forked from espressif/esp-idf
esp_http_client: Enable support of crt_bundle in esp_http_client
This commit is contained in:
Aditya Patwardhan
bot
@@ -608,7 +608,13 @@ esp_http_client_handle_t esp_http_client_init(const esp_http_client_config_t *co
|
|||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (config->use_global_ca_store == true) {
|
if (config->crt_bundle_attach != NULL) {
|
||||||
|
#ifdef CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
|
||||||
|
esp_transport_ssl_crt_bundle_attach(ssl, config->crt_bundle_attach);
|
||||||
|
#else //CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
|
||||||
|
ESP_LOGE(TAG, "use_crt_bundle configured but not enabled in menuconfig: Please enable MBEDTLS_CERTIFICATE_BUNDLE option");
|
||||||
|
#endif
|
||||||
|
} else if (config->use_global_ca_store == true) {
|
||||||
esp_transport_ssl_enable_global_ca_store(ssl);
|
esp_transport_ssl_enable_global_ca_store(ssl);
|
||||||
} else if (config->cert_pem) {
|
} else if (config->cert_pem) {
|
||||||
if (!config->cert_len) {
|
if (!config->cert_len) {
|
||||||
|
|||||||
@@ -135,6 +135,8 @@ typedef struct {
|
|||||||
bool is_async; /*!< Set asynchronous mode, only supported with HTTPS for now */
|
bool is_async; /*!< Set asynchronous mode, only supported with HTTPS for now */
|
||||||
bool use_global_ca_store; /*!< Use a global ca_store for all the connections in which this bool is set. */
|
bool use_global_ca_store; /*!< Use a global ca_store for all the connections in which this bool is set. */
|
||||||
bool skip_cert_common_name_check; /*!< Skip any validation of server certificate CN field */
|
bool skip_cert_common_name_check; /*!< Skip any validation of server certificate CN field */
|
||||||
|
esp_err_t (*crt_bundle_attach)(void *conf); /*!< Function pointer to esp_crt_bundle_attach. Enables the use of certification
|
||||||
|
bundle for server verification, must be enabled in menuconfig */
|
||||||
bool keep_alive_enable; /*!< Enable keep-alive timeout */
|
bool keep_alive_enable; /*!< Enable keep-alive timeout */
|
||||||
int keep_alive_idle; /*!< Keep-alive idle time. Default is 5 (second) */
|
int keep_alive_idle; /*!< Keep-alive idle time. Default is 5 (second) */
|
||||||
int keep_alive_interval; /*!< Keep-alive interval time. Default is 5 (second) */
|
int keep_alive_interval; /*!< Keep-alive interval time. Default is 5 (second) */
|
||||||
|
|||||||
@@ -5,4 +5,4 @@
|
|||||||
|
|
||||||
# embed files from the "certs" directory as binary data symbols
|
# embed files from the "certs" directory as binary data symbols
|
||||||
# in the app
|
# in the app
|
||||||
COMPONENT_EMBED_TXTFILES := howsmyssl_com_root_cert.pem
|
COMPONENT_EMBED_TXTFILES := howsmyssl_com_root_cert.pem postman_root_cert.pem
|
||||||
|
|||||||
@@ -18,6 +18,7 @@
|
|||||||
#include "esp_netif.h"
|
#include "esp_netif.h"
|
||||||
#include "protocol_examples_common.h"
|
#include "protocol_examples_common.h"
|
||||||
#include "esp_tls.h"
|
#include "esp_tls.h"
|
||||||
|
#include "esp_crt_bundle.h"
|
||||||
|
|
||||||
#include "esp_http_client.h"
|
#include "esp_http_client.h"
|
||||||
|
|
||||||
@@ -371,7 +372,7 @@ static void https_with_url(void)
|
|||||||
esp_http_client_config_t config = {
|
esp_http_client_config_t config = {
|
||||||
.url = "https://www.howsmyssl.com",
|
.url = "https://www.howsmyssl.com",
|
||||||
.event_handler = _http_event_handler,
|
.event_handler = _http_event_handler,
|
||||||
.cert_pem = howsmyssl_com_root_cert_pem_start,
|
.crt_bundle_attach = esp_crt_bundle_attach,
|
||||||
};
|
};
|
||||||
esp_http_client_handle_t client = esp_http_client_init(&config);
|
esp_http_client_handle_t client = esp_http_client_init(&config);
|
||||||
esp_err_t err = esp_http_client_perform(client);
|
esp_err_t err = esp_http_client_perform(client);
|
||||||
|
|||||||
Reference in New Issue
Block a user