Home Explore Help
Register Sign In
Apq
/
obs-studio
mirror of https://github.com/obsproject/obs-studio.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

obs-outputs: Add additional paths for root certificates on Linux

Fixes https://github.com/obsproject/obs-studio/issues/2350. Also adds
some log file output for when the root certificates can't be loaded to
make it more obvious what the problem is.
Richard Stanway 5 years ago
parent
2b131d212f
commit
d1159087f1
1 changed files with 11 additions and 0 deletions
Split View Show Diff Stats
  1. 11 0
      plugins/obs-outputs/librtmp/rtmp.c

+ 11 - 0
plugins/obs-outputs/librtmp/rtmp.c
View File 

@@ -344,14 +344,25 @@ RTMP_TLS_LoadCerts(RTMP *r) {
 
     CFRelease(keychain_ref);
 
 #elif defined(__linux__)
 
     if (mbedtls_x509_crt_parse_path(chain, "/etc/ssl/certs/") < 0) {
 
+        RTMP_Log(RTMP_LOGERROR, "mbedtls_x509_crt_parse_path: Couldn't parse "
 
+            "/etc/ssl/certs");
 
         goto error;
 
     }
 
+
 
+    // mbedtls_x509_crt_parse_path ignores symlinks which causes an issue on
 
+    // some distributions. try parsing the most common CA bundles directly
 
+    // to work around this (we don't care if it fails)
 
+    mbedtls_x509_crt_parse_file(chain, "/etc/ssl/certs/ca-bundle.crt");
 
+    mbedtls_x509_crt_parse_file(chain, "/etc/ssl/certs/ca-certificates.crt");
 
 #endif
 
 
     mbedtls_ssl_conf_ca_chain(&r->RTMP_TLS_ctx->conf, chain, NULL);
 
     return;
 
 
 error:
 
+    RTMP_Log(RTMP_LOGERROR, "RTMP_TLS_LoadCerts: Failed to load "
 
+        "root certificate chains, RTMPS connections will likely "
 
+        "fail");
 
     mbedtls_x509_crt_free(chain);
 
     free(chain);
 
     r->RTMP_TLS_ctx->cacert = NULL;