OVMS3-idf/examples/protocols/openssl_server/main/openssl_server.c
Ivan Grokhotkov 4813ab2d28 examples: check return value of nvs_flash_init
nvs_flash_init may return an error code in some cases, and applications
should check this error code (or at least assert on it being ESP_OK, to
make potential issues more immediately obvious).

This change modifies all the examples which use NVS to check the error
code. Most examples get a simple ESP_ERROR_CHECK assert, while NVS
examples, OTA example, and NVS unit tests get a more verbose check which
may be used in real applications.
2017-03-15 10:44:54 +08:00

260 lines
7.4 KiB
C
Executable file

/* OpenSSL server Example
This example code is in the Public Domain (or CC0 licensed, at your option.)
Unless required by applicable law or agreed to in writing, this
software is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
CONDITIONS OF ANY KIND, either express or implied.
*/
#include "openssl_server.h"
#include <string.h>
#include "openssl/ssl.h"
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "freertos/event_groups.h"
#include "esp_log.h"
#include "esp_wifi.h"
#include "esp_event_loop.h"
#include "nvs_flash.h"
#include "lwip/sockets.h"
#include "lwip/netdb.h"
static EventGroupHandle_t wifi_event_group;
/* The event group allows multiple bits for each event,
but we only care about one event - are we connected
to the AP with an IP? */
const static int CONNECTED_BIT = BIT0;
const static char *TAG = "Openssl_demo";
#define OPENSSL_DEMO_SERVER_ACK "HTTP/1.1 200 OK\r\n" \
"Content-Type: text/html\r\n" \
"Content-Length: 98\r\n\r\n" \
"<html>\r\n" \
"<head>\r\n" \
"<title>OpenSSL demo</title></head><body>\r\n" \
"OpenSSL server demo!\r\n" \
"</body>\r\n" \
"</html>\r\n" \
"\r\n"
static void openssl_demo_thread(void *p)
{
int ret;
SSL_CTX *ctx;
SSL *ssl;
int socket, new_socket;
socklen_t addr_len;
struct sockaddr_in sock_addr;
char recv_buf[OPENSSL_DEMO_RECV_BUF_LEN];
const char send_data[] = OPENSSL_DEMO_SERVER_ACK;
const int send_bytes = sizeof(send_data);
extern const unsigned char cacert_pem_start[] asm("_binary_cacert_pem_start");
extern const unsigned char cacert_pem_end[] asm("_binary_cacert_pem_end");
const unsigned int cacert_pem_bytes = cacert_pem_end - cacert_pem_start;
extern const unsigned char prvtkey_pem_start[] asm("_binary_prvtkey_pem_start");
extern const unsigned char prvtkey_pem_end[] asm("_binary_prvtkey_pem_end");
const unsigned int prvtkey_pem_bytes = prvtkey_pem_end - prvtkey_pem_start;
ESP_LOGI(TAG, "SSL server context create ......");
/* For security reasons, it is best if you can use
TLSv1_2_server_method() here instead of TLS_server_method().
However some old browsers may not support TLS v1.2.
*/
ctx = SSL_CTX_new(TLS_server_method());
if (!ctx) {
ESP_LOGI(TAG, "failed");
goto failed1;
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "SSL server context set own certification......");
ret = SSL_CTX_use_certificate_ASN1(ctx, cacert_pem_bytes, cacert_pem_start);
if (!ret) {
ESP_LOGI(TAG, "failed");
goto failed2;
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "SSL server context set private key......");
ret = SSL_CTX_use_PrivateKey_ASN1(0, ctx, prvtkey_pem_start, prvtkey_pem_bytes);
if (!ret) {
ESP_LOGI(TAG, "failed");
goto failed2;
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "SSL server create socket ......");
socket = socket(AF_INET, SOCK_STREAM, 0);
if (socket < 0) {
ESP_LOGI(TAG, "failed");
goto failed2;
