From ed8504613811b9667141fb81e169295b1565e3ed Mon Sep 17 00:00:00 2001
From: Marius Vikhammer <marius.vikhammer@espressif.com>
Date: Wed, 13 Nov 2019 10:36:24 +0800
Subject: [PATCH] tcp_transport: added functionality for using ALPN with SSL

Closes IDF-1160
---
 components/esp-tls/esp_tls_mbedtls.c                 |  8 ++++++--
 components/tcp_transport/include/esp_transport_ssl.h | 10 ++++++++++
 components/tcp_transport/transport_ssl.c             |  8 ++++++++
 3 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/components/esp-tls/esp_tls_mbedtls.c b/components/esp-tls/esp_tls_mbedtls.c
index 823fa6dbfa..243d97be4b 100644
--- a/components/esp-tls/esp_tls_mbedtls.c
+++ b/components/esp-tls/esp_tls_mbedtls.c
@@ -389,15 +389,19 @@ esp_err_t set_client_config(const char *hostname, size_t hostlen, esp_tls_cfg_t
         return ESP_ERR_MBEDTLS_SSL_CONFIG_DEFAULTS_FAILED;
     }
 
-#ifdef CONFIG_MBEDTLS_SSL_ALPN
+
     if (cfg->alpn_protos) {
+#ifdef CONFIG_MBEDTLS_SSL_ALPN
         if ((ret = mbedtls_ssl_conf_alpn_protocols(&tls->conf, cfg->alpn_protos) != 0)) {
             ESP_LOGE(TAG, "mbedtls_ssl_conf_alpn_protocols returned -0x%x", -ret);
             ESP_INT_EVENT_TRACKER_CAPTURE(tls->error_handle, ERR_TYPE_MBEDTLS, -ret);
             return ESP_ERR_MBEDTLS_SSL_CONF_ALPN_PROTOCOLS_FAILED;
         }
-    }
+#else
+        ESP_LOGE(TAG, "alpn_protos configured but not enabled in menuconfig: Please enable MBEDTLS_SSL_ALPN option");
+        return ESP_ERR_INVALID_STATE;
 #endif
+    }
     if (cfg->use_global_ca_store == true) {
         esp_err_t esp_ret = set_global_ca_store(tls);
         if (esp_ret != ESP_OK) {
diff --git a/components/tcp_transport/include/esp_transport_ssl.h b/components/tcp_transport/include/esp_transport_ssl.h
index a83e93882d..7398dbc4f3 100644
--- a/components/tcp_transport/include/esp_transport_ssl.h
+++ b/components/tcp_transport/include/esp_transport_ssl.h
@@ -103,6 +103,16 @@ void esp_transport_ssl_set_client_key_data(esp_transport_handle_t t, const char
  */
 void esp_transport_ssl_set_client_key_data_der(esp_transport_handle_t t, const char *data, int len);
 
+/**
+ * @brief      Set the list of supported application protocols to be used with ALPN.
+ *             Note that, this function stores the pointer to data, rather than making a copy.
+ *             So this data must remain valid until after the connection is cleaned up
+ *
+ * @param      t            ssl transport
+ * @param[in]  alpn_porot   The list of ALPN protocols, the last entry must be NULL
+ */
+void esp_transport_ssl_set_alpn_protocol(esp_transport_handle_t t, const char **alpn_protos);
+
 /**
  * @brief      Skip validation of certificate's common name field
  *
diff --git a/components/tcp_transport/transport_ssl.c b/components/tcp_transport/transport_ssl.c
index b92c21157c..7ed75a0cd1 100644
--- a/components/tcp_transport/transport_ssl.c
+++ b/components/tcp_transport/transport_ssl.c
@@ -256,6 +256,14 @@ void esp_transport_ssl_set_client_key_data_der(esp_transport_handle_t t, const c
     }
 }
 
+void esp_transport_ssl_set_alpn_protocol(esp_transport_handle_t t, const char **alpn_protos)
+{
+    transport_ssl_t *ssl = esp_transport_get_context_data(t);
+    if (t && ssl) {
+        ssl->cfg.alpn_protos = alpn_protos;
+    }
+}
+
 void esp_transport_ssl_skip_common_name_check(esp_transport_handle_t t)
 {
     transport_ssl_t *ssl = esp_transport_get_context_data(t);