OVMS3-idf

Author	SHA1	Message	Date
Chris Morgan	3e1633354a	ssl_pm_reload_crt() - Fix verify_mode checking to match openssl documentation https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_verify.html Merges https://github.com/espressif/esp-idf/pull/2162	2018-07-09 14:41:56 +08:00
Ivan Grokhotkov	cb649e452f	remove executable permission from source files	2018-05-29 20:07:45 +08:00
Ivan Grokhotkov	022b4f3251	openssl: add feature check for MBEDTLS_SSL_ALPN Fixes https://github.com/espressif/esp-idf/issues/1342	2017-12-08 13:00:11 +08:00
Andy Green	effc6c6d0d	openssl wrapper: introduce X509_VERIFY_PARAM_set1_host This lets the user code set the mbedtls hostname using the standard OpenSSL X509_VERIFY_PARAM_set1_host() API semantics. The API takes an X509_VERIFY_PARAM pointer. We use the fact that is a composed member of the SSL struct to derive the SSL pointer. The X509_VERIFY_PARAM_set1_host() is unusual in that it can accept a NUL terminated C string as usual, or a nonterminated pointer + length. This implementation converts the latter to the former if given, before using it. This is enough for user code to get the openssl wrapper to make mbedtls confirm the CN on the peer cert belongs to the hostname used to reach it, by doing, eg X509_VERIFY_PARAM_set1_host(SSL_get0_param(myssl), myhostname, 0); Merges https://github.com/espressif/esp-idf/pull/980	2017-11-20 16:24:06 +11:00
Kedar Sovani	b65f47c586	[openssl] Add support for SNI (sending the hostname)	2017-10-31 16:57:38 +05:30
Kedar Sovani	3420baa01b	[openssl] Add support for defining ALPN protocols	2017-10-31 16:57:38 +05:30
Angus Gratton	c503a01388	mbedtls: Rename net to net_sockets (in line with 2.4.0 API change)	2017-09-07 18:02:39 +10:00
Dong Heng	25e2b07010	components/openssl : Fix compilation error when openssl debugging is enabled	2017-02-20 09:45:50 +08:00
Dong Heng	93395a3370	components/openssl: Add more debugging information at platform level	2017-01-26 10:12:58 +08:00
Dong Heng	905180667c	components/openssl: refactor openssl debugging and assert function 1. add openssl option at menuconfig 2. remove SSL_ERR to reduce complexity 3. add more functions about debugging and assert According these, our coders and customers may use and debug the OpenSSL code easily.	2017-01-17 10:15:26 +08:00
Dong Heng	8c7dfef317	examples/10_openssl_server: fixup SSL server with method of specific version 1. add method of any version supporting at OpenSSL and add API in header file 2. change OpenSSL server context method to be method of any version Fixes http://esp32.com/viewtopic.php?f=14&t=696.	2017-01-05 15:57:25 +08:00
Ivan Grokhotkov	2393d829de	remove legacy definitions from esp_types.h	2016-11-22 21:14:36 +08:00
Dong Heng	dfaac25a37	feature/openssl: add openssl server demo and remove some check function	2016-11-15 15:04:21 +08:00
Dong Heng	734c1dd954	components/openssl: sync the code form esp8266 sdk	2016-11-14 09:40:12 +08:00
Dong Heng	12e78e9590	components/openssl: add more debug stream output function	2016-11-01 15:16:14 +08:00
Dong Heng	bc710e5b88	components/openssl: refacetor the SSL debug function Add the "ssl_opt.h" file to make user able t add its platform interface	2016-11-01 14:59:50 +08:00
Dong Heng	8d1f360ca6	components/openssl: ssl port use esp32_idf default	2016-11-01 13:10:56 +08:00
Dong Heng	16a4d56fe5	components/openssl: remove some platform interface	2016-11-01 13:09:54 +08:00
Dong Heng	fc6b52574a	components/openssl: refactor the SSL port function and debug function	2016-11-01 13:07:10 +08:00
Dong Heng	37a68ad605	components/openssl: fix SSL X509 show message, leaking memory	2016-10-09 19:02:31 +08:00
Dong Heng	47e83ee65e	components/openssl: add SSL any version function setting	2016-10-09 17:49:16 +08:00
Dong Heng	2033068a72	components/openssl: add internal openssl X509 debug function	2016-10-09 16:42:49 +08:00
Dong Heng	9e20d31f89	components/openssl: fix extra certification loading	2016-09-27 19:06:07 +08:00
Dong Heng	652ddae44f	components/openssl: change low-level certification loading sequence	2016-09-27 14:28:39 +08:00
Dong Heng	3882937427	components/openssl: add debug message and change verifying mode	2016-09-27 10:06:24 +08:00
Dong Heng	cf4aaf6397	components/openssl: optimize the SSL certification and private key function 1. add inheritance function 2. remove low-level platform unload cert & pkey function 3. optimize the cert load and free function	2016-09-26 11:14:19 +08:00
Dong Heng	e1c4a4bfa3	components/openssl: add cert and pkey extra object point the point is pointed to its father's object and should not free just set NULL if not use	2016-09-23 18:47:09 +08:00
Dong Heng	d2bc170b86	components/openssl: add SSL session function 1. add SSL session new and free function 2. add SSL session peer cert get and free operation 3. above all, change low-level cert object to be object point not object	2016-09-23 18:13:10 +08:00
dongheng	59bb9a9a01	components/openssl: [TW7411] supply doxygen type note	2016-09-23 14:50:27 +08:00
dongheng	db9becfa74	components/openssl: free peer cert X509 object when SSL_free	2016-09-23 13:38:11 +08:00
dongheng	e475d0539e	components/openssl: add SSL and SSL context verify mode selection	2016-09-23 11:41:57 +08:00
dongheng	f5d9bfc7ae	components/openssl: fix SSL get peer cert struct point type error 1. fix SSL get peer cert struct point type error 2. some function use "zalloc" instead of "malloc"	2016-09-23 11:03:13 +08:00
dongheng	07c8bbca6c	components/openssl: SSL low-level reload cert when user add new cert	2016-09-23 10:53:18 +08:00
dongheng	9fc054bb55	components/openssl: SSL load cert with creating new cert object 1. when 'SSL_new' SSL's cert is pointed to SSL context cert If SSL load new cert, it will create a new cert object 2. change some debug informaion	2016-09-23 10:33:31 +08:00
dongheng	1bfedf9816	components/openssl: fix the SSL_free memory leak	2016-09-22 18:33:55 +08:00
dongheng	18787fd4fc	components/openssl: add empty fucntion to get peer certification and fix ref overflow	2016-09-22 17:20:07 +08:00
dongheng	f796b4e58e	components/openssl: SSL load verify data from itself structure when "new"	2016-09-22 16:41:51 +08:00
dongheng	fa6f03f77f	components/openssl: add function to load certification or private key more than one time	2016-09-22 16:08:36 +08:00
dongheng	b3145446aa	components/openssl: add function "ssl_pm_get_verify_result" 1. add function ssl_pm_get_verify_result 2. add its platform low-level interface	2016-09-22 15:15:16 +08:00
dongheng	845ca8b34f	components/openssl: delete ssl_rsa.c & .h file	2016-09-22 11:43:59 +08:00
dongheng	6bd3d62d7c	components/openssl: add license header	2016-09-22 10:28:08 +08:00
dongheng	b89168d0f1	components/openssl: add ssl_port.c & .h file	2016-09-21 17:51:12 +08:00
dongheng	5adc661d05	components/openssl: add more interface for application	2016-09-21 09:23:29 +08:00
dongheng	44c466c0ea	components/openssl: add base function version	2016-09-20 16:58:46 +08:00

44 commits