Update IDF to e5b2c1c (#865)

* Update BLE Library * Fix SD driver * Update toolchain * Update IDF to e5b2c1c
2025-07-03 13:56:32 +02:00 · 2017-11-23 23:26:53 +01:00
parent a3a9dd3af9
commit 81a9c45a1e
119 changed files with 1185 additions and 449 deletions
--- a/tools/sdk/include/openssl/openssl/ssl.h
+++ b/tools/sdk/include/openssl/openssl/ssl.h
@ -26,6 +26,14 @@
 {
 */

+#define SSL_CB_ALERT 0x4000
+
+#define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT		(1 << 0)
+#define X509_CHECK_FLAG_NO_WILDCARDS			(1 << 1)
+#define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS		(1 << 2)
+#define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS		(1 << 3)
+#define X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS		(1 << 4)
+
 /**
 * @brief create a SSL context
 *
@ -145,6 +153,18 @@ int SSL_shutdown(SSL *ssl);
 */
 int SSL_set_fd(SSL *ssl, int fd);

+/**
+ * @brief Set the hostname for SNI
+ *
+ * @param ssl - the SSL context point
+ * @param hostname  - pointer to the hostname
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_set_tlsext_host_name(SSL* ssl, const char *hostname);
+
 /**
 * @brief These functions load the private key into the SSL_CTX or SSL object
 *
@ -1511,6 +1531,53 @@ long SSL_get_timeout(const SSL *ssl);
 */
 int SSL_get_verify_mode(const SSL *ssl);

+/**
+ * @brief get SSL verify parameters
+ *
+ * @param ssl - SSL point
+ *
+ * @return verify parameters
+ */
+X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl);
+
+/**
+ * @brief set expected hostname the peer cert CN should have
+ *
+ * @param param - verify parameters from SSL_get0_param()
+ *
+ * @param name - the expected hostname
+ *
+ * @param namelen - the length of the hostname, or 0 if NUL terminated
+ *
+ * @return verify parameters
+ */
+int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                const char *name, size_t namelen);
+
+/**
+ * @brief set parameters for X509 host verify action
+ *
+ * @param param -verify parameters from SSL_get0_param()
+ *
+ * @param flags - bitfield of X509_CHECK_FLAG_... parameters to set
+ *
+ * @return 1 for success, 0 for failure
+ */
+int X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                    unsigned long flags);
+
+/**
+ * @brief clear parameters for X509 host verify action
+ *
+ * @param param -verify parameters from SSL_get0_param()
+ *
+ * @param flags - bitfield of X509_CHECK_FLAG_... parameters to clear
+ *
+ * @return 1 for success, 0 for failure
+ */
+int X509_VERIFY_PARAM_clear_hostflags(X509_VERIFY_PARAM *param,
+                      unsigned long flags);
+
 /**
 * @brief get SSL write only IO handle
 *