alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-09-20 00:36:01 -04:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'docs/esp_https_server_api_cleanup' into 'master'

Browse Source 
docs: Updated migration guide for esp_https_server API breaking changes

Closes IDF-4678

See merge request espressif/esp-idf!17360
This commit is contained in:
Mahavir Jain 2022-03-06 14:26:55 +08:00
commit 5faf116d26
2 changed files with 19 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/en/api-reference/protocols/esp_local_ctrl.rst
View File

@ -54,10 +54,10 @@ Similarly for HTTPS transport:
httpd_ssl_config_t https_conf = HTTPD_SSL_CONFIG_DEFAULT();
/* Load server certificate */
extern const unsigned char cacert_pem_start[] asm("_binary_cacert_pem_start");
extern const unsigned char cacert_pem_end[] asm("_binary_cacert_pem_end");
https_conf.cacert_pem = cacert_pem_start;
https_conf.cacert_len = cacert_pem_end - cacert_pem_start;
extern const unsigned char servercert_start[] asm("_binary_servercert_pem_start");
extern const unsigned char servercert_end[] asm("_binary_servercert_pem_end");
https_conf.servercert = servercert_start;
https_conf.servercert_len = servercert_end - servercert_start;
/* Load server private key */
extern const unsigned char prvtkey_pem_start[] asm("_binary_prvtkey_pem_start");

15
docs/en/migration-guides/protocols.rst
View File

@ -57,3 +57,18 @@ The Diffie-Hellman Key Exchange modes have now been disabled by default due to s
- ``MBEDTLS_KEY_EXCHANGE_DHE_RSA`` : Support for cipher suites with the prefix ``TLS-DHE-RSA-WITH-``
.. note:: During the initial step of the handshake (i.e. ``client_hello``), the server selects a cipher from the list that the client publishes. As the DHE_PSK/DHE_RSA ciphers have now been disabled by the above change, the server would fall back to an alternative cipher; if in a rare case, it does not support any other cipher, the handshake would fail. To retrieve the list of ciphers supported by the server, one must attempt to connect with the server with a specific cipher from the client-side. Few utilities can help do this, e.g. ``sslscan``.
ESP HTTPS SERVER
-----------------
Breaking Changes (Summary)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Names of variables holding different certs in :cpp:type:`httpd_ssl_config_t` structure have been updated.
.. list::
* :cpp:member:`servercert` variable inherits role of :cpp:member:`cacert_pem` variable.
* :cpp:member:`servercert_len` variable inherits role of :cpp:member:`cacert_len` variable
* :cpp:member:`cacert_pem` variable inherits role of :cpp:member:`client_verify_cert_pem` variable
* :cpp:member:`cacert_len` variable inherits role of :cpp:member:`client_verify_cert_len` variable