Merge branch 'bugfix/openssl_server_example' into 'master'

Example 10_openssl_server should use TLSv1.2 instead of SSLv3; fixed corrupted HTTP Header * Merges github PR #214 https://github.com/espressif/esp-idf/pull/214 * Closes #333 https://github.com/espressif/esp-idf/issues/333 See merge request !501
2017-02-15 14:34:08 +08:00 · 2017-02-15 14:34:08 +08:00 · 34d0b0086e
commit 34d0b0086e
--- a/examples/protocols/openssl_server/main/openssl_server.c
+++ b/examples/protocols/openssl_server/main/openssl_server.c
@ -37,7 +37,7 @@ const static char *TAG = "Openssl_demo";

 #define OPENSSL_DEMO_SERVER_ACK "HTTP/1.1 200 OK\r\n" \
                                "Content-Type: text/html\r\n" \
-                                "Content-Length: 98\r\n" \
+                                "Content-Length: 98\r\n\r\n" \
                                "<html>\r\n" \
                                "<head>\r\n" \
                                "<title>OpenSSL demo</title></head><body>\r\n" \
@ -71,6 +71,10 @@ static void openssl_demo_thread(void *p)
    const unsigned int prvtkey_pem_bytes = prvtkey_pem_end - prvtkey_pem_start;   

    ESP_LOGI(TAG, "SSL server context create ......");
+    /* For security reasons, it is best if you can use
+       TLSv1_2_server_method() here instead of TLS_server_method().
+       However some old browsers may not support TLS v1.2.
+    */
    ctx = SSL_CTX_new(TLS_server_method());
    if (!ctx) {
        ESP_LOGI(TAG, "failed");