mirror of
https://github.com/espressif/esp-idf.git
synced 2024-09-20 00:36:01 -04:00
Merge branch 'feature/transport_ssl_support_alpn' into 'master'
tcp_transport: added functionality for using ALPN with SSL Closes IDF-1160 See merge request espressif/esp-idf!6684
This commit is contained in:
commit
f8476c042d
@ -389,15 +389,19 @@ esp_err_t set_client_config(const char *hostname, size_t hostlen, esp_tls_cfg_t
|
||||
return ESP_ERR_MBEDTLS_SSL_CONFIG_DEFAULTS_FAILED;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_MBEDTLS_SSL_ALPN
|
||||
|
||||
if (cfg->alpn_protos) {
|
||||
#ifdef CONFIG_MBEDTLS_SSL_ALPN
|
||||
if ((ret = mbedtls_ssl_conf_alpn_protocols(&tls->conf, cfg->alpn_protos) != 0)) {
|
||||
ESP_LOGE(TAG, "mbedtls_ssl_conf_alpn_protocols returned -0x%x", -ret);
|
||||
ESP_INT_EVENT_TRACKER_CAPTURE(tls->error_handle, ERR_TYPE_MBEDTLS, -ret);
|
||||
return ESP_ERR_MBEDTLS_SSL_CONF_ALPN_PROTOCOLS_FAILED;
|
||||
}
|
||||
}
|
||||
#else
|
||||
ESP_LOGE(TAG, "alpn_protos configured but not enabled in menuconfig: Please enable MBEDTLS_SSL_ALPN option");
|
||||
return ESP_ERR_INVALID_STATE;
|
||||
#endif
|
||||
}
|
||||
if (cfg->use_global_ca_store == true) {
|
||||
esp_err_t esp_ret = set_global_ca_store(tls);
|
||||
if (esp_ret != ESP_OK) {
|
||||
|
@ -103,6 +103,16 @@ void esp_transport_ssl_set_client_key_data(esp_transport_handle_t t, const char
|
||||
*/
|
||||
void esp_transport_ssl_set_client_key_data_der(esp_transport_handle_t t, const char *data, int len);
|
||||
|
||||
/**
|
||||
* @brief Set the list of supported application protocols to be used with ALPN.
|
||||
* Note that, this function stores the pointer to data, rather than making a copy.
|
||||
* So this data must remain valid until after the connection is cleaned up
|
||||
*
|
||||
* @param t ssl transport
|
||||
* @param[in] alpn_porot The list of ALPN protocols, the last entry must be NULL
|
||||
*/
|
||||
void esp_transport_ssl_set_alpn_protocol(esp_transport_handle_t t, const char **alpn_protos);
|
||||
|
||||
/**
|
||||
* @brief Skip validation of certificate's common name field
|
||||
*
|
||||
|
@ -256,6 +256,14 @@ void esp_transport_ssl_set_client_key_data_der(esp_transport_handle_t t, const c
|
||||
}
|
||||
}
|
||||
|
||||
void esp_transport_ssl_set_alpn_protocol(esp_transport_handle_t t, const char **alpn_protos)
|
||||
{
|
||||
transport_ssl_t *ssl = esp_transport_get_context_data(t);
|
||||
if (t && ssl) {
|
||||
ssl->cfg.alpn_protos = alpn_protos;
|
||||
}
|
||||
}
|
||||
|
||||
void esp_transport_ssl_skip_common_name_check(esp_transport_handle_t t)
|
||||
{
|
||||
transport_ssl_t *ssl = esp_transport_get_context_data(t);
|
||||
|
Loading…
Reference in New Issue
Block a user