alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-10-05 20:47:46 -04:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

esp_local_ctrl: Add support for insecure HTTP server transport

Browse Source
This commit is contained in:
Laukik Hase 2022-12-16 16:04:22 +05:30
parent 490216a2ac
commit 7279244f8c
No known key found for this signature in database
GPG Key ID: 11C571361F51A199
8 changed files with 82 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
components/esp_local_ctrl/CMakeLists.txt
View File

@ -4,11 +4,6 @@ set(srcs "src/esp_local_ctrl.c"
"src/esp_local_ctrl_handler.c"
"proto-c/esp_local_ctrl.pb-c.c")
if(CONFIG_ESP_HTTPS_SERVER_ENABLE)
list(APPEND srcs
"src/esp_local_ctrl_transport_httpd.c")
endif()
if(CONFIG_BT_ENABLED)
if(CONFIG_BT_BLUEDROID_ENABLED)
list(APPEND srcs
@ -16,6 +11,8 @@ if(CONFIG_BT_ENABLED)
endif()
endif()
list(APPEND srcs
"src/esp_local_ctrl_transport_httpd.c")
idf_component_register(SRCS "${srcs}"
INCLUDE_DIRS "${include_dirs}"

11
components/esp_local_ctrl/include/esp_local_ctrl.h
View File

@ -197,12 +197,17 @@ typedef struct protocomm_ble_config esp_local_ctrl_transport_config_ble_t;
/**
* @brief Configuration for transport mode HTTPD
*
* This is a forward declaration for `httpd_ssl_config_t`.
* To use this, application must set CONFIG_ESP_HTTPS_SERVER_ENABLE
* This is a forward declaration for `httpd_ssl_config_t` (for HTTPS)
* or `httpd_config_t` (for HTTP)
*/
#ifdef CONFIG_ESP_HTTPS_SERVER_ENABLE
/* To use this, application must set CONFIG_ESP_HTTPS_SERVER_ENABLE
* and include `esp_https_server.h`
*/
typedef struct httpd_ssl_config esp_local_ctrl_transport_config_httpd_t;
#else
typedef struct httpd_config esp_local_ctrl_transport_config_httpd_t;
#endif
/**
* @brief Transport mode (BLE / HTTPD) configuration
*/

30
components/esp_local_ctrl/src/esp_local_ctrl_transport_httpd.c
View File

@ -19,7 +19,19 @@
#include <esp_netif.h>
#include <protocomm_httpd.h>
#include <esp_local_ctrl.h>
#ifdef CONFIG_ESP_HTTPS_SERVER_ENABLE
#include <esp_https_server.h>
#else
#include <esp_http_server.h>
#endif
#ifdef CONFIG_ESP_HTTPS_SERVER_ENABLE
#define esp_local_ctrl_httpd_start httpd_ssl_start
#define esp_local_ctrl_httpd_stop httpd_ssl_stop
#else
#define esp_local_ctrl_httpd_start httpd_start
#define esp_local_ctrl_httpd_stop httpd_stop
#endif
#include "esp_local_ctrl_priv.h"
@ -38,12 +50,17 @@ static esp_err_t start_httpd_transport(protocomm_t *pc, const esp_local_ctrl_tra
esp_err_t err;
#ifdef WITH_MDNS
uint16_t port = 0;
#ifdef CONFIG_ESP_HTTPS_SERVER_ENABLE
/* Extract configured port */
uint16_t port = (
port = (
config->httpd->transport_mode == HTTPD_SSL_TRANSPORT_SECURE ?
config->httpd->port_secure :
config->httpd->port_insecure
);
#else
port = config->httpd->server_port;
#endif
err = mdns_service_add("Local Control Service", "_esp_local_ctrl",
"_tcp", port, NULL, 0);
if (err != ESP_OK) {
@ -64,9 +81,9 @@ static esp_err_t start_httpd_transport(protocomm_t *pc, const esp_local_ctrl_tra
}
}
#endif
err = httpd_ssl_start(&server_handle, config->httpd);
err = esp_local_ctrl_httpd_start(&server_handle, config->httpd);
if (ESP_OK != err) {
ESP_LOGE(TAG, "Error starting HTTPS service!");
ESP_LOGE(TAG, "Error starting HTTP/S service!");
#ifdef WITH_MDNS
mdns_service_remove("_esp_local_ctrl", "_tcp");
#endif
@ -89,7 +106,7 @@ static void stop_httpd_transport(protocomm_t *pc)
mdns_service_remove("_esp_local_ctrl", "_tcp");
#endif
protocomm_httpd_stop(pc);
if (httpd_ssl_stop(server_handle) == ESP_OK) {
if (esp_local_ctrl_httpd_stop(server_handle) == ESP_OK) {
server_handle = NULL;
}
}
@ -101,14 +118,15 @@ static esp_err_t copy_httpd_config(esp_local_ctrl_transport_config_t *dest_confi
return ESP_ERR_INVALID_ARG;
}
dest_config->httpd = calloc(1, sizeof(httpd_ssl_config_t));
dest_config->httpd = calloc(1, sizeof(esp_local_ctrl_transport_config_httpd_t));
if (!dest_config->httpd) {
ESP_LOGE(TAG, "Failed to allocate memory for HTTPD transport config");
return ESP_ERR_NO_MEM;
}
memcpy(dest_config->httpd,
src_config->httpd,
sizeof(httpd_ssl_config_t));
sizeof(esp_local_ctrl_transport_config_httpd_t));
return ESP_OK;
}

