kopia lustrzana https://github.com/espressif/esp-idf
Merge branch 'refactor/esp_https_server_api_cleanup' into 'master'
esp_https_server: API cleanup Closes IDFGH-6540 See merge request espressif/esp-idf!17136pull/8430/head
commit
71e29053cf
|
@ -50,22 +50,18 @@ struct httpd_ssl_config {
|
|||
*/
|
||||
httpd_config_t httpd;
|
||||
|
||||
/** CA certificate (here it is treated as server cert)
|
||||
* Todo: Fix this change in release/v5.0 as it would be a breaking change
|
||||
* i.e. Rename the nomenclature of variables holding different certs in https_server component as well as example
|
||||
* 1)The cacert variable should hold the CA which is used to authenticate clients (should inherit current role of client_verify_cert_pem var)
|
||||
* 2)There should be another variable servercert which whould hold servers own certificate (should inherit current role of cacert var) */
|
||||
/** Server certificate */
|
||||
const uint8_t *servercert;
|
||||
|
||||
/** Server certificate byte length */
|
||||
size_t servercert_len;
|
||||
|
||||
/** CA certificate ((CA used to sign clients, or client cert itself) */
|
||||
const uint8_t *cacert_pem;
|
||||
|
||||
/** CA certificate byte length */
|
||||
size_t cacert_len;
|
||||
|
||||
/** Client verify authority certificate (CA used to sign clients, or client cert itself */
|
||||
const uint8_t *client_verify_cert_pem;
|
||||
|
||||
/** Client verify authority cert len */
|
||||
size_t client_verify_cert_len;
|
||||
|
||||
/** Private key */
|
||||
const uint8_t *prvtkey_pem;
|
||||
|
||||
|
@ -123,10 +119,10 @@ typedef struct httpd_ssl_config httpd_ssl_config_t;
|
|||
.close_fn = NULL, \
|
||||
.uri_match_fn = NULL \
|
||||
}, \
|
||||
.servercert = NULL, \
|
||||
.servercert_len = 0, \
|
||||
.cacert_pem = NULL, \
|
||||
.cacert_len = 0, \
|
||||
.client_verify_cert_pem = NULL, \
|
||||
.client_verify_cert_len = 0, \
|
||||
.prvtkey_pem = NULL, \
|
||||
.prvtkey_len = 0, \
|
||||
.transport_mode = HTTPD_SSL_TRANSPORT_SECURE, \
|
||||
|
|
|
@ -181,20 +181,20 @@ static httpd_ssl_ctx_t *create_secure_context(const struct httpd_ssl_config *con
|
|||
|
||||
ssl_ctx->tls_cfg = cfg;
|
||||
ssl_ctx->user_cb = config->user_cb;
|
||||
/* cacert = CA which signs client cert, or client cert itself , which is mapped to client_verify_cert_pem */
|
||||
if(config->client_verify_cert_pem != NULL) {
|
||||
cfg->cacert_buf = (unsigned char *)malloc(config->client_verify_cert_len);
|
||||
/* cacert = CA which signs client cert, or client cert itself */
|
||||
if(config->cacert_pem != NULL) {
|
||||
cfg->cacert_buf = (unsigned char *)malloc(config->cacert_len);
|
||||
if (!cfg->cacert_buf) {
|
||||
ESP_LOGE(TAG, "Could not allocate memory");
|
||||
free(cfg);
|
||||
free(ssl_ctx);
|
||||
return NULL;
|
||||
}
|
||||
memcpy((char *)cfg->cacert_buf, config->client_verify_cert_pem, config->client_verify_cert_len);
|
||||
cfg->cacert_bytes = config->client_verify_cert_len;
|
||||
memcpy((char *)cfg->cacert_buf, config->cacert_pem, config->cacert_len);
|
||||
cfg->cacert_bytes = config->cacert_len;
|
||||
}
|
||||
/* servercert = cert of server itself ( in our case it is mapped to cacert in https_server example) */
|
||||
cfg->servercert_buf = (unsigned char *)malloc(config->cacert_len);
|
||||
/* servercert = cert of server itself */
|
||||
cfg->servercert_buf = (unsigned char *)malloc(config->servercert_len);
|
||||
if (!cfg->servercert_buf) {
|
||||
ESP_LOGE(TAG, "Could not allocate memory");
|
||||
free((void *)cfg->cacert_buf);
|
||||
|
@ -202,8 +202,8 @@ static httpd_ssl_ctx_t *create_secure_context(const struct httpd_ssl_config *con
|
|||
free(ssl_ctx);
|
||||
return NULL;
|
||||
}
|
||||
memcpy((char *)cfg->servercert_buf, config->cacert_pem, config->cacert_len);
|
||||
cfg->servercert_bytes = config->cacert_len;
|
||||
memcpy((char *)cfg->servercert_buf, config->servercert, config->servercert_len);
|
||||
cfg->servercert_bytes = config->servercert_len;
|
||||
|
||||
cfg->serverkey_buf = (unsigned char *)malloc(config->prvtkey_len);
|
||||
if (!cfg->serverkey_buf) {
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
idf_component_register(SRCS "app_main.c" "esp_local_ctrl_service.c"
|
||||
INCLUDE_DIRS "."
