alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-10-05 20:47:46 -04:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

http2_request_example: Use esp_crt_bundle instead of hardcoded root

Browse Source 
certificate in order to avoid frequent failure of the example due to
shift in CA chain
This commit is contained in:
Aditya Patwardhan 2022-04-13 05:00:52 +05:30
parent 047903c612
commit 3b1f1febc8
4 changed files with 9 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
examples/protocols/http2_request/main/CMakeLists.txt
View File

@ -1,3 +1,2 @@
idf_component_register(SRCS "http2_request_example_main.c" idf_component_register(SRCS "http2_request_example_main.c"
INCLUDE_DIRS "." INCLUDE_DIRS ".")
EMBED_TXTFILES "http2_github_io_root_cert.pem")

28
examples/protocols/http2_request/main/http2_github_io_root_cert.pem
View File

@ -1,28 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBs
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
ZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDEL
MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3Vy
YW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2
4C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMIC
Kq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1
itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn
4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0X
sh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcft
bZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEA
MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
NAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy
dC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29t
L0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIG
BFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQ
UzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7D
aQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwd
aOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNH
E+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly
/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zu
xICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF
0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0Ae
cPUeybQ=
-----END CERTIFICATE-----

13
examples/protocols/http2_request/main/http2_request_example_main.c
View File

@ -22,13 +22,12 @@
#include "nvs_flash.h" #include "nvs_flash.h"
#include "protocol_examples_common.h" #include "protocol_examples_common.h"
#include "esp_netif.h" #include "esp_netif.h"
#if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
#include "esp_crt_bundle.h"
#endif
#include "sh2lib.h" #include "sh2lib.h"
extern const uint8_t server_root_cert_pem_start[] asm("_binary_http2_github_io_root_cert_pem_start");
extern const uint8_t server_root_cert_pem_end[] asm("_binary_http2_github_io_root_cert_pem_end");
/* The HTTP/2 server to connect to */ /* The HTTP/2 server to connect to */
#define HTTP2_SERVER_URI "https://http2.github.io" #define HTTP2_SERVER_URI "https://http2.github.io"
/* A GET request that keeps streaming current time every second */ /* A GET request that keeps streaming current time every second */
@ -102,10 +101,12 @@ static void http2_task(void *args)
/* HTTP2: one connection multiple requests. Do the TLS/TCP connection first */ /* HTTP2: one connection multiple requests. Do the TLS/TCP connection first */
printf("Connecting to server\n"); printf("Connecting to server\n");
struct sh2lib_config_t cfg = { struct sh2lib_config_t cfg = {
.uri = HTTP2_SERVER_URI, .uri = HTTP2_SERVER_URI,
.cacert_buf = server_root_cert_pem_start, #if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
.cacert_bytes = server_root_cert_pem_end - server_root_cert_pem_start, .crt_bundle_attach = esp_crt_bundle_attach,
#endif
}; };
struct sh2lib_handle hd; struct sh2lib_handle hd;

1
examples/protocols/http2_request/sdkconfig.defaults Normal file
View File

@ -0,0 +1 @@
CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_CMN=y