4
examples/protocols/esp_local_ctrl/README.md
View File

@ -73,12 +73,14 @@ Select properties to set (0 to re-read, 'q' to quit) : q
Quitting...
```
The script also allows to connect over BLE, and provide a custom service name. To display the list of supported parameters, run:
The script also allows to connect over plain HTTP or BLE, and provide a custom service name. To display the list of supported parameters, run:
```
python scripts/esp_local_ctrl.py --help
```
**Note:** To use plain HTTP transport, disable the config option `CONFIG_ESP_HTTPS_SERVER_ENABLE`.
## Certificates
You can generate a new server certificate using the OpenSSL command line tool.

15
examples/protocols/esp_local_ctrl/main/esp_local_ctrl_service.c
View File

@ -20,8 +20,11 @@
#include <esp_log.h>
#include <esp_timer.h>
#include <esp_local_ctrl.h>
#ifdef CONFIG_ESP_HTTPS_SERVER_ENABLE
#include <esp_https_server.h>
#else
#include <esp_http_server.h>
#endif
static const char *TAG = "control";
#define SERVICE_NAME "my_esp_ctrl_device"
@ -159,6 +162,7 @@ static void free_str(void *arg)
/* Function used by app_main to start the esp_local_ctrl service */
void start_esp_local_ctrl_service(void)
{
#ifdef CONFIG_ESP_HTTPS_SERVER_ENABLE
/* Set the configuration */
httpd_ssl_config_t https_conf = HTTPD_SSL_CONFIG_DEFAULT();
@ -173,11 +177,18 @@ void start_esp_local_ctrl_service(void)
extern const unsigned char prvtkey_pem_end[] asm("_binary_prvtkey_pem_end");
https_conf.prvtkey_pem = prvtkey_pem_start;
https_conf.prvtkey_len = prvtkey_pem_end - prvtkey_pem_start;
#else
httpd_config_t http_conf = HTTPD_DEFAULT_CONFIG();
#endif
esp_local_ctrl_config_t config = {
.transport = ESP_LOCAL_CTRL_TRANSPORT_HTTPD,
.transport_config = {
.httpd = &https_conf
#ifdef CONFIG_ESP_HTTPS_SERVER_ENABLE
.httpd = &https_conf,
#else
.httpd = &http_conf,
#endif
},
.proto_sec = {
.version = 0,

34
examples/protocols/esp_local_ctrl/pytest_esp_local_ctrl.py
View File

@ -41,7 +41,15 @@ class CustomProcess(object):
@pytest.mark.supported_targets
@pytest.mark.wifi_router
def test_examples_esp_local_ctrl(dut: Dut) -> None:
@pytest.mark.parametrize(
'config',
[
'default',
'http',
],
indirect=True,
)
def test_examples_esp_local_ctrl(config: str, dut: Dut) -> None:
rel_project_path = os.path.join('examples', 'protocols', 'esp_local_ctrl')
idf_path = get_sdk_path()
@ -53,8 +61,9 @@ def test_examples_esp_local_ctrl(dut: Dut) -> None:
ap_password = get_env_config_variable(env_name, 'ap_password')
dut.write(f'{ap_ssid} {ap_password}')
dut_ip = dut.expect(r'IPv4 address: (\d+\.\d+\.\d+\.\d+)[^\d]')[1].decode()
dut.expect('esp_https_server: Starting server')
dut.expect('esp_https_server: Server listening on port 443')
if config == 'default':
dut.expect('esp_https_server: Starting server')
dut.expect('esp_https_server: Server listening on port 443')
dut.expect('control: esp_local_ctrl service started with name : my_esp_ctrl_device')
