espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-12-04 08:09:56 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'features/http2_demo' into 'master'

Browse Source 
HTTP2 Client Demo

See merge request !1475
This commit is contained in:
Ivan Grokhotkov
2017-11-15 14:51:51 +08:00
parent 21d95eae2d 3ace8416b5
commit c6d25dd9cc
17 changed files with 1211 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
components/openssl/include/internal/ssl_methods.h
View File

@@ -28,7 +28,7 @@
new, free, \
handshake, shutdown, clear, \
read, send, pending, \
set_fd, get_fd, \
set_fd, set_hostname, get_fd, \
set_bufflen, \
get_verify_result, \
get_state) \
@@ -42,6 +42,7 @@
send, \
pending, \
set_fd, \
set_hostname, \
get_fd, \
set_bufflen, \
get_verify_result, \

20
components/openssl/include/internal/ssl_types.h
View File

@@ -81,6 +81,9 @@ typedef struct x509_method_st X509_METHOD;
struct pkey_method_st;
typedef struct pkey_method_st PKEY_METHOD;
struct ssl_alpn_st;
typedef struct ssl_alpn_st SSL_ALPN;
struct stack_st {
char **data;
@@ -144,6 +147,16 @@ struct X509_VERIFY_PARAM_st {
};
typedef enum { ALPN_INIT, ALPN_ENABLE, ALPN_DISABLE, ALPN_ERROR } ALPN_STATUS;
struct ssl_alpn_st {
ALPN_STATUS alpn_status;
/* This is dynamically allocated */
char *alpn_string;
/* This only points to the members in the string */
#define ALPN_LIST_MAX 10
const char *alpn_list[ALPN_LIST_MAX];
};
struct ssl_ctx_st
{
int version;
@@ -152,9 +165,7 @@ struct ssl_ctx_st
unsigned long options;
#if 0
struct alpn_protocols alpn_protocol;
#endif
SSL_ALPN ssl_alpn;
const SSL_METHOD *method;
@@ -248,6 +259,8 @@ struct ssl_method_func_st {
void (*ssl_set_fd)(SSL *ssl, int fd, int mode);
void (*ssl_set_hostname)(SSL *ssl, const char *hostname);
int (*ssl_get_fd)(const SSL *ssl, int mode);
void (*ssl_set_bufflen)(SSL *ssl, int len);
@@ -277,6 +290,7 @@ struct pkey_method_st {
int (*pkey_load)(EVP_PKEY *pkey, const unsigned char *buf, int len);
};
typedef int (*next_proto_cb)(SSL *ssl, unsigned char **out,
unsigned char *outlen, const unsigned char *in,
unsigned int inlen, void *arg);

12
components/openssl/include/openssl/ssl.h
View File

@@ -145,6 +145,18 @@ int SSL_shutdown(SSL *ssl);
*/
int SSL_set_fd(SSL *ssl, int fd);
/**
* @brief Set the hostname for SNI
*
* @param ssl - the SSL context point
* @param hostname - pointer to the hostname
*
* @return result
* 1 : OK
* 0 : failed
*/
int SSL_set_tlsext_host_name(SSL* ssl, const char *hostname);
/**
* @brief These functions load the private key into the SSL_CTX or SSL object
*

2
components/openssl/include/platform/ssl_pm.h
View File

@@ -39,6 +39,8 @@ int ssl_pm_pending(const SSL *ssl);
void ssl_pm_set_fd(SSL *ssl, int fd, int mode);
int ssl_pm_get_fd(const SSL *ssl, int mode);
void ssl_pm_set_hostname(SSL *ssl, const char *hostname);
OSSL_HANDSHAKE_STATE ssl_pm_get_state(const SSL *ssl);
void ssl_pm_set_bufflen(SSL *ssl, int len);

