93 Commits

Author SHA1 Message Date
Roland Dobai
766aa57084 Build & config: Remove leftover files from the unsupported "make" build system 2021-11-11 15:32:36 +01:00
David Cermak
cfc001870c openssl: Add deprecation warning to ssl.h
OpenSSL component will be discontinued in ESP-IDF v5.x. The only official TLS API will be esp-tls
Add docs warning about deprecation in v5.x

Removed all examples demonstrating usage of openssl in IDF
2021-10-05 11:45:52 +02:00
suren.gabrielyan
cc78923d23 docs: Update OpenSSL API documents
Closes IDF-2541
2021-03-18 10:42:29 +04:00
Angus Gratton
66fb5a29bb Whitespace: Automated whitespace fixes (large commit)
Apply the pre-commit hook whitespace fixes to all files in the repo.

(Line endings, blank lines at end of file, trailing whitespace)
2020-11-11 07:36:35 +00:00
Jakob Hasse
20c068ef3b cmock: added cmock as component
* changing dependencies from unity->cmock
* added component.mk and Makefile.projbuild
* ignore test dir in gen_esp_err_to_name.py
* added some brief introduction of CMock in IDF
2020-09-02 16:38:37 +08:00
David Cermak
0f72c05d78 openssl: made verification mode conversion to mbetls modes more strict 2020-07-14 10:42:17 +00:00
David Cermak
1c8171c3e8 asio: option to use wolfSSL as TLS stack for ASIO
Plus other minor update, make openssl aware of current modes (SSL_set_mode)
Update coding style in examples and tests, including copyright notices
2020-07-14 10:42:17 +00:00
David Cermak
9459c0dd43 asio: Basic SSL/TLS support in asio port for ESP platform
This port employs IDF port of OpenSSL for most common features, others
are discouraged or not supported. The port also introduces several stubs
for OpenSSL functions which ASIO needs to get compiled and linked.

Upstream ASIO supports WolfSSL as SSL/TLS stack, as well, which is
another option for SSL support in ASIO on ESP platform.
2020-07-14 10:42:17 +00:00
David Cermak
bd1e9b5ea7 openssl: basic support for errors and bio objects
Closes https://github.com/espressif/esp-idf/issues/3406
2020-07-14 10:42:17 +00:00
Roland Dobai
833822c10b Fix Kconfig issues discovered by upstream Kconfiglib 2019-09-23 16:10:57 +02:00
Anton Maklakov
afbaf74007 tools: Mass fixing of empty prototypes (for -Wstrict-prototypes) 2019-08-01 16:28:56 +07:00
Renz Christian Bagaporo
9eccd7c082 components: use new component registration api 2019-06-21 19:53:29 +08:00
Roland Dobai
37126d3451 Correct Kconfigs according to the coding style 2019-01-29 13:37:01 +01:00
Renz Christian Bagaporo
d9939cedd9 cmake: make main a component again 2018-09-11 09:44:12 +08:00
Angus Gratton
ff2404a272 Merge branch 'master' into feature/cmake 2018-08-16 17:14:17 +10:00
Ivan Grokhotkov
b354770f42 Merge branch 'bugfix/fixes_from_github' into 'master'
Fixes from Github

See merge request idf/esp-idf!2730
2018-07-13 15:03:50 +08:00
Angus Gratton
a67d5d89e0 Replace all DOS line endings with Unix
Command run was:
git ls-tree -r HEAD --name-only | xargs dos2unix
2018-07-12 19:10:37 +08:00
Chris Morgan
3e1633354a ssl_pm_reload_crt() - Fix verify_mode checking to match openssl documentation https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_verify.html
Merges https://github.com/espressif/esp-idf/pull/2162
2018-07-09 14:41:56 +08:00
Angus Gratton
6b9784cc45 Merge branch 'master' into feature/cmake_update 2018-05-31 14:46:23 +10:00
Ivan Grokhotkov
cb649e452f remove executable permission from source files 2018-05-29 20:07:45 +08:00
Angus Gratton
1cb5712463 cmake: Add component dependency support
Components should set the COMPONENT_REQUIRES & COMPONENT_PRIVATE_REQUIRES variables to define their
requirements.
2018-04-30 09:59:20 +10:00
Angus Gratton
c671a0c3eb build system: Initial cmake support, work in progress 2018-04-30 09:59:20 +10:00
Roland Dobai
744c2dcdd9 Resolve problems found by enabling -Wwrite-strings compilation flag 2018-04-10 08:53:43 +02:00
Jitin George
f0ebf613f4 OpenSSL API addition 2018-02-20 12:32:12 +05:30
Ivan Grokhotkov
022b4f3251 openssl: add feature check for MBEDTLS_SSL_ALPN
Fixes https://github.com/espressif/esp-idf/issues/1342
2017-12-08 13:00:11 +08:00
Andy Green
ae1f1e9b84 openssl wrapper: introduce X509_VERIFY_PARAM_set/clear_hostflags
This defines the OpenSSL X509_CHECK_FLAG_...s and the set/clear
accessors.  Since none of them are supported, the set / clear
accessor currently always does nothing and returns error.

This call is often part of the generic openssl user code to
set up certificate verification.  This patch allows it to
compile for ESP32 and decide at runtime what to do about
unsupported flags.

