Commit Graph

61 Commits

Author SHA1 Message Date
Laukik Hase
081e2ac97e
esp_tls: Fix issue when timeout is not explicitly given in esp_tls_cfg_t
- If internet connectivity weakened or disappeared suddenly while we were
  in the TLS handshake stage, the app got stuck at that point indefinitely.
- This was because when timeout was not explicitly specified in esp_tls_cfg_t,
  the default timeout was set at the wrong place. This causes the sockets to be
  setup with zero timeout, hence the indefinite wait.
2022-12-21 14:42:33 +05:30
Li Jingyi
6d58008119 esp-tls: add api to free client session
Free session with mbedtls api to avoid mem-leak
2022-05-23 16:28:40 +08:00
Aditya Patwardhan
788c9ddf8d esp_tls: Added getter function for esp_tls ssl ctx. 2022-05-11 07:09:34 +00:00
Aditya Patwardhan
434e74ff73 esp_tls: Make esp_tls_t as private structure. 2022-05-11 07:09:34 +00:00
Laukik Hase
864c59c091
esp_tls: Remove deprecated API
- Removed deprecated esp_tls_conn_new() viz. duplicated by
  esp_tls_conn_new_sync()
- Removed deprecated esp_tls_conn_delete()
- Marked esp_tls_conn_http_new() as deprecated, added alternative
  esp_tls_conn_http_new_sync() (similar to esp_tls_conn_http_new_async())
2022-04-20 12:18:25 +05:30
Mahavir Jain
c26500cd5a esp-tls: mark esp_tls_conn_delete API as deprecated
It is recommended to use `esp_tls_conn_destroy` API instead
2022-01-04 15:40:07 +05:30
Aditya Patwardhan
b4e4b9f20d Added support for client session tickets in esp-tls (with mbedtls)
* client session tickets for individual tls connections are supported
* reorganize the esp-tls error codes.
* Update esp_err_to_name.c
* Fix styling
2021-09-15 22:19:04 +05:30
Daniel Bahrdt
7e886ca9ed Implement server session ticket support with mbedtls
Closes https://github.com/espressif/esp-idf/pull/7048

Signed-off-by: Aditya Patwardhan <aditya.patwardhan@espressif.com>
2021-09-15 22:19:04 +05:30
Jan Brudny
967e057906 esp-tls, esp_http_client and esp_http_server: update copyright notice 2021-05-31 20:06:09 +08:00
David Cermak
f68d7d7023 esp_tls: Renamed public API to indicate the Plain TCP connection
Also added parameter checks if used from as a public API
and updated the `is_plein_tcp` description that it's possible to connect
directly using plain tcp transport with the new API.
2021-05-25 10:55:50 +02:00
David Cermak
f249ddd9ae esp_transport: Use tcp_connect from esp_tls for plain TCP
so we don't have to allocate esp_tls structure (~2KB) to save heap when using plain TCP connection

Closes https://github.com/espressif/esp-idf/issues/6940
2021-05-25 07:04:02 +02:00
Jiri Schiebel
c01e259a98 esp_tls: esp_tls_connect: Reduce input params to err_handle
Pass only the error_handle instead of instead of the full config structure
2021-05-25 07:04:02 +02:00
Axel Lin
52442be9e1 esp-tls: Fix setsockopt for TCP_KEEPIDLE
Current code applies keep_alive_enable setting to TCP_KEEPIDLE, fix it.

Fixes: 2d25252746 ("esp-tls: Rework tcp_connect() to use more subroutines")
Signed-off-by: Axel Lin <axel.lin@gmail.com>
2021-04-06 15:37:16 +08:00
yuanjm
f68e55edb3 esp-tls: Separate timeout_ms conditional judgement from keep alive 2021-03-10 02:19:29 +00:00
yuanjm
c62cbd1254 transport: Support bind socket to specified interface in transport and esp-tls 2021-03-10 02:19:29 +00:00
yuanjm
da58235a0e components: Use CONFIG_LWIP_IPV6 to strip IPv6 function in components 2021-02-23 18:26:03 +08:00
David Cermak
5cfa545d08 esp-tls: Added _esp_tls_net_init to init fd for both mbedtls/wolfssl 2021-02-16 09:01:35 +01:00
David Cermak
2d25252746 esp-tls: Rework tcp_connect() to use more subroutines
Refactored the esp_tcp_connect() functionality to break it down to
* dns-resolution + socket creation
* set configured socket options
* set/reset non-block mode
* the actual connection in non-blocking mode
2021-02-16 09:01:35 +01:00
David Cermak
6b318fe583 esp_tls: Updated connection method to use non-blocking connect
For better control over connection timeouts
To be in line with former tcp_transport, as esp-tls is not used for
plain tcp transports
2021-02-16 09:00:43 +01:00
David Cermak
2c28ffffee tcp_transport/esp_tls: Use common TCP transport to reduce code duplication
For high level review of the changes.
2021-02-16 09:00:43 +01:00
yuanjm
044c3e3e74 Modify esp-tls and tcp_transport to support keep alive for tcp and ssl connection
Closes IDFGH-4543
2021-01-22 06:56:28 +00:00
Angus Gratton
935e4b4d62 Merge branch 'feature/riscv_arch' into 'master'
Add RISC-V support

Closes IDF-2359

See merge request espressif/esp-idf!11140
2020-11-13 07:50:31 +08:00
Angus Gratton
420aef1ffe Updates for riscv support
* Target components pull in xtensa component directly
* Use CPU HAL where applicable
* Remove unnecessary xtensa headers
* Compilation changes necessary to support non-xtensa gcc types (ie int32_t/uint32_t is no
  longer signed/unsigned int).

