Merge branch 'feature/openssl' into 'master'
examples/10_openssl_server: fixup SSL server with method of specific version 1. add method of any version supporting at OpenSSL and add API in header file 2. change OpenSSL server context method to be method of any version Fixes http://esp32.com/viewtopic.php?f=14&t=696. See merge request !369
This commit is contained in:
Wu Jian Gang
commit
fb70126bc8
6 changed files with 41 additions and 10 deletions
18
components/openssl/include/openssl/ssl.h
Normal file → Executable file
18
components/openssl/include/openssl/ssl.h
Normal file → Executable file
|
|
@ -214,6 +214,14 @@ const SSL_METHOD* TLSv1_1_client_method(void);
|
|||
*/
|
||||
const SSL_METHOD* TLSv1_2_client_method(void);
|
||||
|
||||
/**
|
||||
* @brief create the target SSL context server method
|
||||
*
|
||||
* @param none
|
||||
*
|
||||
* @return the TLS any version SSL context client method
|
||||
*/
|
||||
const SSL_METHOD* TLS_client_method(void);
|
||||
|
||||
/**
|
||||
* @brief create the target SSL context server method
|
||||
|
|
@ -260,6 +268,16 @@ const SSL_METHOD* TLSv1_server_method(void);
|
|||
*/
|
||||
const SSL_METHOD* SSLv3_server_method(void);
|
||||
|
||||
/**
|
||||
* @brief create the target SSL context server method
|
||||
*
|
||||
* @param none
|
||||
*
|
||||
* @return the TLS any version SSL context server method
|
||||
*/
|
||||
const SSL_METHOD* TLS_server_method(void);
|
||||
|
||||
|
||||
/**
|
||||
* @brief set the SSL context ALPN select callback function
|
||||
*
|
||||
|
|
|
|||
3
components/openssl/platform/ssl_pm.c
Normal file → Executable file
3
components/openssl/platform/ssl_pm.c
Normal file → Executable file
|
|
@ -125,6 +125,9 @@ int ssl_pm_new(SSL *ssl)
|
|||
|
||||
mbedtls_ssl_conf_max_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, version);
|
||||
mbedtls_ssl_conf_min_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, version);
|
||||
} else {
|
||||
mbedtls_ssl_conf_max_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);
|
||||
mbedtls_ssl_conf_min_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0);
|
||||
}
|
||||
|
||||
mbedtls_ssl_conf_rng(&ssl_pm->conf, mbedtls_ctr_drbg_random, &ssl_pm->ctr_drbg);
|
||||
|
|
|
|||
2
examples/10_openssl_server/README.md
Normal file → Executable file
2
examples/10_openssl_server/README.md
Normal file → Executable file
|
|
@ -5,7 +5,7 @@ The Example contains of OpenSSL server demo.
|
|||
First you should configure the project by "make menuconfig":
|
||||
Example Configuration ->
|
||||
1. WIFI SSID: WIFI network to which your PC is also connected to.
|
||||
1. WIFI Password: WIFI password
|
||||
2. WIFI Password: WIFI password
|
||||
|
||||
IF you want to test the OpenSSL server demo:
|
||||
1. compile the code and load the firmware
|
||||
|
|
|
|||
0
examples/10_openssl_server/main/Kconfig.projbuild
Normal file → Executable file
0
examples/10_openssl_server/main/Kconfig.projbuild
Normal file → Executable file
20
examples/10_openssl_server/main/openssl_server.c
Normal file → Executable file
20
examples/10_openssl_server/main/openssl_server.c
Normal file → Executable file
|
|
@ -43,7 +43,8 @@ const static char *TAG = "Openssl_demo";
|
|||
"<title>OpenSSL demo</title></head><body>\r\n" \
|
||||
"OpenSSL server demo!\r\n" \
|
||||
"</body>\r\n" \
|
||||
"</html>\r\n"
|
||||
"</html>\r\n" \
|
||||
"\r\n"
|
||||
|
||||
static void openssl_demo_thread(void *p)
|
||||
{
|
||||
|
|
@ -70,7 +71,7 @@ static void openssl_demo_thread(void *p)
|
|||
const unsigned int prvtkey_pem_bytes = prvtkey_pem_end - prvtkey_pem_start;
|
||||
|
||||
ESP_LOGI(TAG, "SSL server context create ......");
|
||||
ctx = SSL_CTX_new(SSLv3_server_method());
|
||||
ctx = SSL_CTX_new(TLS_server_method());
|
||||
if (!ctx) {
|
||||
ESP_LOGI(TAG, "failed");
|
||||
goto failed1;
|
||||
|
|
@ -155,14 +156,21 @@ reconnect:
|
|||
if (ret <= 0) {
|
||||
break;
|
||||
}
|
||||
if (strstr(recv_buf, "GET / HTTP/1.1")) {
|
||||
SSL_write(ssl, send_data, send_bytes);
|
||||
ESP_LOGI(TAG, "SSL read: %s", recv_buf);
|
||||
if (strstr(recv_buf, "GET ") &&
|
||||
strstr(recv_buf, " HTTP/1.1")) {
|
||||
ESP_LOGI(TAG, "SSL get matched message")
|
||||
ESP_LOGI(TAG, "SSL write message")
|
||||
ret = SSL_write(ssl, send_data, send_bytes);
|
||||
if (ret > 0) {
|
||||
ESP_LOGI(TAG, "OK")
|
||||
} else {
|
||||
ESP_LOGI(TAG, "error")
|
||||
}
|
||||
break;
|
||||
}
|
||||
} while (1);
|
||||
|
||||
ESP_LOGI(TAG, "result %d", ret);
|
||||
|
||||
SSL_shutdown(ssl);
|
||||
failed5:
|
||||
close(new_socket);
|
||||
|
|
|
|||
6
examples/10_openssl_server/main/openssl_server.h
Normal file → Executable file
6
examples/10_openssl_server/main/openssl_server.h
Normal file → Executable file
|
|
@ -7,8 +7,10 @@
|
|||
CONDITIONS OF ANY KIND, either express or implied.
|
||||
*/
|
||||
|
||||
#ifndef _OPENSSL_DEMO_H_
|
||||
#define _OPENSSL_DEMO_H_
|
||||
#ifndef _OPENSSL_SERVER_H_
|
||||
#define _OPENSSL_SERVER_H_
|
||||
|
||||
#include "sdkconfig.h"
|
||||
|
||||
/* The examples use simple WiFi configuration that you can set via
|
||||
'make menuconfig'.
|
||||
|
|
|
|||
Loading…
Reference in a new issue