tcp_transport: added functionality for using ALPN with SSL

Closes IDF-1160
2019-11-13 10:36:24 +08:00 · 2019-11-13 10:36:24 +08:00 · ed85046138
commit ed85046138
--- a/components/esp-tls/esp_tls_mbedtls.c
+++ b/components/esp-tls/esp_tls_mbedtls.c
@ -389,15 +389,19 @@ esp_err_t set_client_config(const char *hostname, size_t hostlen, esp_tls_cfg_t
        return ESP_ERR_MBEDTLS_SSL_CONFIG_DEFAULTS_FAILED;
    }

-#ifdef CONFIG_MBEDTLS_SSL_ALPN
+
    if (cfg->alpn_protos) {
+#ifdef CONFIG_MBEDTLS_SSL_ALPN
        if ((ret = mbedtls_ssl_conf_alpn_protocols(&tls->conf, cfg->alpn_protos) != 0)) {
            ESP_LOGE(TAG, "mbedtls_ssl_conf_alpn_protocols returned -0x%x", -ret);
            ESP_INT_EVENT_TRACKER_CAPTURE(tls->error_handle, ERR_TYPE_MBEDTLS, -ret);
            return ESP_ERR_MBEDTLS_SSL_CONF_ALPN_PROTOCOLS_FAILED;
        }
-    }
+#else
+        ESP_LOGE(TAG, "alpn_protos configured but not enabled in menuconfig: Please enable MBEDTLS_SSL_ALPN option");
+        return ESP_ERR_INVALID_STATE;
 #endif
+    }
    if (cfg->use_global_ca_store == true) {
        esp_err_t esp_ret = set_global_ca_store(tls);
        if (esp_ret != ESP_OK) {
--- a/components/tcp_transport/include/esp_transport_ssl.h
+++ b/components/tcp_transport/include/esp_transport_ssl.h
@ -103,6 +103,16 @@ void esp_transport_ssl_set_client_key_data(esp_transport_handle_t t, const char
 */
 void esp_transport_ssl_set_client_key_data_der(esp_transport_handle_t t, const char *data, int len);

+/**
+ * @brief      Set the list of supported application protocols to be used with ALPN.
+ *             Note that, this function stores the pointer to data, rather than making a copy.
+ *             So this data must remain valid until after the connection is cleaned up
+ *
+ * @param      t            ssl transport
+ * @param[in]  alpn_porot   The list of ALPN protocols, the last entry must be NULL
+ */
+void esp_transport_ssl_set_alpn_protocol(esp_transport_handle_t t, const char **alpn_protos);
+
 /**
 * @brief      Skip validation of certificate's common name field
 *
--- a/components/tcp_transport/transport_ssl.c
+++ b/components/tcp_transport/transport_ssl.c
@ -256,6 +256,14 @@ void esp_transport_ssl_set_client_key_data_der(esp_transport_handle_t t, const c
    }
 }

+void esp_transport_ssl_set_alpn_protocol(esp_transport_handle_t t, const char **alpn_protos)
+{
+    transport_ssl_t *ssl = esp_transport_get_context_data(t);
+    if (t && ssl) {
+        ssl->cfg.alpn_protos = alpn_protos;
+    }
+}
+
 void esp_transport_ssl_skip_common_name_check(esp_transport_handle_t t)
 {
    transport_ssl_t *ssl = esp_transport_get_context_data(t);