Merges https://github.com/espressif/esp-idf/pull/980
2017-11-20 16:25:57 +11:00
Andy Green
effc6c6d0d openssl wrapper: introduce X509_VERIFY_PARAM_set1_host
This lets the user code set the mbedtls hostname using the standard OpenSSL
X509_VERIFY_PARAM_set1_host() API semantics.

The API takes an X509_VERIFY_PARAM pointer.  We use the fact that is
a composed member of the SSL struct to derive the SSL pointer.

The X509_VERIFY_PARAM_set1_host() is unusual in that it can accept a
NUL terminated C string as usual, or a nonterminated pointer + length.
This implementation converts the latter to the former if given, before
using it.

This is enough for user code to get the openssl wrapper to make
mbedtls confirm the CN on the peer cert belongs to the hostname used
to reach it, by doing, eg

	X509_VERIFY_PARAM_set1_host(SSL_get0_param(myssl), myhostname, 0);

Merges https://github.com/espressif/esp-idf/pull/980
2017-11-20 16:24:06 +11:00
Andy Green
0f02a38262 openssl wrapper: introduce SSL_get0_param
This adds the standard OpenSSL api to get a pointer to the SSL struct's
X509_VERIFY_PARAM.  We need this for the OpenSSL api to set the peer
hostname introduced in the next patch.

Part of https://github.com/espressif/esp-idf/pull/980
2017-11-20 16:23:18 +11:00
Kedar Sovani
b65f47c586 [openssl] Add support for SNI (sending the hostname) 2017-10-31 16:57:38 +05:30
Kedar Sovani
3420baa01b [openssl] Add support for defining ALPN protocols 2017-10-31 16:57:38 +05:30
Angus Gratton
c503a01388 mbedtls: Rename net to net_sockets (in line with 2.4.0 API change) 2017-09-07 18:02:39 +10:00
Dong Heng
25e2b07010 components/openssl : Fix compilation error when openssl debugging is enabled 2017-02-20 09:45:50 +08:00
Dong Heng
93395a3370 components/openssl: Add more debugging information at platform level 2017-01-26 10:12:58 +08:00
Dong Heng
1d0c909daf components/openssl: fixes for github issues 219
"SSL_write" doesn't send large buffers correctly
2017-01-24 17:36:32 +08:00
Dong Heng
905180667c components/openssl: refactor openssl debugging and assert function
1. add openssl option at menuconfig
2. remove SSL_ERR to reduce complexity
3. add more functions about debugging and assert

According these, our coders and customers may use and debug the OpenSSL code easily.
2017-01-17 10:15:26 +08:00
Dong Heng
8c7dfef317 examples/10_openssl_server: fixup SSL server with method of specific version
1. add method of any version supporting at OpenSSL and add API in header file
2. change OpenSSL server context method to be method of any version

Fixes http://esp32.com/viewtopic.php?f=14&t=696.
2017-01-05 15:57:25 +08:00
Ivan Grokhotkov
2393d829de remove legacy definitions from esp_types.h 2016-11-22 21:14:36 +08:00
Dong Heng
4d25986aaa Merge branch 'master' into feature/openssl 2016-11-15 15:20:48 +08:00
Dong Heng
dfaac25a37 feature/openssl: add openssl server demo and remove some check function 2016-11-15 15:04:21 +08:00
Dong Heng
734c1dd954 components/openssl: sync the code form esp8266 sdk 2016-11-14 09:40:12 +08:00
Angus Gratton
208e83def7 build system: Refactor component.mk to not need component_common.mk
New makefile component_wrapper.mk allows some variables to be set
before component.mk is evaluated. This properly fixes problems with
sdkconfig being hard to access in all phases of the build.

Including component_common.mk is no longer necessary and will print a
deprecation warning for components which use it.
2016-11-10 15:52:22 +11:00
Dong Heng
12e78e9590 components/openssl: add more debug stream output function 2016-11-01 15:16:14 +08:00
Dong Heng
bc710e5b88 components/openssl: refacetor the SSL debug function
Add the "ssl_opt.h" file to make user able t add its platform interface
2016-11-01 14:59:50 +08:00
Dong Heng
8d1f360ca6 components/openssl: ssl port use esp32_idf default 2016-11-01 13:10:56 +08:00
Dong Heng
16a4d56fe5 components/openssl: remove some platform interface 2016-11-01 13:09:54 +08:00
Dong Heng
fc6b52574a components/openssl: refactor the SSL port function and debug function 2016-11-01 13:07:10 +08:00
Dong Heng
9555ce291e feature/openssl: correct wrong description 2016-10-31 14:13:00 +08:00
Dong Heng
41a91d7cb9 feature/openssl: change the description for docbook 2016-10-31 14:06:29 +08:00
Dong Heng
78392bf76b components/openssl: change the description
1. change the description of Makefile.projbuild
2. remove the license header in the API document
3. add private inlcuding header code in the components file
2016-10-28 14:32:13 +08:00
Dong Heng
5d60a1153d components/openssl: Modify the documentation of OpenSSL-APIs
1. add description of non-supported APIs
2. remove non-supported APIs now
3. add more supported APIs
2016-10-10 11:18:45 +08:00