Commit 4c8d86eb authored by Hendrik Leppkes's avatar Hendrik Leppkes

avformat: implement SChannel SSP TLS protocol

This implementation does not support TLS listen sockets and loading
CA/Certs from files.

The Windows API does not support loading PEM certs, and would either
require a manual loader or instead be limited to loading Windows PFX
certificates

TLS listen sockets would have to be implemented quite separately, as many
of the APIs are different for server-mode (as opposed to client mode).
parent 17705f5d
......@@ -281,6 +281,8 @@ External library support:
--enable-opengl enable OpenGL rendering [no]
--enable-openssl enable openssl, needed for https support
if gnutls is not used [no]
--disable-schannel disable SChannel SSP, needed for TLS support on
Windows if openssl and gnutls are not used [autodetect]
--disable-sdl disable sdl [autodetect]
--disable-securetransport disable Secure Transport, needed for TLS support
on OSX if openssl and gnutls are not used [autodetect]
......@@ -1468,6 +1470,7 @@ EXTERNAL_LIBRARY_LIST="
opencl
opengl
openssl
schannel
sdl
securetransport
x11grab
......@@ -2763,13 +2766,15 @@ sctp_protocol_deps="struct_sctp_event_subscribe"
sctp_protocol_select="network"
srtp_protocol_select="rtp_protocol"
tcp_protocol_select="network"
tls_gnutls_protocol_deps="gnutls !tls_securetransport_protocol"
tls_gnutls_protocol_deps="gnutls !tls_schannel_protocol !tls_securetransport_protocol"
tls_gnutls_protocol_select="tcp_protocol"
tls_openssl_protocol_deps="openssl !tls_securetransport_protocol !tls_gnutls_protocol"
tls_openssl_protocol_deps="openssl !tls_schannel_protocol !tls_securetransport_protocol !tls_gnutls_protocol"
tls_openssl_protocol_select="tcp_protocol"
tls_schannel_protocol_deps="schannel"
tls_schannel_protocol_select="tcp_protocol"
tls_securetransport_protocol_deps="securetransport"
tls_securetransport_protocol_select="tcp_protocol"
tls_protocol_deps_any="tls_securetransport_protocol tls_gnutls_protocol tls_openssl_protocol"
tls_protocol_deps_any="tls_schannel_protocol tls_securetransport_protocol tls_gnutls_protocol tls_openssl_protocol"
udp_protocol_select="network"
udplite_protocol_select="network"
unix_protocol_deps="sys_un_h"
......@@ -5511,6 +5516,9 @@ disabled securetransport || { check_func SecIdentityCreate "-Wl,-framework,CoreF
check_lib2 "Security/SecureTransport.h Security/Security.h" "SSLCreateContext SecItemImport" "-Wl,-framework,CoreFoundation -Wl,-framework,Security" &&
enable securetransport; }
disabled schannel || { check_func_headers "windows.h Security.h" InitializeSecurityContext -DSECURITY_WIN32 -lSecur32 &&
enable schannel && add_extralibs -lSecur32; }
makeinfo --version > /dev/null 2>&1 && enable makeinfo || disable makeinfo
enabled makeinfo \
&& [ 0$(makeinfo --version | grep "texinfo" | sed 's/.*texinfo[^0-9]*\([0-9]*\)\..*/\1/') -ge 5 ] \
......
......@@ -544,6 +544,7 @@ OBJS-$(CONFIG_SUBFILE_PROTOCOL) += subfile.o
OBJS-$(CONFIG_TCP_PROTOCOL) += tcp.o
OBJS-$(CONFIG_TLS_GNUTLS_PROTOCOL) += tls_gnutls.o tls.o
OBJS-$(CONFIG_TLS_OPENSSL_PROTOCOL) += tls_openssl.o tls.o
OBJS-$(CONFIG_TLS_SCHANNEL_PROTOCOL) += tls_schannel.o tls.o
OBJS-$(CONFIG_TLS_SECURETRANSPORT_PROTOCOL) += tls_securetransport.o tls.o
OBJS-$(CONFIG_UDP_PROTOCOL) += udp.o
OBJS-$(CONFIG_UDPLITE_PROTOCOL) += udp.o
......
......@@ -395,6 +395,7 @@ void av_register_all(void)
REGISTER_PROTOCOL(SRTP, srtp);
REGISTER_PROTOCOL(SUBFILE, subfile);
REGISTER_PROTOCOL(TCP, tcp);
REGISTER_PROTOCOL(TLS_SCHANNEL, tls_schannel);
REGISTER_PROTOCOL(TLS_SECURETRANSPORT, tls_securetransport);
REGISTER_PROTOCOL(TLS_GNUTLS, tls_gnutls);
REGISTER_PROTOCOL(TLS_OPENSSL, tls_openssl);
......
......@@ -26,7 +26,7 @@
#include "url.h"
#include "libavutil/opt.h"
#define CONFIG_TLS_PROTOCOL (CONFIG_TLS_GNUTLS_PROTOCOL | CONFIG_TLS_OPENSSL_PROTOCOL | CONFIG_TLS_SECURETRANSPORT_PROTOCOL)
#define CONFIG_TLS_PROTOCOL (CONFIG_TLS_GNUTLS_PROTOCOL | CONFIG_TLS_OPENSSL_PROTOCOL | CONFIG_TLS_SECURETRANSPORT_PROTOCOL | CONFIG_TLS_SCHANNEL_PROTOCOL)
typedef struct TLSShared {
char *ca_file;
......
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment