Crash_Override/OVMS3-idf
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

esp_https_server : change config option secure_enable to transport_mode and some minor changes

Browse source 
transport_mode accepts enum httpd_ssl_transport_t instead of true/false.
This will allow for extension to dual mode (server running on both secure and insecure ports) in the future.
This commit is contained in:
Anurag Kar 2018-11-12 14:19:20 +05:30 committed by bot
parent 9a9d18e466
commit 1d3f4074de
2 changed files with 15 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
components/esp_https_server/include/esp_https_server.h
View file

@ -19,6 +19,11 @@
#include "esp_err.h" #include "esp_err.h"
#include "esp_http_server.h" #include "esp_http_server.h"
typedef enum {
HTTPD_SSL_TRANSPORT_SECURE, // SSL Enabled
HTTPD_SSL_TRANSPORT_INSECURE // SSL disabled
} httpd_ssl_transport_mode_t;
/** /**
* HTTPS server config struct * HTTPS server config struct
* *
@ -44,13 +49,13 @@ struct httpd_ssl_config {
/** Private key byte length */ /** Private key byte length */
size_t prvtkey_len; size_t prvtkey_len;
/** Enable SSL (default true) */ /** Transport Mode (default secure) */
bool secure_enable; httpd_ssl_transport_mode_t transport_mode;
/** Port used when SSL is enabled (default 443) */ /** Port used when transport mode is secure (default 443) */
uint16_t port_secure; uint16_t port_secure;
/** Port used when SSL is disabled (default 80) */ /** Port used when transport mode is insecure (default 80) */
uint16_t port_insecure; uint16_t port_insecure;
}; };
@ -62,7 +67,7 @@ typedef struct httpd_ssl_config httpd_ssl_config_t;
* (http_server default config had to be copied for customization) * (http_server default config had to be copied for customization)
* *
* Notes: * Notes:
* - port is set when starting the server, according to 'secure_enable' * - port is set when starting the server, according to 'transport_mode'
* - one socket uses ~ 40kB RAM with SSL, we reduce the default socket count to 4 * - one socket uses ~ 40kB RAM with SSL, we reduce the default socket count to 4
* - SSL sockets are usually long-lived, closing LRU prevents pool exhaustion DOS * - SSL sockets are usually long-lived, closing LRU prevents pool exhaustion DOS
* - Stack size may need adjustments depending on the user application * - Stack size may need adjustments depending on the user application
@ -87,7 +92,7 @@ typedef struct httpd_ssl_config httpd_ssl_config_t;
.open_fn = NULL, \ .open_fn = NULL, \
.close_fn = NULL, \ .close_fn = NULL, \
}, \ }, \
.secure_enable = true, \ .transport_mode = HTTPD_SSL_TRANSPORT_SECURE, \
.port_secure = 443, \ .port_secure = 443, \
.port_insecure = 80, \ .port_insecure = 80, \
} }

8
components/esp_https_server/src/https_server.c
View file

@ -118,9 +118,9 @@ static esp_err_t httpd_ssl_open(httpd_handle_t server, int sockfd)
httpd_sess_set_transport_ctx(server, sockfd, ssl, httpd_ssl_close); httpd_sess_set_transport_ctx(server, sockfd, ssl, httpd_ssl_close);
// Set rx/tx/pending override functions // Set rx/tx/pending override functions
httpd_set_sess_send_override(server, sockfd, httpd_ssl_send); httpd_sess_set_send_override(server, sockfd, httpd_ssl_send);
httpd_set_sess_recv_override(server, sockfd, httpd_ssl_recv); httpd_sess_set_recv_override(server, sockfd, httpd_ssl_recv);
httpd_set_sess_pending_override(server, sockfd, httpd_ssl_pending); httpd_sess_set_pending_override(server, sockfd, httpd_ssl_pending);
// all access should now go through SSL // all access should now go through SSL
@ -183,7 +183,7 @@ esp_err_t httpd_ssl_start(httpd_handle_t *pHandle, struct httpd_ssl_config *conf
ESP_LOGI(TAG, "Starting server"); ESP_LOGI(TAG, "Starting server");
if (config->secure_enable) { if (HTTPD_SSL_TRANSPORT_SECURE == config->transport_mode) {
SSL_CTX *ctx = create_secure_context(config); SSL_CTX *ctx = create_secure_context(config);
if (!ctx) { if (!ctx) {
return ESP_FAIL; return ESP_FAIL;