[FFmpeg-devel] [PATCH 2/5] lavf/tls_openssl: if no CA path is set, use the system default
Rodger Combs
rodger.combs at gmail.com
Fri Jan 18 10:46:01 EET 2019
This is consistent with the other TLS wrappers
---
libavformat/tls_openssl.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/libavformat/tls_openssl.c b/libavformat/tls_openssl.c
index 9dd53c6fc0..ae3fd6e236 100644
--- a/libavformat/tls_openssl.c
+++ b/libavformat/tls_openssl.c
@@ -253,6 +253,9 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op
if (c->ca_file) {
if (!SSL_CTX_load_verify_locations(p->ctx, c->ca_file, NULL))
av_log(h, AV_LOG_ERROR, "SSL_CTX_load_verify_locations %s\n", ERR_error_string(ERR_get_error(), NULL));
+ } else {
+ if (!SSL_CTX_set_default_verify_paths(p->ctx))
+ av_log(h, AV_LOG_ERROR, "SSL_CTX_set_default_verify_paths %s\n", ERR_error_string(ERR_get_error(), NULL));
}
if (c->cert_file && !SSL_CTX_use_certificate_chain_file(p->ctx, c->cert_file)) {
av_log(h, AV_LOG_ERROR, "Unable to load cert file %s: %s\n",
--
2.19.1
More information about the ffmpeg-devel
mailing list