|
||||
EMBED_TXTFILES "certs/cacert.pem" "certs/prvtkey.pem")
|
||||
EMBED_TXTFILES "certs/servercert.pem" "certs/prvtkey.pem")
|
||||
|
|
|
@ -162,10 +162,10 @@ void start_esp_local_ctrl_service(void)
|
|||
httpd_ssl_config_t https_conf = HTTPD_SSL_CONFIG_DEFAULT();
|
||||
|
||||
/* Load server certificate */
|
||||
extern const unsigned char cacert_pem_start[] asm("_binary_cacert_pem_start");
|
||||
extern const unsigned char cacert_pem_end[] asm("_binary_cacert_pem_end");
|
||||
https_conf.cacert_pem = cacert_pem_start;
|
||||
https_conf.cacert_len = cacert_pem_end - cacert_pem_start;
|
||||
extern const unsigned char servercert_start[] asm("_binary_servercert_pem_start");
|
||||
extern const unsigned char servercert_end[] asm("_binary_servercert_pem_end");
|
||||
https_conf.servercert = servercert_start;
|
||||
https_conf.servercert_len = servercert_end - servercert_start;
|
||||
|
||||
/* Load server private key */
|
||||
extern const unsigned char prvtkey_pem_start[] asm("_binary_prvtkey_pem_start");
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
idf_component_register(SRCS "main.c"
|
||||
INCLUDE_DIRS "."
|
||||
EMBED_TXTFILES "certs/cacert.pem"
|
||||
EMBED_TXTFILES "certs/servercert.pem"
|
||||
"certs/prvtkey.pem")
|
||||
|
|
|
@ -81,10 +81,10 @@ static httpd_handle_t start_webserver(void)
|
|||
|
||||
httpd_ssl_config_t conf = HTTPD_SSL_CONFIG_DEFAULT();
|
||||
|
||||
extern const unsigned char cacert_pem_start[] asm("_binary_cacert_pem_start");
|
||||
extern const unsigned char cacert_pem_end[] asm("_binary_cacert_pem_end");
|
||||
conf.cacert_pem = cacert_pem_start;
|
||||
conf.cacert_len = cacert_pem_end - cacert_pem_start;
|
||||
extern const unsigned char servercert_start[] asm("_binary_servercert_pem_start");
|
||||
extern const unsigned char servercert_end[] asm("_binary_servercert_pem_end");
|
||||
conf.servercert = servercert_start;
|
||||
conf.servercert_len = servercert_end - servercert_start;
|
||||
|
||||
extern const unsigned char prvtkey_pem_start[] asm("_binary_prvtkey_pem_start");
|
||||
extern const unsigned char prvtkey_pem_end[] asm("_binary_prvtkey_pem_end");
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
idf_component_register(SRCS "wss_server_example.c" "keep_alive.c"
|
||||
INCLUDE_DIRS "."
|
||||
EMBED_TXTFILES "certs/cacert.pem"
|
||||
EMBED_TXTFILES "certs/servercert.pem"
|
||||
"certs/prvtkey.pem")
|
||||
|
|
|
@ -182,10 +182,10 @@ static httpd_handle_t start_wss_echo_server(void)
|
|||
conf.httpd.open_fn = wss_open_fd;
|
||||
conf.httpd.close_fn = wss_close_fd;
|
||||
|
||||
extern const unsigned char cacert_pem_start[] asm("_binary_cacert_pem_start");
|
||||
extern const unsigned char cacert_pem_end[] asm("_binary_cacert_pem_end");
|
||||
conf.cacert_pem = cacert_pem_start;
|
||||
conf.cacert_len = cacert_pem_end - cacert_pem_start;
|
||||
extern const unsigned char servercert_start[] asm("_binary_servercert_pem_start");
|
||||
extern const unsigned char servercert_end[] asm("_binary_servercert_pem_end");
|
||||
conf.servercert = servercert_start;
|
||||
conf.servercert_len = servercert_end - servercert_start;
|
||||
|
||||
extern const unsigned char prvtkey_pem_start[] asm("_binary_prvtkey_pem_start");
|
||||
extern const unsigned char prvtkey_pem_end[] asm("_binary_prvtkey_pem_end");
|
||||
|
|
|
@ -1,18 +1,7 @@
|
|||
#!/usr/bin/env python
|
||||
#
|
||||
# Copyright 2021 Espressif Systems (Shanghai) CO LTD
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
# SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
from __future__ import division, print_function, unicode_literals
|
||||
|
||||
|
@ -140,7 +129,7 @@ def test_examples_protocol_https_wss_server(env, extra_data): # type: (tiny_tes
|
|||
Utility.console_log('Got IP : ' + got_ip)
|
||||
Utility.console_log('Got Port : ' + got_port)
|
||||
|
||||
ca_file = os.path.join(os.path.dirname(__file__), 'main', 'certs', 'cacert.pem')
|
||||
ca_file = os.path.join(os.path.dirname(__file__), 'main', 'certs', 'servercert.pem')
|
||||
# Start ws server test
|
||||
with WsClient(got_ip, int(got_port), ca_file) as ws:
|
||||
# Check for echo
|
||||
|
|
|
@ -2524,7 +2524,6 @@ examples/protocols/https_server/simple/main/main.c
|
|||
examples/protocols/https_server/wss_server/main/keep_alive.c
|
||||
examples/protocols/https_server/wss_server/main/keep_alive.h
|
||||
examples/protocols/https_server/wss_server/main/wss_server_example.c
|
||||
examples/protocols/https_server/wss_server/wss_server_example_test.py
|
||||
examples/protocols/https_x509_bundle/example_test.py
|
||||
examples/protocols/https_x509_bundle/main/https_x509_bundle_example_main.c
|
||||
examples/protocols/icmp_echo/example_test.py
|
||||
|
|
Ładowanie…
Reference in New Issue