216 Commits

Author SHA1 Message Date
Aditya Patwardhan
e957b50e50
fix(esp-tls): Reduce parameter check for esp_tls_conn_read
Previously the *data parameters of esp_tls_conn_read
    was required to be non-NULL after espressif/esp-idf!28358.
    This prevents users from using a functionality in esp_tls_conn_read
    where calling `esp_tls_conn_read(ctx, NULL, 0);` triggers the
    transfer of contents from tcp layer to mbedtls (ssl) layer.
    After this the user can read the contents from
    esp_tls_get_bytes_avail().
    This commit removes the additional NULL check on the data field
    to keep this functionality enabled.
2024-08-23 12:08:42 +05:30
wanlei
3cf069c7d8 feat(esp32c61): disable unsupported build test 2024-07-16 16:06:19 +08:00
Alexey Lapshin
ed6e497c6f feat(build): add COMPILER_STATIC_ANALYZER option 2024-06-18 14:25:37 +08:00
Frank Mertens
7a1239457e change(esp-tls): make wolfSSL backend send SNI and enable OCSP
Almost all sites these days are virtually hosted and hence
SNI (server name indicator TLS extension) should be enabled by
default.

In addition this change enables OCSP (online server status protocol)
support for esp-tls clients using the wolfSSL backend.
The 3 code lines enable OCSP stabling v1.
By default this feature is disabled.
(I will send another PR on esp-wolfssl repository to allow to
enable it easily.)
2024-05-30 21:02:12 +08:00
Frank Mertens
7e1e3df43c fix(esp-tls): make the wolfSSL backend send entire client certificate chains
This change makes the wolfSSL backend sent the complete TLS client certificate
chain. This align the wolfSSL backend with the behavior of the mbedTLS backend.
Some servers need the intermediate certificates to verify a client certificate.
If the provided PEM file contains only a single certificate this change has no effect
and the behavior will be as before.
This impacts higher level APIs to function as someone would expect.
E.g.: esp_websocket_client_config_t.client_cert: when passing here a pem
file containing 2 certificates (the CA's and the client's) it would be
expected that both are transmitted during TLS handshake.
2024-05-30 21:02:12 +08:00
Sudeep Mohanty
41a8521774 fix(esp-tls): Fix compilation for linux target on macos
This commit fixes compilation errors for the esp-tls component for the
linux target on a MacOS system.
2024-05-13 10:13:54 +02:00
Aditya Patwardhan
132892c101
fix(esp-tls): Use 64 bit variable for time instead of 32 bit
Use appropriate API available on respective platform for obtaining
    time
    Closes https://github.com/espressif/esp-idf/issues/13593
2024-05-02 18:34:29 +05:30
Harshit Malpani
aece182482
fix: Fix error logging formatting bug for nano formatting
Closes https://github.com/espressif/esp-idf/issues/13604
2024-04-23 00:02:46 +05:30
laokaiyao
65b1fd33d3 ci(esp32c5mp): disable the unsupported tests 2024-04-07 12:13:29 +08:00
Jakob Hasse
f482a9153a Merge branch 'fix/add_libbsd_string_h' into 'master'
refactor(linux): Unified libbsd handling

See merge request espressif/esp-idf!29457
2024-03-21 10:11:25 +08:00
harshal.patil
bc899d0bad
ci(esp-tls): Fix test-specific leak for ESP32-P4 2024-03-13 15:22:07 +05:30
Jakob Hasse
4d629be602 refactor(linux): Unified libbsd handling
* Users can now use libbsd string.h and sys/cdefs.h functionality
  (e.g., strlcpy, containerof) on Linux by just including
  string.h or sys/cdefs.h. In other words, the includes are the same
  on the Linux target as well as on chips targets (ESP32, etc.).
* libbsd linking is done by the linux component (belongs to common
  components) now instead of handling it separately in each component
2024-03-08 12:26:54 +08:00
Marius Vikhammer
ffd62352de Merge branch 'ci/test_limit_main_cleanup' into 'master'
ci(test_apps): limit dependencies for misc test_apps