53
components/openssl/library/ssl_lib.c
View File

@@ -224,6 +224,10 @@ void SSL_CTX_free(SSL_CTX* ctx)
X509_free(ctx->client_CA);
if (ctx->ssl_alpn.alpn_string) {
ssl_mem_free((void *)ctx->ssl_alpn.alpn_string);
}
ssl_mem_free(ctx);
}
@@ -730,6 +734,19 @@ int SSL_set_wfd(SSL *ssl, int fd)
return 1;
}
/**
* @brief SET TLS Hostname
*/
int SSL_set_tlsext_host_name(SSL* ssl, const char *hostname)
{
SSL_ASSERT1(ssl);
SSL_ASSERT1(hostname);
SSL_METHOD_CALL(set_hostname, ssl, hostname);
return 1;
}
/**
* @brief get SSL version
*/
@@ -1554,3 +1571,39 @@ void SSL_set_verify(SSL *ssl, int mode, int (*verify_callback)(int, X509_STORE_C
ssl->verify_mode = mode;
ssl->verify_callback = verify_callback;
}
/**
* @brief set the ALPN protocols in the preferred order. SSL APIs require the
* protocols in a <length><value><length2><value2> format. mbedtls doesn't need
* that though. We sanitize that here itself. So convert from:
* "\x02h2\x06spdy/1" to { {"h2"}, {"spdy/1}, {NULL}}
*/
int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos, unsigned protos_len)
{
ctx->ssl_alpn.alpn_string = ssl_mem_zalloc(protos_len + 1);
if (! ctx->ssl_alpn.alpn_string) {
return 1;
}
ctx->ssl_alpn.alpn_status = ALPN_ENABLE;
memcpy(ctx->ssl_alpn.alpn_string, protos, protos_len);
char *ptr = ctx->ssl_alpn.alpn_string;
int i;
/* Only running to 1 less than the actual size */
for (i = 0; i < ALPN_LIST_MAX - 1; i++) {
char len = *ptr;
*ptr = '\0'; // Overwrite the length to act as previous element's string terminator
ptr++;
protos_len--;
ctx->ssl_alpn.alpn_list[i] = ptr;
ptr += len;
protos_len -= len;
if (! protos_len) {
i++;
break;
}
}
ctx->ssl_alpn.alpn_list[i] = NULL;
return 0;
}

2
components/openssl/library/ssl_methods.c
View File

@@ -22,7 +22,7 @@ IMPLEMENT_TLS_METHOD_FUNC(TLS_method_func,
ssl_pm_new, ssl_pm_free,
ssl_pm_handshake, ssl_pm_shutdown, ssl_pm_clear,
ssl_pm_read, ssl_pm_send, ssl_pm_pending,
ssl_pm_set_fd, ssl_pm_get_fd,
ssl_pm_set_fd, ssl_pm_set_hostname, ssl_pm_get_fd,
ssl_pm_set_bufflen,
ssl_pm_get_verify_result,
ssl_pm_get_state);

10
components/openssl/platform/ssl_pm.c
View File

@@ -153,6 +153,9 @@ int ssl_pm_new(SSL *ssl)
mbedtls_ssl_conf_min_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0);
}
if (ssl->ctx->ssl_alpn.alpn_status == ALPN_ENABLE) {
mbedtls_ssl_conf_alpn_protocols( &ssl_pm->conf, ssl->ctx->ssl_alpn.alpn_list );
}
mbedtls_ssl_conf_rng(&ssl_pm->conf, mbedtls_ctr_drbg_random, &ssl_pm->ctr_drbg);
#ifdef CONFIG_OPENSSL_LOWLEVEL_DEBUG
@@ -364,6 +367,13 @@ void ssl_pm_set_fd(SSL *ssl, int fd, int mode)
ssl_pm->fd.fd = fd;
}
void ssl_pm_set_hostname(SSL *ssl, const char *hostname)
{
struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm;
mbedtls_ssl_set_hostname(&ssl_pm->ssl, hostname);
}
int ssl_pm_get_fd(const SSL *ssl, int mode)
{
struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm;