c = h->priv_data;
switch (ret) {
case errSSLWouldBlock:
break;
return AVERROR(EAGAIN);
case errSSLXCertChainInvalid:
av_log(h, AV_LOG_ERROR, "Invalid certificate chain\n");
return AVERROR(EIO);
@ -197,7 +197,8 @@ static OSStatus tls_read_cb(SSLConnectionRef connection, void *data, size_t *dat
{
URLContext *h = (URLContext*)connection;
TLSContext *c = h->priv_data;
int read = ffurl_read_complete(c->tls_shared.tcp, data, *dataLength);
size_t requested = *dataLength;
int read = ffurl_read(c->tls_shared.tcp, data, requested);
if (read <= 0) {
*dataLength = 0;
switch(AVUNERROR(read)) {
@ -214,7 +215,10 @@ static OSStatus tls_read_cb(SSLConnectionRef connection, void *data, size_t *dat
}
} else {
*dataLength = read;
return noErr;
if (read < requested)
return errSSLWouldBlock;
else
return noErr;
}
}
@ -326,12 +330,13 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op
if (peerTrust)
CFRelease(peerTrust);
}
if (status == noErr)
if (status == noErr) {
break;
av_log(h, AV_LOG_ERROR, "Unable to negotiate TLS/SSL session: %i\n", (int)status);
ret = AVERROR(EIO);
goto fail;
} else if (status != errSSLWouldBlock) {
av_log(h, AV_LOG_ERROR, "Unable to negotiate TLS/SSL session: %i\n", (int)status);
ret = AVERROR(EIO);
goto fail;
}
}
return 0;
@ -348,6 +353,9 @@ static int map_ssl_error(OSStatus status, size_t processed)
case errSSLClosedGraceful:
case errSSLClosedNoNotify:
return 0;
case errSSLWouldBlock:
if (processed > 0)
return processed;
default:
return (int)status;
}