Changes come from internal branch commit a6723fc
2020-11-13 07:49:11 +11:00
David Cermak
ce519ee783 tcp_transport: Extend transport error storage for socket error
Everytime we report error and log errno, we also capture the actual
errno to an internal storage so that user application can retrieve
its value.
2020-11-12 12:46:22 +00:00
David Cermak
6182e6f303 tcp_transport: close to return error only for socket error or invalid args
Closes https://github.com/espressif/esp-idf/issues/4872
2020-05-05 15:53:09 +02:00
Aditya Patwardhan
d35862b662 esp-tls: Add support for https_server using wolfSSL 2020-02-27 15:20:22 +05:30
Angus Gratton
3f532c8895 Merge branch 'bugfix/esp_tls_blocking_timeout' into 'master'
esp-tls: add timeout for blocking connection

See merge request espressif/esp-idf!7316
2020-01-20 09:35:23 +08:00
David Cermak
98cf3142fa esp_tls: fail connection if esp_tls_conn_new() timeouts 2020-01-16 07:32:19 +00:00
David Cermak
aa3b1da384 esp_tls: added connection timeout to esp_tls_conn_new_sync() 2020-01-16 07:32:19 +00:00
Aditya Patwardhan
c7418042b4 esp32/esp-tls: provide API to retrieve sockfd value from esp_tls_t 2020-01-16 12:27:44 +05:30
Ivan Grokhotkov
87a41fabfa esp-tls: check return value of fcntl 2019-12-11 14:53:27 +01:00
Aditya Patwardhan
f7eaa5f946 ESP_TLS: Restructuring esp_tls
1)Segregating mbedtls API into seperate file and cleaned esp_tls.c
2)Added support for wolfssl for CMake and make
3)Added support for debug_wolfssl (with menuconfig option)
4)Added info on wolfssl in ESP-TLS docs
2019-10-28 16:05:22 +05:30
David Cermak
a9e63d947b esp-tls: Added support for fragmenting outgoing data in tls_write(), for cases of out data being larger than the maximum out buffer of underlying tls-stack. 2019-10-22 08:49:42 +00:00
Liu Han
3ca07b3e70 fix(transport): Fix a bug of the connection whether be active or not by timeout option when the select function return a correct value. 2019-09-12 13:55:47 +08:00
David Cermak
f3d6a34e7d esp_tls: enable psk verification mode, added mqtt example using psk authentication 2019-08-07 14:27:40 +10:00
Angus Gratton
7ef5fa8a0a Merge branch 'feature/transport_support_der_certs' into 'master'
tcp transport ssl DER-support

See merge request espressif/esp-idf!5627
2019-08-05 09:52:08 +08:00
David Cermak
25dd5e39af esp-tls: Naming variables refering to certificates and keys in a neutral way to suggest that both PEM and DER format could be used, added comments descibing important details about using these formats 2019-08-02 09:25:16 +02:00
Anton Maklakov
afbaf74007 tools: Mass fixing of empty prototypes (for -Wstrict-prototypes) 2019-08-01 16:28:56 +07:00
David Cermak
587739391c esp-tls: extending error handle to contain error descriptors with last mbedtls failure and latest certificate verification result flags, reworked tcp_transport to use this error handle 2019-07-04 20:55:10 +02:00
David Cermak
2972f96982 esp-tls: capturing specific errors to be available in tcp_transport and then in application code 2019-07-04 20:55:10 +02:00
Jitin George
8950f94ec7 esp_tls: Add support for server side SSL/TLS connection
Currently, esp-tls supports creation of SSL/TLS connection on the client side.

This commit includes support for creating SSL/TLS connection on the server side.
2019-06-25 23:43:35 +00:00
Mahavir Jain
0a5dfd3717 mbedtls: add config option for setting debug level
Closes https://github.com/espressif/esp-idf/issues/3521
2019-06-06 18:28:19 +05:30
Jitin George
d1c6bbf42e esp-tls: Add support to add CN from config and validate PEM buffers 2019-05-17 20:06:44 +05:30
Jitin George
77645472ae esp_tls: fix incorrect closing of fd 0 on connection failure
Closes https://github.com/espressif/esp-idf/issues/3149
2019-04-15 10:59:50 +05:30
Paul Reimer
a1204f8b16 Add esp_tls_init_global_ca_store function to esp-tls, called from esp_tls_set_global_ca_store
Signed-off-by: Chirag Atal <chirag.atal@espressif.com>

Merges https://github.com/espressif/esp-idf/pull/2654
2019-01-14 08:25:56 +00:00
Jiang Jiang Jian
ef4a87d62e Merge branch 'bugfix/http_literal_caseinsensitive' into 'master'
Compare case-insensitive URI schemes

See merge request idf/esp-idf!3558
2018-11-12 17:03:06 +08:00
Stephen Bird
0c9f7271a9 Add checks to for CONFIG_MBEDTLS_SSL_ALPN
Merges https://github.com/espressif/esp-idf/pull/2569
2018-11-08 15:57:13 +05:30
Riccardo Binetti
dec70a7601 esp-tls: add support for mutual SSL authentication
Signed-off-by: David Cermak <cermak@espressif.com>
2018-10-30 08:04:09 +01:00
Anton Maklakov
6e6f07ba59 http: Compare case-insensitive URI schemes like as in other places 2018-10-25 21:03:44 +08:00
Chirag Atal
b7cca3c414 Feature: Support for global CA store.
Added a new API esp_tls_set_global_ca_store(esp_tls_cfg_t *cfg) which creates a global_cacert which can be used by multiple connections by setting the use_global_ca_store variable to true in their respective structure of esp_tls_cfg_t. Also changed the cacert in the structure of esp_tls_t to a pointer.
2018-10-05 19:35:57 +05:30