[Bug 724393] gst-plugins-base: allow specifying an anchor certificate file in gstrtspconnection
GStreamer (bugzilla.gnome.org)
bugzilla at gnome.org
Sun Feb 16 17:19:40 PST 2014
https://bugzilla.gnome.org/show_bug.cgi?id=724393
GStreamer | gst-plugins-base | git
--- Comment #6 from Aleix Conchillo Flaqué <aleix at oblong.com> 2014-02-17 01:39:39 UTC ---
(In reply to comment #5)
> Review of attachment 269158 [details]:
>
> Seems like a good idea, just some questions.
>
> ::: gst-libs/gst/rtsp/gstrtspconnection.c
> @@ +230,3 @@
> +
> + if (error)
> + goto verify_error;
>
> Shouldn't this use the tls-validation-flags property here to ignore some errors
> but not others, like what happens in rtspsrc?
>
error is just a GError, but it's true that we should take into account the
tls-validation-flags in here:
accept = ((errors & rtspcon->tls_validation_flags) == 0);
i missed that, thanks!
> @@ +580,3 @@
> + * Sets the anchor certificate authorities database file. This
> + * certificate database will be used after a server certificate can't be
> + * verified with the default certificate database.
>
> Does this require a single file with all certificates or can it also be a
> directory like /etc/ssl/certs ?
>
Yes, it requires a single file with PEM encoded certificates.
https://developer.gnome.org/gio/2.32/GTlsFileDatabase.html#g-tls-file-database-new
Like the default database: /etc/ssl/certs/ca-certificates.crt
> @@ +2251,3 @@
> *
> * Close and free @conn.
> + *
>
> Please get rid of all these useless whitespace changes :)
i have a deja vu here :-). we should get rid of those white spaces at some
point.
--
Configure bugmail: https://bugzilla.gnome.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.
More information about the gstreamer-bugs
mailing list