From 4f4eb380f0f96dbb7cdd2b812fa92b8b47a0f27c Mon Sep 17 00:00:00 2001 From: Peter Ross Date: Sun, 22 Jul 2012 14:25:12 +1000 Subject: tls: TLS/SSL server Signed-off-by: Michael Niedermayer --- libavformat/tls.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'libavformat/tls.c') diff --git a/libavformat/tls.c b/libavformat/tls.c index 2fdf9c5fc3..908bd505aa 100644 --- a/libavformat/tls.c +++ b/libavformat/tls.c @@ -165,6 +165,10 @@ static int tls_open(URLContext *h, const char *uri, int flags) struct addrinfo hints = { 0 }, *ai = NULL; const char *proxy_path; int use_proxy; + int server = 0; + const char *p = strchr(uri, '?'); + if (p && av_find_info_tag(buf, sizeof(buf), "listen", p)) + server = 1; ff_tls_init(); @@ -199,7 +203,7 @@ static int tls_open(URLContext *h, const char *uri, int flags) c->fd = ffurl_get_file_handle(c->tcp); #if CONFIG_GNUTLS - gnutls_init(&c->session, GNUTLS_CLIENT); + gnutls_init(&c->session, server ? GNUTLS_SERVER : GNUTLS_CLIENT); if (!numerichost) gnutls_server_name_set(c->session, GNUTLS_NAME_DNS, host, strlen(host)); gnutls_certificate_allocate_credentials(&c->cred); @@ -216,7 +220,7 @@ static int tls_open(URLContext *h, const char *uri, int flags) goto fail; } #elif CONFIG_OPENSSL - c->ctx = SSL_CTX_new(TLSv1_client_method()); + c->ctx = SSL_CTX_new(server ? TLSv1_server_method() : TLSv1_client_method()); if (!c->ctx) { av_log(h, AV_LOG_ERROR, "%s\n", ERR_error_string(ERR_get_error(), NULL)); ret = AVERROR(EIO); @@ -230,10 +234,10 @@ static int tls_open(URLContext *h, const char *uri, int flags) goto fail; } SSL_set_fd(c->ssl, c->fd); - if (!numerichost) + if (!server && !numerichost) SSL_set_tlsext_host_name(c->ssl, host); while (1) { - ret = SSL_connect(c->ssl); + ret = server ? SSL_accept(c->ssl) : SSL_connect(c->ssl); if (ret > 0) break; if (ret == 0) { -- cgit v1.2.3