feedc0de/esp-idf
1
0
Fork 0
forked from espressif/esp-idf
Code Pull Requests Activity

Merge branch 'bugfix/esp_crt_bundle_build_issue' into 'master'

Browse Source 
esp_crt_bundle: Fix build problems if MBEDTLS_CERTIFICATE_BUNDLE is disabled

Closes IDFGH-7106

See merge request espressif/esp-idf!17674
This commit is contained in:
Mahavir Jain
2022-04-06 19:33:06 +08:00
parent e739aa13ba 37ad7c2e1f
commit 2cee6954e3
5 changed files with 42 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
components/mbedtls/CMakeLists.txt
View File

@@ -7,8 +7,16 @@ if(NOT BOOTLOADER_BUILD)
list(APPEND priv_requires esp_pm) list(APPEND priv_requires esp_pm)
endif() endif()
idf_component_register(SRCS "esp_crt_bundle/esp_crt_bundle.c" set(mbedtls_srcs "")
INCLUDE_DIRS "port/include" "mbedtls/include" "esp_crt_bundle/include" "./mbedtls/library" set(mbedtls_include_dirs "port/include" "mbedtls/include" "./mbedtls/library")
if(CONFIG_MBEDTLS_CERTIFICATE_BUNDLE)
list(APPEND mbedtls_srcs "esp_crt_bundle/esp_crt_bundle.c")
list(APPEND mbedtls_include_dirs "esp_crt_bundle/include")
endif()
idf_component_register(SRCS "${mbedtls_srcs}"
INCLUDE_DIRS "${mbedtls_include_dirs}"
REQUIRES lwip REQUIRES lwip
PRIV_REQUIRES "${priv_requires}" PRIV_REQUIRES "${priv_requires}"
) )
@@ -233,7 +241,14 @@ set_property(TARGET mbedcrypto APPEND PROPERTY LINK_LIBRARIES idf::driver idf::$
set_property(TARGET mbedcrypto APPEND PROPERTY INTERFACE_LINK_LIBRARIES idf::driver idf::${target}) set_property(TARGET mbedcrypto APPEND PROPERTY INTERFACE_LINK_LIBRARIES idf::driver idf::${target})
# Link mbedtls libraries to component library # Link mbedtls libraries to component library
target_link_libraries(${COMPONENT_LIB} PUBLIC ${mbedtls_targets}) if(mbedtls_srcs STREQUAL "")
# For no sources in component library we must use "INTERFACE"
set(linkage_type INTERFACE)
else()
set(linkage_type PUBLIC)
endif()
target_link_libraries(${COMPONENT_LIB} ${linkage_type} ${mbedtls_targets})
if(CONFIG_ESP_TLS_USE_DS_PERIPHERAL) if(CONFIG_ESP_TLS_USE_DS_PERIPHERAL)
# Link target (e.g. esp32s2) library to component library # Link target (e.g. esp32s2) library to component library
@@ -241,11 +256,11 @@ if(CONFIG_ESP_TLS_USE_DS_PERIPHERAL)
set_property(TARGET mbedcrypto APPEND PROPERTY INTERFACE_LINK_LIBRARIES $<LINK_ONLY:${target_lib}>) set_property(TARGET mbedcrypto APPEND PROPERTY INTERFACE_LINK_LIBRARIES $<LINK_ONLY:${target_lib}>)
# The linker seems to be unable to resolve all the dependencies without increasing this # The linker seems to be unable to resolve all the dependencies without increasing this
set_property(TARGET mbedcrypto APPEND PROPERTY LINK_INTERFACE_MULTIPLICITY 6) set_property(TARGET mbedcrypto APPEND PROPERTY LINK_INTERFACE_MULTIPLICITY 6)
target_link_libraries(${COMPONENT_LIB} PUBLIC ${target_lib}) target_link_libraries(${COMPONENT_LIB} ${linkage_type} ${target_lib})
endif() endif()
# Link esp-cryptoauthlib to mbedtls # Link esp-cryptoauthlib to mbedtls
if(CONFIG_ATCA_MBEDTLS_ECDSA) if(CONFIG_ATCA_MBEDTLS_ECDSA)
idf_component_get_property(cryptoauthlib esp-cryptoauthlib COMPONENT_LIB) idf_component_get_property(cryptoauthlib esp-cryptoauthlib COMPONENT_LIB)
target_link_libraries(${COMPONENT_LIB} PUBLIC ${cryptoauthlib}) target_link_libraries(${COMPONENT_LIB} ${linkage_type} ${cryptoauthlib})
endif() endif()

