Merge branch 'bugfix/esp_crt_bundle_build_issue_v4.3' into 'release/v4.3'

esp_crt_bundle: Fix build problems if MBEDTLS_CERTIFICATE_BUNDLE is disabled (v4.3) See merge request espressif/esp-idf!18476
2024-10-05 20:47:46 -04:00 · 2022-06-17 14:15:44 +08:00 · 2022-06-17 14:15:44 +08:00 · d9610cfa0b
commit d9610cfa0b
parent e2ebb90df3 9b593dcb67
4 changed files with 44 additions and 20 deletions
--- a/components/mbedtls/CMakeLists.txt
+++ b/components/mbedtls/CMakeLists.txt
@ -1,8 +1,16 @@
 idf_build_get_property(idf_target IDF_TARGET)
 idf_build_get_property(python PYTHON)

-idf_component_register(SRCS "esp_crt_bundle/esp_crt_bundle.c"
-    INCLUDE_DIRS "port/include" "mbedtls/include" "esp_crt_bundle/include"
+set(mbedtls_srcs "")
+set(mbedtls_include_dirs "port/include" "mbedtls/include")
+
+if(CONFIG_MBEDTLS_CERTIFICATE_BUNDLE)
+    list(APPEND mbedtls_srcs "esp_crt_bundle/esp_crt_bundle.c")
+    list(APPEND mbedtls_include_dirs "esp_crt_bundle/include")
+endif()
+
+idf_component_register(SRCS "${mbedtls_srcs}"
+    INCLUDE_DIRS "${mbedtls_include_dirs}"
    REQUIRES lwip
    PRIV_REQUIRES esp_pm soc
    )
@ -181,7 +189,14 @@ endif()
 set_property(TARGET mbedcrypto APPEND PROPERTY LINK_INTERFACE_LIBRARIES mbedtls)

 # Link mbedtls libraries to component library
-target_link_libraries(${COMPONENT_LIB} PUBLIC ${mbedtls_targets})
+if(mbedtls_srcs STREQUAL "")
+    # For no sources in component library we must use "INTERFACE"
+    set(linkage_type INTERFACE)
+else()
+    set(linkage_type PUBLIC)
+endif()
+
+target_link_libraries(${COMPONENT_LIB} ${linkage_type} ${mbedtls_targets})

 if(CONFIG_ESP_TLS_USE_DS_PERIPHERAL)
    # Link target (e.g. esp32s2) library to component library
@ -189,11 +204,11 @@ if(CONFIG_ESP_TLS_USE_DS_PERIPHERAL)
    set_property(TARGET mbedcrypto APPEND PROPERTY INTERFACE_LINK_LIBRARIES $<LINK_ONLY:${target_lib}>)
    # The linker seems to be unable to resolve all the dependencies without increasing this
    set_property(TARGET mbedcrypto APPEND PROPERTY LINK_INTERFACE_MULTIPLICITY 6)
-    target_link_libraries(${COMPONENT_LIB} PUBLIC ${target_lib})
+    target_link_libraries(${COMPONENT_LIB} ${linkage_type} ${target_lib})
 endif()

 # Link esp-cryptoauthlib to mbedtls
 if(CONFIG_ATCA_MBEDTLS_ECDSA)
    idf_component_get_property(cryptoauthlib esp-cryptoauthlib COMPONENT_LIB)
-    target_link_libraries(${COMPONENT_LIB} PUBLIC ${cryptoauthlib})
+    target_link_libraries(${COMPONENT_LIB} ${linkage_type} ${cryptoauthlib})
 endif()
--- a/examples/protocols/esp_http_client/main/esp_http_client_example.c
+++ b/examples/protocols/esp_http_client/main/esp_http_client_example.c
@ -18,6 +18,9 @@
 #include "esp_netif.h"
 #include "protocol_examples_common.h"
 #include "esp_tls.h"
+#if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
+#include "esp_crt_bundle.h"
+#endif

 #include "esp_http_client.h"

@ -366,12 +369,13 @@ static void http_auth_digest(void)
    esp_http_client_cleanup(client);
 }

