Links2004/arduinoWebSockets
1
0
Fork 1
mirror of https://github.com/Links2004/arduinoWebSockets.git synced 2025-07-14 15:56:30 +02:00
Code Issues Packages Projects Releases Wiki Activity

verify ssl certificate fingerprint

Browse Source
This commit is contained in:
Chris Hinze
2015-12-24 04:47:11 +01:00
parent 24eb13cf44
commit 73680279f5
3 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/WebSockets.h
View File

@ -118,6 +118,7 @@ typedef struct {
#if (WEBSOCKETS_NETWORK_TYPE == NETWORK_ESP8266)
bool isSSL; ///< run in ssl mode
WiFiClientSecure * ssl;
const char * fingerprint;
#endif
String cUrl; ///< http url

19
src/WebSocketsClient.cpp
View File

@ -47,6 +47,7 @@ void WebSocketsClient::begin(const char *host, uint16_t port, const char * url)
#if (WEBSOCKETS_NETWORK_TYPE == NETWORK_ESP8266)
_client.isSSL = false;
_client.ssl = NULL;
_client.fingerprint = NULL;
#endif
_client.cUrl = url;
_client.cCode = 0;
@ -79,6 +80,17 @@ void WebSocketsClient::beginSSL(const char *host, uint16_t port, const char * ur
void WebSocketsClient::beginSSL(String host, uint16_t port, String url) {
beginSSL(host.c_str(), port, url.c_str());
}
void WebSocketsClient::beginSSL(const char *host, uint16_t port, const char * url, const char * fingerprint) {
begin(host, port, url);
_client.isSSL = true;
_client.fingerprint = fingerprint;
}
void WebSocketsClient::beginSSL(String host, uint16_t port, String url, const char * fingerprint) {
beginSSL(host.c_str(), port, url.c_str());
_client.fingerprint = fingerprint;
}
#endif
/**
@ -124,6 +136,13 @@ void WebSocketsClient::loop(void) {
#if (WEBSOCKETS_NETWORK_TYPE == NETWORK_ESP8266)
_client.tcp->setNoDelay(true);
if (_client.isSSL && _client.fingerprint != NULL) {
if (!(((WiFiClientSecure*)_client.tcp)->verify(_client.fingerprint, _host.c_str()))) {
DEBUG_WEBSOCKETS("[WS-Client] certificate mismatch\n");
return;
}
}
#endif
// send Header to Server

2
src/WebSocketsClient.h
View File

@ -42,6 +42,8 @@ class WebSocketsClient: private WebSockets {
#if (WEBSOCKETS_NETWORK_TYPE == NETWORK_ESP8266)
void beginSSL(const char *host, uint16_t port, const char * url = "/");
void beginSSL(String host, uint16_t port, String url = "/");
void beginSSL(const char *host, uint16_t port, const char * url, const char * fingerprint);
void beginSSL(String host, uint16_t port, String url, const char * fingerprint);
#endif
void loop(void);