Support MutualAuthentication in HTTPsServer

2024-09-19 14:26:01 -04:00 · 2019-12-03 12:22:06 +01:00 · 2019-12-03 12:22:06 +01:00 · 559cd57ea6
commit 559cd57ea6
parent 6f7be93d53
2 changed files with 24 additions and 3 deletions
--- a/components/esp_https_server/include/esp_https_server.h
+++ b/components/esp_https_server/include/esp_https_server.h
@ -47,6 +47,12 @@ struct httpd_ssl_config {
    /** CA certificate byte length */
    size_t cacert_len;

+    /** Server certificate */
+    const uint8_t *servercert_pem;
+
+    /** Server certificate byte length */
+    size_t servercert_len;
+
    /** Private key */
    const uint8_t *prvtkey_pem;

@ -100,6 +106,8 @@ typedef struct httpd_ssl_config httpd_ssl_config_t;
    },                                            \
    .cacert_pem = NULL,                           \
    .cacert_len = 0,                              \
+    .servercert_pem = NULL,                       \
+    .servercert_len = 0,                          \
    .prvtkey_pem = NULL,                          \
    .prvtkey_len = 0,                             \
    .transport_mode = HTTPD_SSL_TRANSPORT_SECURE, \
--- a/components/esp_https_server/src/https_server.c
+++ b/components/esp_https_server/src/https_server.c
@ -135,6 +135,9 @@ static void free_secure_context(void *ctx)
    assert(ctx != NULL);
    esp_tls_cfg_server_t *cfg = (esp_tls_cfg_server_t *)ctx;
    ESP_LOGI(TAG, "Server shuts down, releasing SSL context");
+    if (cfg->cacert_buf) {
+        free((void *)cfg->cacert_buf);
+    }
    if (cfg->servercert_buf) {
        free((void *)cfg->servercert_buf);
    }
@ -150,17 +153,27 @@ static esp_tls_cfg_server_t *create_secure_context(const struct httpd_ssl_config
    if (!cfg) {
        return NULL;
    }
-    cfg->servercert_buf = (unsigned char *)malloc(config->cacert_len);
-    if (!cfg->servercert_buf) {
+    cfg->cacert_buf = (unsigned char *)malloc(config->cacert_len);
+    if (!cfg->cacert_buf) {
        free(cfg);
        return NULL;
    }
-    memcpy((char *)cfg->servercert_buf, config->cacert_pem, config->cacert_len);
+    memcpy((char *)cfg->cacert_buf, config->cacert_pem, config->cacert_len);
+    cfg->cacert_bytes = config->cacert_len;
+
+    cfg->servercert_buf = (unsigned char *)malloc(config->cacert_len);
+    if (!cfg->servercert_buf) {
+        free((void *)cfg->cacert_buf);
+        free(cfg);
+        return NULL;
+    }
+    memcpy((char *)cfg->servercert_buf, config->servercert_pem, config->servercert_len);
    cfg->servercert_bytes = config->cacert_len;

    cfg->serverkey_buf = (unsigned char *)malloc(config->prvtkey_len);
    if (!cfg->serverkey_buf) {
        free((void *)cfg->servercert_buf);
+        free((void *)cfg->cacert_buf);
        free(cfg);
        return NULL;
    }