Merge pull request #1154 from dmllr/master

paullouisageneau · web-flow · commit 5064b0bf7f09 · 2024-04-11T22:27:48.000+02:00
Fix MbedTLS usage bugs and allow cmake to use imported mbedtls library
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -342,7 +342,9 @@ else()
 		target_link_libraries(datachannel PRIVATE libSRTP::srtp2)
 		target_link_libraries(datachannel-static PRIVATE libSRTP::srtp2)
 	else()
-		add_subdirectory(deps/libsrtp EXCLUDE_FROM_ALL)
+		if(NOT TARGET srtp2)
+			add_subdirectory(deps/libsrtp EXCLUDE_FROM_ALL)
+		endif()
 		target_compile_definitions(datachannel PRIVATE RTC_SYSTEM_SRTP=0)
 		target_compile_definitions(datachannel-static PRIVATE RTC_SYSTEM_SRTP=0)
 		target_link_libraries(datachannel PRIVATE srtp2)
@@ -371,7 +373,9 @@ if (USE_GNUTLS)
 		target_link_libraries(datachannel-static PRIVATE Nettle::Nettle)
 	endif()
 elseif(USE_MBEDTLS)
-	find_package(MbedTLS 3 REQUIRED)
+	if(NOT TARGET MbedTLS::MbedTLS)
+		find_package(MbedTLS 3 REQUIRED)
+	endif()
 	target_compile_definitions(datachannel PRIVATE USE_MBEDTLS=1)
 	target_compile_definitions(datachannel-static PRIVATE USE_MBEDTLS=1)
 	target_link_libraries(datachannel PRIVATE MbedTLS::MbedTLS)
diff --git a/examples/streamer/h264fileparser.cpp b/examples/streamer/h264fileparser.cpp
@@ -50,8 +50,8 @@ void H264FileParser::loadNextSample() {
     }
 }
 
-vector<byte> H264FileParser::initialNALUS() {
-    vector<byte> units{};
+vector<std::byte> H264FileParser::initialNALUS() {
+    vector<std::byte> units{};
     if (previousUnitType7.has_value()) {
         auto nalu = previousUnitType7.value();
         units.insert(units.end(), nalu.begin(), nalu.end());
diff --git a/src/impl/tls.cpp b/src/impl/tls.cpp
@@ -101,7 +101,7 @@ bool check(int ret, const string &message) {
 	if (ret < 0) {
 		if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ||
 		    ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS || ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ||
-		    ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY)
+		    ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY || ret == MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET)
 			return false;
 
 		const size_t bufferSize = 1024;
diff --git a/src/impl/tlstransport.cpp b/src/impl/tlstransport.cpp
@@ -323,6 +323,7 @@ TlsTransport::TlsTransport(variant<shared_ptr<TcpTransport>, shared_ptr<HttpProx
 
 	PLOG_DEBUG << "Initializing TLS transport (MbedTLS)";
 
+	psa_crypto_init();
 	mbedtls_entropy_init(&mEntropy);
 	mbedtls_ctr_drbg_init(&mDrbg);
 	mbedtls_ssl_init(&mSsl);
diff --git a/src/impl/verifiedtlstransport.cpp b/src/impl/verifiedtlstransport.cpp
@@ -36,7 +36,7 @@ VerifiedTlsTransport::VerifiedTlsTransport(
 				// *cacert is a PEM content
 				mbedtls::check(mbedtls_x509_crt_parse(
 				    &mCaCert, reinterpret_cast<const unsigned char *>(cacert->c_str()),
-				    cacert->size()));
+				    cacert->size() + 1));
 			}
 			mbedtls_ssl_conf_ca_chain(&mConf, &mCaCert, NULL);
 		}

Original file line number	Diff line number	Diff line change
`@@ -50,8 +50,8 @@ void H264FileParser::loadNextSample() {`
`50`	`50`	`}`
`51`	`51`	`}`
`52`	`52`
`53`		`-vector<byte> H264FileParser::initialNALUS() {`
`54`		`- vector<byte> units{};`
	`53`	`+vector<std::byte> H264FileParser::initialNALUS() {`
	`54`	`+ vector<std::byte> units{};`
`55`	`55`	`if (previousUnitType7.has_value()) {`
`56`	`56`	`auto nalu = previousUnitType7.value();`
`57`	`57`	`units.insert(units.end(), nalu.begin(), nalu.end());`
Original file line number	Diff line number	Diff line change
`@@ -36,7 +36,7 @@ VerifiedTlsTransport::VerifiedTlsTransport(`
`36`	`36`	`// *cacert is a PEM content`
`37`	`37`	`mbedtls::check(mbedtls_x509_crt_parse(`
`38`	`38`	`&mCaCert, reinterpret_cast<const unsigned char *>(cacert->c_str()),`
`39`		`- cacert->size()));`
	`39`	`+ cacert->size() + 1));`
`40`	`40`	`}`
`41`	`41`	`mbedtls_ssl_conf_ca_chain(&mConf, &mCaCert, NULL);`
`42`	`42`	`}`