ffmpeg | branch: master | Timo Rothenpieler <t...@rothenpieler.org> | Sun Jul 13 16:34:44 2025 +0200| [95fd0840feb2d0d37cf57045bf02b84244bc3f78] | committer: Timo Rothenpieler
avformat/tls_openssl: don't hardcode ciphers and curves for dtls > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=95fd0840feb2d0d37cf57045bf02b84244bc3f78 --- libavformat/tls_openssl.c | 22 ---------------------- 1 file changed, 22 deletions(-) diff --git a/libavformat/tls_openssl.c b/libavformat/tls_openssl.c index 8326762592..bb9a5b8054 100644 --- a/libavformat/tls_openssl.c +++ b/libavformat/tls_openssl.c @@ -776,15 +776,12 @@ static int dtls_start(URLContext *h, const char *url, int flags, AVDictionary ** TLSShared *c = &p->tls_shared; int ret = 0; c->is_dtls = 1; - const char* ciphers = "ALL"; /** * The profile for OpenSSL's SRTP is SRTP_AES128_CM_SHA1_80, see ssl/d1_srtp.c. * The profile for FFmpeg's SRTP is SRTP_AES128_CM_HMAC_SHA1_80, see libavformat/srtp.c. */ const char* profiles = "SRTP_AES128_CM_SHA1_80"; - /* Refer to the test cases regarding these curves in the WebRTC code. */ - const char* curves = "X25519:P-256:P-384:P-521"; p->ctx = SSL_CTX_new(c->listen ? DTLS_server_method() : DTLS_client_method()); if (!p->ctx) { @@ -792,25 +789,6 @@ static int dtls_start(URLContext *h, const char *url, int flags, AVDictionary ** goto fail; } - /* For ECDSA, we could set the curves list. */ - if (SSL_CTX_set1_curves_list(p->ctx, curves) != 1) { - av_log(p, AV_LOG_ERROR, "TLS: Init SSL_CTX_set1_curves_list failed, curves=%s, %s\n", - curves, openssl_get_error(p)); - ret = AVERROR(EINVAL); - return ret; - } - - /** - * We activate "ALL" cipher suites to align with the peer's capabilities, - * ensuring maximum compatibility. - */ - if (SSL_CTX_set_cipher_list(p->ctx, ciphers) != 1) { - av_log(p, AV_LOG_ERROR, "TLS: Init SSL_CTX_set_cipher_list failed, ciphers=%s, %s\n", - ciphers, openssl_get_error(p)); - ret = AVERROR(EINVAL); - return ret; - } - ret = openssl_init_ca_key_cert(h); if (ret < 0) goto fail; _______________________________________________ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