def dut_expect_read() -> None:
@ -65,10 +74,18 @@ def test_examples_esp_local_ctrl(dut: Dut) -> None:
# Running mDNS services in docker is not a trivial task. Therefore, the script won't connect to the host name but
# to IP address. However, the certificates were generated for the host name and will be rejected.
cmd = ' '.join([sys.executable, os.path.join(idf_path, rel_project_path, 'scripts/esp_local_ctrl.py'),
'--sec_ver 0',
'--name', dut_ip,
'--dont-check-hostname']) # don't reject the certificate because of the hostname
if config == 'default':
cmd = ' '.join([sys.executable, os.path.join(idf_path, rel_project_path, 'scripts/esp_local_ctrl.py'),
'--sec_ver 0',
'--name', dut_ip,
'--dont-check-hostname']) # don't reject the certificate because of the hostname
elif config == 'http':
cmd = ' '.join([sys.executable, os.path.join(idf_path, rel_project_path, 'scripts/esp_local_ctrl.py'),
'--sec_ver 0',
'--transport http',
'--name', dut_ip,
'--dont-check-hostname'])
esp_local_ctrl_log = os.path.join(idf_path, rel_project_path, 'esp_local_ctrl.log')
with CustomProcess(cmd, esp_local_ctrl_log) as ctrl_py:
@ -86,7 +103,8 @@ def test_examples_esp_local_ctrl(dut: Dut) -> None:
property3 = ''
ctrl_py.pexpect_proc.expect_exact('Connecting to {}'.format(dut_ip))
dut.expect('esp_https_server: performing session handshake', timeout=60)
if config == 'default':
dut.expect('esp_https_server: performing session handshake', timeout=60)
expect_properties(property1, property3)
ctrl_py.pexpect_proc.sendline('1')

6
examples/protocols/esp_local_ctrl/scripts/esp_local_ctrl.py
View File

@ -124,6 +124,8 @@ async def get_transport(sel_transport, service_name, check_hostname):
try:
tp = None
if (sel_transport == 'http'):
tp = esp_prov.transport.Transport_HTTP(service_name, None)
elif (sel_transport == 'https'):
example_path = os.environ['IDF_PATH'] + '/examples/protocols/esp_local_ctrl'
cert_path = example_path + '/main/certs/rootCA.pem'
ssl_ctx = ssl.create_default_context(cafile=cert_path)
@ -274,7 +276,7 @@ async def main():
help='Protocol version', default='')
parser.add_argument('--transport', dest='transport', type=str,
help='transport i.e http or ble', default='http')
help='transport i.e http/https/ble', default='https')
parser.add_argument('--name', dest='service_name', type=str,
help='BLE Device Name / HTTP Server hostname or IP', default='')
@ -309,7 +311,7 @@ async def main():
if args.service_name == '':
args.service_name = 'my_esp_ctrl_device'
if args.transport == 'http':
if args.transport == 'http' or args.transport == 'https':
args.service_name += '.local'
obj_transport = await get_transport(args.transport, args.service_name, not args.dont_check_hostname)

2
examples/protocols/esp_local_ctrl/sdkconfig.ci.http Normal file
View File

@ -0,0 +1,2 @@
CONFIG_EXAMPLE_WIFI_SSID_PWD_FROM_STDIN=y
CONFIG_ESP_HTTPS_SERVER_ENABLE=n