10
examples/protocols/esp_http_client/main/esp_http_client_example.c
View File

@@ -18,7 +18,9 @@
#include "esp_netif.h" #include "esp_netif.h"
#include "protocol_examples_common.h" #include "protocol_examples_common.h"
#include "esp_tls.h" #include "esp_tls.h"
#if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
#include "esp_crt_bundle.h" #include "esp_crt_bundle.h"
#endif
#include "esp_http_client.h" #include "esp_http_client.h"
@@ -372,6 +374,7 @@ static void http_auth_digest(void)
} }
#endif #endif
#if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
static void https_with_url(void) static void https_with_url(void)
{ {
esp_http_client_config_t config = { esp_http_client_config_t config = {
@@ -391,6 +394,7 @@ static void https_with_url(void)
} }
esp_http_client_cleanup(client); esp_http_client_cleanup(client);
} }
#endif // CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
static void https_with_hostname_path(void) static void https_with_hostname_path(void)
{ {
@@ -667,6 +671,7 @@ static void http_native_request(void)
esp_http_client_cleanup(client); esp_http_client_cleanup(client);
} }
#if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
static void http_partial_download(void) static void http_partial_download(void)
{ {
esp_http_client_config_t config = { esp_http_client_config_t config = {
@@ -711,6 +716,7 @@ static void http_partial_download(void)
esp_http_client_cleanup(client); esp_http_client_cleanup(client);
} }
#endif // CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
static void http_test_task(void *pvParameters) static void http_test_task(void *pvParameters)
{ {
@@ -726,7 +732,9 @@ static void http_test_task(void *pvParameters)
http_relative_redirect(); http_relative_redirect();
http_absolute_redirect(); http_absolute_redirect();
http_absolute_redirect_manual(); http_absolute_redirect_manual();
#if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
https_with_url(); https_with_url();
#endif
https_with_hostname_path(); https_with_hostname_path();
http_redirect_to_https(); http_redirect_to_https();
http_download_chunk(); http_download_chunk();
@@ -734,7 +742,9 @@ static void http_test_task(void *pvParameters)
https_async(); https_async();
https_with_invalid_url(); https_with_invalid_url();
http_native_request(); http_native_request();
#if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
http_partial_download(); http_partial_download();
#endif
ESP_LOGI(TAG, "Finish http example"); ESP_LOGI(TAG, "Finish http example");
vTaskDelete(NULL); vTaskDelete(NULL);

25
examples/protocols/https_request/main/https_request_example_main.c
View File

@@ -5,22 +5,13 @@
* *
* Adapted from the ssl_client1 example in mbedtls. * Adapted from the ssl_client1 example in mbedtls.
* *
* Original Copyright (C) 2006-2016, ARM Limited, All Rights Reserved, Apache 2.0 License. * SPDX-FileCopyrightText: 2006-2016 ARM Limited, All Rights Reserved
* Additions Copyright (C) Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD, Apache 2.0 License.
* *
* SPDX-License-Identifier: Apache-2.0
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * SPDX-FileContributor: 2015-2022 Espressif Systems (Shanghai) CO LTD
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
#include <string.h> #include <string.h>
#include <stdlib.h> #include <stdlib.h>
#include <time.h> #include <time.h>
@@ -45,7 +36,9 @@
#include "lwip/dns.h" #include "lwip/dns.h"
#include "esp_tls.h" #include "esp_tls.h"
#if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
#include "esp_crt_bundle.h" #include "esp_crt_bundle.h"
#endif
#include "time_sync.h" #include "time_sync.h"
/* Constants that aren't configurable in menuconfig */ /* Constants that aren't configurable in menuconfig */
@@ -166,6 +159,7 @@ exit:
} }
} }
#if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
static void https_get_request_using_crt_bundle(void) static void https_get_request_using_crt_bundle(void)
{ {
ESP_LOGI(TAG, "https_request using crt bundle"); ESP_LOGI(TAG, "https_request using crt bundle");
@@ -174,8 +168,7 @@ static void https_get_request_using_crt_bundle(void)
}; };
https_get_request(cfg, WEB_URL, HOWSMYSSL_REQUEST); https_get_request(cfg, WEB_URL, HOWSMYSSL_REQUEST);
} }
#endif // CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
static void https_get_request_using_cacert_buf(void) static void https_get_request_using_cacert_buf(void)
{ {
@@ -255,7 +248,9 @@ static void https_request_task(void *pvparameters)
https_get_request_using_already_saved_session(server_url); https_get_request_using_already_saved_session(server_url);
#endif #endif
#if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
https_get_request_using_crt_bundle(); https_get_request_using_crt_bundle();
#endif
printf("Minimum free heap size: %d bytes\n", esp_get_minimum_free_heap_size()); printf("Minimum free heap size: %d bytes\n", esp_get_minimum_free_heap_size());
https_get_request_using_cacert_buf(); https_get_request_using_cacert_buf();
https_get_request_using_global_ca_store(); https_get_request_using_global_ca_store();

1
examples/system/ota/simple_ota_example/main/Kconfig.projbuild
View File

@@ -10,6 +10,7 @@ menu "Example Configuration"
config EXAMPLE_USE_CERT_BUNDLE config EXAMPLE_USE_CERT_BUNDLE
bool "Enable certificate bundle" bool "Enable certificate bundle"
default y default y
depends on MBEDTLS_CERTIFICATE_BUNDLE
help help
Enable trusted root certificate bundle. This approach allows to have Enable trusted root certificate bundle. This approach allows to have
OTA updates functional with any public server without requirement OTA updates functional with any public server without requirement

1
tools/test_apps/system/build_test/sdkconfig.ci.no_esp_cert_bundle Normal file
View File

@@ -0,0 +1 @@
CONFIG_MBEDTLS_CERTIFICATE_BUNDLE=n