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "SSL server socket bind ......");
memset(&sock_addr, 0, sizeof(sock_addr));
sock_addr.sin_family = AF_INET;
sock_addr.sin_addr.s_addr = 0;
sock_addr.sin_port = htons(OPENSSL_DEMO_LOCAL_TCP_PORT);
ret = bind(socket, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
if (ret) {
ESP_LOGI(TAG, "failed");
goto failed3;
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "SSL server socket listen ......");
ret = listen(socket, 32);
if (ret) {
ESP_LOGI(TAG, "failed");
goto failed3;
}
ESP_LOGI(TAG, "OK");
reconnect:
ESP_LOGI(TAG, "SSL server create ......");
ssl = SSL_new(ctx);
if (!ssl) {
ESP_LOGI(TAG, "failed");
goto failed3;
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "SSL server socket accept client ......");
new_socket = accept(socket, (struct sockaddr *)&sock_addr, &addr_len);
if (new_socket < 0) {
ESP_LOGI(TAG, "failed" );
goto failed4;
}
ESP_LOGI(TAG, "OK");
SSL_set_fd(ssl, new_socket);
ESP_LOGI(TAG, "SSL server accept client ......");
ret = SSL_accept(ssl);
if (!ret) {
ESP_LOGI(TAG, "failed");
goto failed5;
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "SSL server read message ......");
do {
memset(recv_buf, 0, OPENSSL_DEMO_RECV_BUF_LEN);
ret = SSL_read(ssl, recv_buf, OPENSSL_DEMO_RECV_BUF_LEN - 1);
if (ret <= 0) {
break;
}
ESP_LOGI(TAG, "SSL read: %s", recv_buf);
if (strstr(recv_buf, "GET ") &&
strstr(recv_buf, " HTTP/1.1")) {
ESP_LOGI(TAG, "SSL get matched message")
ESP_LOGI(TAG, "SSL write message")
ret = SSL_write(ssl, send_data, send_bytes);
if (ret > 0) {
ESP_LOGI(TAG, "OK")
} else {
ESP_LOGI(TAG, "error")
}
break;
}
} while (1);
SSL_shutdown(ssl);
failed5:
close(new_socket);
new_socket = -1;
failed4:
SSL_free(ssl);
ssl = NULL;
goto reconnect;
failed3:
close(socket);
socket = -1;
failed2:
SSL_CTX_free(ctx);
ctx = NULL;
failed1:
vTaskDelete(NULL);
return ;
}
static void openssl_client_init(void)
{
int ret;
xTaskHandle openssl_handle;
ret = xTaskCreate(openssl_demo_thread,
OPENSSL_DEMO_THREAD_NAME,
OPENSSL_DEMO_THREAD_STACK_WORDS,
NULL,
OPENSSL_DEMO_THREAD_PRORIOTY,
&openssl_handle);
if (ret != pdPASS) {
ESP_LOGI(TAG, "create thread %s failed", OPENSSL_DEMO_THREAD_NAME);
}
}
static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
{
switch(event->event_id) {
case SYSTEM_EVENT_STA_START:
esp_wifi_connect();
break;
case SYSTEM_EVENT_STA_GOT_IP:
xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
openssl_client_init();
break;
case SYSTEM_EVENT_STA_DISCONNECTED:
/* This is a workaround as ESP32 WiFi libs don't currently
auto-reassociate. */
esp_wifi_connect();
xEventGroupClearBits(wifi_event_group, CONNECTED_BIT);
break;
default:
break;
}
return ESP_OK;
}
static void wifi_conn_init(void)
{
tcpip_adapter_init();
wifi_event_group = xEventGroupCreate();
ESP_ERROR_CHECK( esp_event_loop_init(wifi_event_handler, NULL) );
wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
ESP_ERROR_CHECK( esp_wifi_init(&cfg) );
ESP_ERROR_CHECK( esp_wifi_set_storage(WIFI_STORAGE_RAM) );
wifi_config_t wifi_config = {
.sta = {
.ssid = EXAMPLE_WIFI_SSID,
.password = EXAMPLE_WIFI_PASS,
},
};
ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) );
ESP_ERROR_CHECK( esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
ESP_LOGI(TAG, "start the WIFI SSID:[%s] password:[%s]\n", EXAMPLE_WIFI_SSID, EXAMPLE_WIFI_PASS);
ESP_ERROR_CHECK( esp_wifi_start() );
}
void app_main(void)
{
ESP_ERROR_CHECK( nvs_flash_init() );
wifi_conn_init();
}