Update IDF to e5b2c1c (#865)

* Update BLE Library * Fix SD driver * Update toolchain * Update IDF to e5b2c1c
2025-06-29 20:10:59 +02:00 · 2017-11-23 23:26:53 +01:00
parent a3a9dd3af9
commit 81a9c45a1e
119 changed files with 1185 additions and 449 deletions
--- a/tools/sdk/include/openssl/internal/ssl_methods.h
+++ b/tools/sdk/include/openssl/internal/ssl_methods.h
@ -28,7 +28,7 @@
                    new, free, \
                    handshake, shutdown, clear, \
                    read, send, pending, \
-                    set_fd, get_fd, \
+                    set_fd, set_hostname, get_fd,	\
                    set_bufflen, \
                    get_verify_result, \
                    get_state) \
@ -42,6 +42,7 @@
                send, \
                pending, \
                set_fd, \
+		set_hostname, \
                get_fd, \
                set_bufflen, \
                get_verify_result, \
--- a/tools/sdk/include/openssl/internal/ssl_types.h
+++ b/tools/sdk/include/openssl/internal/ssl_types.h
@ -81,6 +81,9 @@ typedef struct x509_method_st X509_METHOD;
 struct pkey_method_st;
 typedef struct pkey_method_st PKEY_METHOD;

+struct ssl_alpn_st;
+typedef struct ssl_alpn_st SSL_ALPN;
+
 struct stack_st {

    char **data;
@ -144,6 +147,16 @@ struct X509_VERIFY_PARAM_st {

 };

+typedef enum { ALPN_INIT, ALPN_ENABLE, ALPN_DISABLE, ALPN_ERROR } ALPN_STATUS;
+struct ssl_alpn_st {
+     ALPN_STATUS alpn_status;
+     /* This is dynamically allocated */
+     char *alpn_string;
+     /* This only points to the members in the string */
+#define ALPN_LIST_MAX 10
+     const char *alpn_list[ALPN_LIST_MAX];
+};
+
 struct ssl_ctx_st
 {
    int version;
@ -152,9 +165,7 @@ struct ssl_ctx_st

    unsigned long options;

-    #if 0
-        struct alpn_protocols alpn_protocol;
-    #endif
+    SSL_ALPN ssl_alpn;

    const SSL_METHOD *method;

@ -248,6 +259,8 @@ struct ssl_method_func_st {

    void (*ssl_set_fd)(SSL *ssl, int fd, int mode);

+    void (*ssl_set_hostname)(SSL *ssl, const char *hostname);
+
    int (*ssl_get_fd)(const SSL *ssl, int mode);

    void (*ssl_set_bufflen)(SSL *ssl, int len);
@ -277,6 +290,7 @@ struct pkey_method_st {
    int (*pkey_load)(EVP_PKEY *pkey, const unsigned char *buf, int len);
 };

+
 typedef int (*next_proto_cb)(SSL *ssl, unsigned char **out,
                             unsigned char *outlen, const unsigned char *in,
                             unsigned int inlen, void *arg);
--- a/tools/sdk/include/openssl/openssl/ssl.h
+++ b/tools/sdk/include/openssl/openssl/ssl.h
@ -26,6 +26,14 @@
 {
 */

+#define SSL_CB_ALERT 0x4000
+
+#define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT		(1 << 0)
+#define X509_CHECK_FLAG_NO_WILDCARDS			(1 << 1)
+#define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS		(1 << 2)
+#define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS		(1 << 3)
+#define X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS		(1 << 4)
+
 /**
 * @brief create a SSL context
 *
@ -145,6 +153,18 @@ int SSL_shutdown(SSL *ssl);
 */
 int SSL_set_fd(SSL *ssl, int fd);

+/**
+ * @brief Set the hostname for SNI
+ *
+ * @param ssl - the SSL context point
+ * @param hostname  - pointer to the hostname
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_set_tlsext_host_name(SSL* ssl, const char *hostname);
+
 /**
 * @brief These functions load the private key into the SSL_CTX or SSL object
 *
@ -1511,6 +1531,53 @@ long SSL_get_timeout(const SSL *ssl);
 */
 int SSL_get_verify_mode(const SSL *ssl);

+/**
+ * @brief get SSL verify parameters
+ *
+ * @param ssl - SSL point
+ *
+ * @return verify parameters
+ */
+X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl);
+
+/**
+ * @brief set expected hostname the peer cert CN should have
+ *
+ * @param param - verify parameters from SSL_get0_param()
+ *
+ * @param name - the expected hostname
+ *
+ * @param namelen - the length of the hostname, or 0 if NUL terminated
+ *
+ * @return verify parameters
+ */
+int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                const char *name, size_t namelen);
+
+/**
+ * @brief set parameters for X509 host verify action
+ *
+ * @param param -verify parameters from SSL_get0_param()
+ *
+ * @param flags - bitfield of X509_CHECK_FLAG_... parameters to set
+ *
+ * @return 1 for success, 0 for failure
+ */
+int X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                    unsigned long flags);
+
+/**
+ * @brief clear parameters for X509 host verify action
+ *
+ * @param param -verify parameters from SSL_get0_param()
+ *
+ * @param flags - bitfield of X509_CHECK_FLAG_... parameters to clear
+ *
+ * @return 1 for success, 0 for failure
+ */
+int X509_VERIFY_PARAM_clear_hostflags(X509_VERIFY_PARAM *param,
+                      unsigned long flags);
+
 /**
 * @brief get SSL write only IO handle
 *
--- a/tools/sdk/include/openssl/platform/ssl_pm.h
+++ b/tools/sdk/include/openssl/platform/ssl_pm.h
@ -39,6 +39,8 @@ int ssl_pm_pending(const SSL *ssl);
 void ssl_pm_set_fd(SSL *ssl, int fd, int mode);
 int ssl_pm_get_fd(const SSL *ssl, int mode);

+void ssl_pm_set_hostname(SSL *ssl, const char *hostname);
+
 OSSL_HANDSHAKE_STATE ssl_pm_get_state(const SSL *ssl);

 void ssl_pm_set_bufflen(SSL *ssl, int len);