This is an automated email from the git hooks/post-receive script.
Git pushed a commit to branch master
in repository ffmpeg.
The following commit(s) were added to refs/heads/master by this push:
new 31c2f814ca avformat/tls_gnutls: fix DTLS handshake failure in some
WebRTC cases
31c2f814ca is described below
commit 31c2f814ca14c9d029111bc2349d4343270f0002
Author: Aditya Banavi <[email protected]>
AuthorDate: Sun Mar 1 17:25:02 2026 +0000
Commit: Jack Lau <[email protected]>
CommitDate: Mon Mar 9 03:11:04 2026 +0000
avformat/tls_gnutls: fix DTLS handshake failure in some WebRTC cases
The early code may encounter handshake failure when publish
WHIP to some server.
See RFC 8827 section 6.5:
All implementations MUST support DTLS 1.2 with the
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher suite
and the P-256 curve.
So this patch uses the specific curve to avoid incompatibility.
Signed-off-by: Aditya Banavi <[email protected]>
---
libavformat/tls_gnutls.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/tls_gnutls.c b/libavformat/tls_gnutls.c
index 778ca9cf40..e294aef0c0 100644
--- a/libavformat/tls_gnutls.c
+++ b/libavformat/tls_gnutls.c
@@ -197,7 +197,7 @@ static int gnutls_gen_private_key(gnutls_x509_privkey_t
*key)
}
ret = gnutls_x509_privkey_generate(*key, GNUTLS_PK_ECDSA,
-
gnutls_sec_param_to_pk_bits(GNUTLS_PK_ECDSA, GNUTLS_SEC_PARAM_MEDIUM), 0);
+
GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1), 0);
if (ret < 0) {
av_log(NULL, AV_LOG_ERROR, "TLS: Failed to generate private key:
%s\n", gnutls_strerror(ret));
goto einval_end;
_______________________________________________
ffmpeg-cvslog mailing list -- [email protected]
To unsubscribe send an email to [email protected]
