As suggested in [the SSL_get_error manpage][1]. Upgrade the message to a
warning if the errno isn't 0 (success). The latter apparently means the
transport encountered an EOF (shutdown) without the shut down handshake
on the (D)TLS level. This happens quite often for otherwise normal DTLS
connections.
[1]: https://www.openssl.org/docs/man1.1.1/man3/SSL_get_error.html
Print out all errors from the OpenSSL error queue instead of just
looking at the topmost error. Using the callback interface also removes
the need for formatting using a buffer on the stack.
By removing the indirection to the main loop completely when receiving
the peer certificate. For reference, the on-decoder-key signal does not
have a redirection.
For pre-1.1.x openssl, a callback to set the thread id needs to be
provided to openssl. In 0.9.x the thread id was an unsigned long. In
1.0.x it was expanded to be able to hold a void*. Here we change to use
the 1.0.x API so that the thread id can always hold a GThread*, even on
platforms like msvc x64 where unsigned long is only 32 bits.
All of this is still #ifdef'd out of existence when building with
openssl 1.1.x or later which changed the thread API again, and does not
need a thread id callback.
https://bugzilla.gnome.org/show_bug.cgi?id=775292
- DTLSv1_method() is deprecated, and since 1.0.2 replaced by
DTLS_method().
- CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() are
no-ops (empty macros) since 1.1 and are not supposed to be used
anymore.
gstdtlsagent.c: In function ‘gst_dtls_agent_init’:
gstdtlsagent.c:173:3: error: ‘DTLSv1_method’ is deprecated [-Werror=deprecated-declarations]
priv->ssl_context = SSL_CTX_new (DTLSv1_method ());
^~~~
In file included from /usr/include/openssl/ct.h:13:0,
from /usr/include/openssl/ssl.h:61,
from gstdtlsagent.c:40:
/usr/include/openssl/ssl.h:1614:1: note: declared here
DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_method(void)) /* DTLSv1.0 */
^
At top level:
gstdtlsagent.c:103:1: error: ‘ssl_thread_id_function’ defined but not used [-Werror=unused-function]
ssl_thread_id_function (void)
^~~~~~~~~~~~~~~~~~~~~~
gstdtlsagent.c:73:1: error: ‘ssl_locking_function’ defined but not used [-Werror=unused-function]
ssl_locking_function (gint mode, gint lock_num, const gchar * file, gint line)
^~~~~~~~~~~~~~~~~~~~
Changes are:
- Use the wrapper functions to access opaque data types. To preserve
backward compatibility, define fallback definitions
- Remove the use of idiom "pqueue_size(ssl->d1->sent_messages)", since
there is no replacement
- Use RSA_generate_key_ex instead of the deprecated RSA_generate_key
https://bugzilla.gnome.org/show_bug.cgi?id=773540
https://github.com/mesonbuild/meson
With contributions from:
Tim-Philipp Müller <tim@centricular.com>
Matej Knopp <matej.knopp@gmail.com>
Jussi Pakkanen <jpakkane@gmail.com> (original port)
Highlights of the features provided are:
* Faster builds on Linux (~40-50% faster)
* The ability to build with MSVC on Windows
* Generate Visual Studio project files
* Generate XCode project files
* Much faster builds on Windows (on-par with Linux)
* Seriously fast configure and building on embedded
... and many more. For more details see:
http://blog.nirbheek.in/2016/05/gstreamer-and-meson-new-hope.htmlhttp://blog.nirbheek.in/2016/07/building-and-developing-gstreamer-using.html
Building with Meson should work on both Linux and Windows, but may
need a few more tweaks on other operating systems.
No need to ref/unref the connection every time we push something on the pool.
However we have to provide non-NULL data to the pool, so let's just give it
some coffee.
This way we will share threads with other DTLS connections if possible, and
don't have to start/stop threads for timeouts if there are many to be handled
in a short period of time.
Also use the system clock and async waiting on it for scheduling the timeouts.