+#if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
 static void https_with_url(void)
 {
    esp_http_client_config_t config = {
        .url = "https://www.howsmyssl.com",
        .event_handler = _http_event_handler,
-        .cert_pem = howsmyssl_com_root_cert_pem_start,
+        .crt_bundle_attach = esp_crt_bundle_attach,
    };
    esp_http_client_handle_t client = esp_http_client_init(&config);
    esp_err_t err = esp_http_client_perform(client);
@ -385,6 +389,7 @@ static void https_with_url(void)
    }
    esp_http_client_cleanup(client);
 }
+#endif // CONFIG_MBEDTLS_CERTIFICATE_BUNDLE

 static void https_with_hostname_path(void)
 {
@ -637,12 +642,13 @@ static void http_native_request(void)
    esp_http_client_cleanup(client);
 }

+#if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
 static void http_partial_download(void)
 {
    esp_http_client_config_t config = {
        .url = "https://dl.espressif.com/dl/esp-idf/ci/esp_http_client_demo.txt",
        .event_handler = _http_event_handler,
-        .cert_pem = dl_espressif_com_root_cert_pem_start,
+        .crt_bundle_attach = esp_crt_bundle_attach,
    };
    esp_http_client_handle_t client = esp_http_client_init(&config);

@ -681,6 +687,7 @@ static void http_partial_download(void)

    esp_http_client_cleanup(client);
 }
+#endif // CONFIG_MBEDTLS_CERTIFICATE_BUNDLE

 static void http_test_task(void *pvParameters)
 {
@ -693,7 +700,9 @@ static void http_test_task(void *pvParameters)
    http_auth_digest();
    http_relative_redirect();
    http_absolute_redirect();
+#if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
    https_with_url();
+#endif
    https_with_hostname_path();
    http_redirect_to_https();
    http_download_chunk();
@ -701,7 +710,9 @@ static void http_test_task(void *pvParameters)
    https_async();
    https_with_invalid_url();
    http_native_request();
+#if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
    http_partial_download();
+#endif

    ESP_LOGI(TAG, "Finish http example");
    vTaskDelete(NULL);
--- a/examples/protocols/https_request/main/https_request_example_main.c
+++ b/examples/protocols/https_request/main/https_request_example_main.c
@ -5,22 +5,13 @@
 *
 * Adapted from the ssl_client1 example in mbedtls.
 *
- * Original Copyright (C) 2006-2016, ARM Limited, All Rights Reserved, Apache 2.0 License.
- * Additions Copyright (C) Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD, Apache 2.0 License.
+ * SPDX-FileCopyrightText: 2006-2016 ARM Limited, All Rights Reserved
 *
+ * SPDX-License-Identifier: Apache-2.0
 *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * SPDX-FileContributor: 2015-2022 Espressif Systems (Shanghai) CO LTD
 */
+
 #include <string.h>
 #include <stdlib.h>
 #include "freertos/FreeRTOS.h"
@ -41,7 +32,9 @@
 #include "lwip/dns.h"

 #include "esp_tls.h"
+#if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
 #include "esp_crt_bundle.h"
+#endif

 /* Constants that aren't configurable in menuconfig */
 #define WEB_SERVER "www.howsmyssl.com"
@ -134,6 +127,7 @@ exit:
    }
 }

+#if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
 static void https_get_request_using_crt_bundle(void)
 {
    ESP_LOGI(TAG, "https_request using crt bundle");
@ -142,6 +136,7 @@ static void https_get_request_using_crt_bundle(void)
    };
    https_get_request(cfg);
 }
+#endif // CONFIG_MBEDTLS_CERTIFICATE_BUNDLE

 static void https_get_request_using_cacert_buf(void)
 {
@ -173,7 +168,9 @@ static void https_request_task(void *pvparameters)
 {
    ESP_LOGI(TAG, "Start https_request example");

+#if CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
    https_get_request_using_crt_bundle();
+#endif
    https_get_request_using_cacert_buf();
    https_get_request_using_global_ca_store();

--- a/tools/test_apps/system/build_test/sdkconfig.ci.no_esp_cert_bundle
+++ b/tools/test_apps/system/build_test/sdkconfig.ci.no_esp_cert_bundle
@ -0,0 +1 @@
+CONFIG_MBEDTLS_CERTIFICATE_BUNDLE=n