lavf/tls: let the user specify what name to verify against

This can be useful for debugging, or in scenarios where the user
doesn't want to use the system's DNS settings for whatever reason.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>

libavformat/tls.c

@@ -67,7 +67,7 @@ int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AV
     if (c->listen)
         snprintf(opts, sizeof(opts), "?listen=1");
 
-    av_url_split(NULL, 0, NULL, 0, c->host, sizeof(c->host), &port, NULL, 0, uri);
+    av_url_split(NULL, 0, NULL, 0, c->underlying_host, sizeof(c->underlying_host), &port, NULL, 0, uri);
 
     p = strchr(uri, '?');
 
@@ -78,16 +78,19 @@ int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AV
             c->listen = 1;
     }
 
-    ff_url_join(buf, sizeof(buf), "tcp", NULL, c->host, port, "%s", p);
+    ff_url_join(buf, sizeof(buf), "tcp", NULL, c->underlying_host, port, "%s", p);
 
     hints.ai_flags = AI_NUMERICHOST;
-    if (!getaddrinfo(c->host, NULL, &hints, &ai)) {
+    if (!getaddrinfo(c->underlying_host, NULL, &hints, &ai)) {
         c->numerichost = 1;
         freeaddrinfo(ai);
     }
 
+    if (!c->host && !(c->host = av_strdup(c->underlying_host)))
+        return AVERROR(ENOMEM);
+
     proxy_path = getenv("http_proxy");
-    use_proxy = !ff_http_match_no_proxy(getenv("no_proxy"), c->host) &&
+    use_proxy = !ff_http_match_no_proxy(getenv("no_proxy"), c->underlying_host) &&
                 proxy_path && av_strstart(proxy_path, "http://", NULL);
 
     if (use_proxy) {
@@ -96,7 +99,7 @@ int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AV
         av_url_split(NULL, 0, proxy_auth, sizeof(proxy_auth),
                      proxy_host, sizeof(proxy_host), &proxy_port, NULL, 0,
                      proxy_path);
-        ff_url_join(dest, sizeof(dest), NULL, NULL, c->host, port, NULL);
+        ff_url_join(dest, sizeof(dest), NULL, NULL, c->underlying_host, port, NULL);
         ff_url_join(buf, sizeof(buf), "httpproxy", proxy_auth, proxy_host,
                     proxy_port, "/%s", dest);
     }

libavformat/tls.h

@@ -35,7 +35,9 @@ typedef struct TLSShared {
     char *key_file;
     int listen;
 
-    char host[200];
+    char *host;
+
+    char underlying_host[200];
     int numerichost;
 
     URLContext *tcp;
@@ -48,7 +50,8 @@ typedef struct TLSShared {
     {"tls_verify", "Verify the peer certificate",         offsetof(pstruct, options_field . verify),    AV_OPT_TYPE_INT, { .i64 = 0 }, 0, 1, .flags = TLS_OPTFL }, \
     {"cert_file",  "Certificate file",                    offsetof(pstruct, options_field . cert_file), AV_OPT_TYPE_STRING, .flags = TLS_OPTFL }, \
     {"key_file",   "Private key file",                    offsetof(pstruct, options_field . key_file),  AV_OPT_TYPE_STRING, .flags = TLS_OPTFL }, \
-    {"listen",     "Listen for incoming connections",     offsetof(pstruct, options_field . listen),    AV_OPT_TYPE_INT, { .i64 = 0 }, 0, 1, .flags = TLS_OPTFL }
+    {"listen",     "Listen for incoming connections",     offsetof(pstruct, options_field . listen),    AV_OPT_TYPE_INT, { .i64 = 0 }, 0, 1, .flags = TLS_OPTFL }, \
+    {"verifyhost", "Verify against a specific hostname",  offsetof(pstruct, options_field . host),      AV_OPT_TYPE_STRING, .flags = TLS_OPTFL }
 
 int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AVDictionary **options);