espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-01 03:34:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

tcp_transport: added functionality for using ALPN with SSL

Browse Source 
Closes IDF-1160
This commit is contained in:
Marius Vikhammer
2019-11-13 10:36:24 +08:00
parent eca812249b
commit ed85046138
3 changed files with 24 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
components/esp-tls/esp_tls_mbedtls.c
View File

@@ -389,15 +389,19 @@ esp_err_t set_client_config(const char *hostname, size_t hostlen, esp_tls_cfg_t
return ESP_ERR_MBEDTLS_SSL_CONFIG_DEFAULTS_FAILED; return ESP_ERR_MBEDTLS_SSL_CONFIG_DEFAULTS_FAILED;
} }
#ifdef CONFIG_MBEDTLS_SSL_ALPN
if (cfg->alpn_protos) { if (cfg->alpn_protos) {
#ifdef CONFIG_MBEDTLS_SSL_ALPN
if ((ret = mbedtls_ssl_conf_alpn_protocols(&tls->conf, cfg->alpn_protos) != 0)) { if ((ret = mbedtls_ssl_conf_alpn_protocols(&tls->conf, cfg->alpn_protos) != 0)) {
ESP_LOGE(TAG, "mbedtls_ssl_conf_alpn_protocols returned -0x%x", -ret); ESP_LOGE(TAG, "mbedtls_ssl_conf_alpn_protocols returned -0x%x", -ret);
ESP_INT_EVENT_TRACKER_CAPTURE(tls->error_handle, ERR_TYPE_MBEDTLS, -ret); ESP_INT_EVENT_TRACKER_CAPTURE(tls->error_handle, ERR_TYPE_MBEDTLS, -ret);
return ESP_ERR_MBEDTLS_SSL_CONF_ALPN_PROTOCOLS_FAILED; return ESP_ERR_MBEDTLS_SSL_CONF_ALPN_PROTOCOLS_FAILED;
} }
} #else
ESP_LOGE(TAG, "alpn_protos configured but not enabled in menuconfig: Please enable MBEDTLS_SSL_ALPN option");
return ESP_ERR_INVALID_STATE;
#endif #endif
}
if (cfg->use_global_ca_store == true) { if (cfg->use_global_ca_store == true) {
esp_err_t esp_ret = set_global_ca_store(tls); esp_err_t esp_ret = set_global_ca_store(tls);
if (esp_ret != ESP_OK) { if (esp_ret != ESP_OK) {

10
components/tcp_transport/include/esp_transport_ssl.h
View File

@@ -103,6 +103,16 @@ void esp_transport_ssl_set_client_key_data(esp_transport_handle_t t, const char
*/ */
void esp_transport_ssl_set_client_key_data_der(esp_transport_handle_t t, const char *data, int len); void esp_transport_ssl_set_client_key_data_der(esp_transport_handle_t t, const char *data, int len);
/**
* @brief Set the list of supported application protocols to be used with ALPN.
* Note that, this function stores the pointer to data, rather than making a copy.
* So this data must remain valid until after the connection is cleaned up
*
* @param t ssl transport
* @param[in] alpn_porot The list of ALPN protocols, the last entry must be NULL
*/
void esp_transport_ssl_set_alpn_protocol(esp_transport_handle_t t, const char **alpn_protos);
/** /**
* @brief Skip validation of certificate's common name field * @brief Skip validation of certificate's common name field
* *

8
components/tcp_transport/transport_ssl.c
View File

@@ -256,6 +256,14 @@ void esp_transport_ssl_set_client_key_data_der(esp_transport_handle_t t, const c
} }
} }
void esp_transport_ssl_set_alpn_protocol(esp_transport_handle_t t, const char **alpn_protos)
{
transport_ssl_t *ssl = esp_transport_get_context_data(t);
if (t && ssl) {
ssl->cfg.alpn_protos = alpn_protos;
}
}
void esp_transport_ssl_skip_common_name_check(esp_transport_handle_t t) void esp_transport_ssl_skip_common_name_check(esp_transport_handle_t t)
{ {
transport_ssl_t *ssl = esp_transport_get_context_data(t); transport_ssl_t *ssl = esp_transport_get_context_data(t);