Either disabling or init'ing secure memory is required after the use
of gcry_check_version. From a look at the functions rtmpdh uses, I
noticed none require the use of secure memory, so we disable it [1][2].
This resolves some errors returned by rtmpdh code with uninitialized
gcrypt, especifically:
Fatal: failed to create the RNG lock: Invalid argument
FATAL: failed to acquire the FSM lock in libgrypt: Invalid argument
Version "1.5.4" was arbitrarily chosen. An older version probably works
as well, but I couldn't compile older versions to test on my machine.
[1]
https://gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html
[2]
https://www.gnupg.org/documentation/manuals/gcrypt/Controlling-the-library.html
Signed-off-by: Ricardo Constantino <wiiaboo@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
mpz_import and mpz_export were added in GMP 4.1, in 2002.
This simplifies the DH code by clarifying that it only uses pure
bignum functions, no other parts of nettle/hogweed.
Signed-off-by: Martin Storsjö <martin@martin.st>
* commit 'b2f0f37d242f1194fe1f886557cf6cefdf98caf6':
rtmpdh: Generate the whole private exponent using av_get_random_seed() with nettle/gmp
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'e9e86d9ef637f5a600c76b352ffe5a82b71b25d1':
rtmpdh: Create sufficiently long private keys for gcrypt/nettle
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '8016a1bd3b60e917e1b12748dd80c06c3462c286':
rtmpdh: Remove an unnecessary check in the gcrypt/nettle dh_compute_key
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '063f7467e4d14ab7fe01b2845dab60cc75df8b53':
rtmpdh: Add fate test for the DH handshake routine
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '0508faaa11bf7507ffdd655aee57c9dc5a8203f4':
rtmpdh: Pass the actual buffer size of the output secret key
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '9f1b3050d9e31e9283d818f3640f3460ac8cfb5b':
rtmpdh: Check the output buffer size in the openssl version of dh_compute_key
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '127d813bcb5705202b7100cf1eccd1e26d72ba14':
rtmpdh: Fix a local variable name in the nettle/gcrypt codepath
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '78efc69e7c990226f4b913721ef1b308ca5bfa04':
rtmpdh: Make sure ret is initialized in the nettle version of bn_hex2bn
Merged-by: Michael Niedermayer <michaelni@gmx.at>
There was a misunderstanding betewen bits and bytes for the parameter
value for generating random big numbers.
Signed-off-by: Martin Storsjö <martin@martin.st>
* qatar/master:
mpegvideo_enc: don't use deprecated avcodec_encode_video().
cmdutils: refactor -codecs option.
avconv: make -shortest a per-output file option.
lavc: add avcodec_descriptor_get_by_name().
lavc: add const to AVCodec* function parameters.
swf(dec): replace CODEC_ID with AV_CODEC_ID
dvenc: don't use deprecated AVCODEC_MAX_AUDIO_FRAME_SIZE
rtmpdh: Do not generate the same private key every time when using libnettle
rtp: remove ff_rtp_get_rtcp_file_handle().
rtsp.c: use ffurl_get_multi_file_handle() instead of ff_rtp_get_rtcp_file_handle()
avio: add (ff)url_get_multi_file_handle() for getting more than one fd
h264: vdpau: fix crash with unsupported colorspace
amrwbdec: Decode the fr_quality bit properly
Conflicts:
Changelog
cmdutils.c
cmdutils_common_opts.h
doc/ffmpeg.texi
ffmpeg.c
ffmpeg.h
ffmpeg_opt.c
libavcodec/h264.c
libavcodec/options.c
libavcodec/utils.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Replace mpz_random by mpz_urandomb with a random state initialization in
order to improve the randomness.
Signed-off-by: Martin Storsjö <martin@martin.st>
* qatar/master:
rtmp: Add credit/copyright to librtmp authors for parts of the RTMPE code
rtmp: Move the CONFIG_ condition into the if conditions
aac: Mention abbreviation as well in long_name
build: Skip compiling rtmpdh.h if ffrtmpcrypt protocol is not enabled
doc: Add Git configuration section
configure: Add a dependency on https for rtmpts
rtp: Only choose static payload types if the sample rate and channels are right
Conflicts:
doc/git-howto.texi
libavformat/rtmpproto.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
v410dec: Implement explode mode support
zerocodec: fix direct rendering.
wav: init st to NULL to avoid a false-positive warning.
wavpack: set bits_per_raw_sample for S32 samples to properly identify 24-bit
h264: refactor NAL decode loop
RTMPTE protocol support
RTMPE protocol support
rtmp: Add ff_rtmp_calc_digest_pos()
rtmp: Rename rtmp_calc_digest to ff_rtmp_calc_digest and make it global
swscale: add missing HAVE_INLINE_ASM check.
lavfi: place x86 inline assembly under HAVE_INLINE_ASM.
vc1: Add a test for interlaced field pictures
swscale: Mark all init functions as av_cold
swscale: x86: Drop pointless _mmx suffix from filenames
lavf: use conditional notation for default codec in muxer declarations.
swscale: place inline assembly bilinear scaler under HAVE_INLINE_ASM.
dsputil: ppc: cosmetics: pretty-print
dsputil: x86: add SHUFFLE_MASK_W macro
configure: respect CC_O setting in check_cc
Conflicts:
Changelog
configure
libavcodec/v410dec.c
libavcodec/zerocodec.c
libavformat/asfenc.c
libavformat/version.h
libswscale/utils.c
libswscale/x86/swscale.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
This adds two protocols, but one of them is an internal implementation
detail just used as an abstraction layer/generalization in the code. The
RTMPE protocol implementation uses ffrtmpcrypt:// as an alternative to the
tcp:// protocol. This allows moving most of the lower level logic out
from the higher level generic rtmp code.
Signed-off-by: Martin Storsjö <martin@martin.st>