See merge request espressif/esp-idf!29088
2024-02-21 09:26:25 +08:00
Marius Vikhammer
1f7c666701 ci(test_apps): limit dependencies for misc test_apps
Only pull in direct dependencies for the test apps, reducing build time
as well making it possible for CI to determine if the test should run or not
when dependencies are changed.
2024-02-18 16:01:58 +08:00
Harshit Malpani
9274e3e620
fix(esp-tls): capture errors in error handle 2024-02-14 14:36:14 +05:30
Aditya Patwardhan
4d8436b90c fix(esp_tls): Fixed input argument checks for public APIs 2024-01-29 01:24:41 +08:00
Aditya Patwardhan
e2d5b323ca fix(esp_tls): Fixed client key parsing for ECC key
Client key parsing for ECC keys was failing as the
    RNG supplied to the key parsing API was uninitialized.
    This commit fixes that behaviour
2024-01-23 13:40:57 +08:00
Mahavir Jain
01f50ee7f5
refactor: migrate atecc608a_ecdsa example to crypto authlib repository
- ESP32-WROOM-32SE has been discontinued and marked as NRND
- This change removes all references to ESP32-WROOM-32SE from IDF
- The example has been migrated to esp-cryptoauthlib repository and it
  can be used through the component manager
  (https://components.espressif.com/components/espressif/esp-cryptoauthlib)
2023-12-22 09:11:41 +05:30
Ivan Grokhotkov
8bf23e5372
fix(esp-tls): fix build for IDF_TARGET=linux on macOS 2023-12-19 13:28:59 +01:00
Aditya Patwardhan
56879510a5
fix(esp_https_server): Fix a breaking change
HTTPD_SSL_CONFIG_DEFAULT used to be a MACRO and hence used to return
    a const pointer. With a recent change it started not returning a
    const variable. This change reverts the function to its MACRO form.
    Updated the https_server example to use static declration
2023-12-11 08:05:10 +05:30
Harshit Malpani
9e8761880b
fix(esp-tls): Add headers in esp_tls_errors.h header file
Closes https://github.com/espressif/esp-idf/issues/12541
2023-12-01 14:15:43 +05:30
harshal.patil
d3be7bda05
fix(mbedtls): move interrupt allocation during initialization phase 2023-11-06 11:20:53 +05:30
Aditya Patwardhan
5ce93aa257 fix(esp_tls): Refactor esp-tls to remove ESP_TLS_SERVER config option 2023-10-26 09:30:13 +00:00
Harshit Malpani
27681a5073
fix(esp-tls): Use TLS 1.2 and TLS 1.3 simultaneously
This commit fixes the issue with TLS 1.2 connection when TLS 1.3 is
enabled in config.
2023-10-23 16:23:10 +05:30
Marius Vikhammer
d27dd4d9cb Merge branch 'docs/show_include_path' into 'master'
docs: show include path and require component as part of API header

Closes IDF-3134, DOC-1032, and DOC-3629

See merge request espressif/esp-idf!25092
2023-10-11 09:36:14 +08:00
Marius Vikhammer
ebe68c3ee3 docs(build): add header include path and component require to api reference 2023-10-07 11:47:45 +08:00
Jakob Hasse
ac2515e199 refactor(lwip): Added on/off switch for LwIP stack
* This switch allows applications to replace lwip with a different
  IP stack or just make it build if it is a dependency but not
  actually needed.
2023-09-22 10:03:13 +08:00
Harshit Malpani
692e1a9e61
feat: ECDSA peripheral while performing http connection with mutual auth 2023-09-08 12:22:41 +05:30
Armando
7dbd3f6909 feat(ci): Enable p4 example, test_apps and unit tests CI build 2023-08-24 12:51:19 +08:00
Mahavir Jain
200cf10373 Merge branch 'bugfix/fix_error_while_ota_over_tls_1_3_connection' into 'master'
fix: fix error while performing OTA over TLS 1.3 connection

Closes IDFGH-10451

See merge request espressif/esp-idf!24847
2023-08-16 20:28:19 +08:00
Mahavir Jain
29a4b05cba Merge branch 'contrib/github_pr_11923' into 'master'
fix(esp-tls): fix pointer cast and condition for CONFIG_ATECC608A_TCUSTOM (GitHub PR)

Closes IDFGH-10697

See merge request espressif/esp-idf!25348
2023-08-16 14:19:46 +08:00
Harshit Malpani
11715c5caf
fix(esp-tls): Retry reads if using session tickets with TLS 1.3
Fixed the error that occurred while performing OTA upgrades over
TLS 1.3 connection. After handshake is completed, post-handshake message
is received and internal state is changed. While performing mbedtls_ssl_read(),
it checks handshake state and if it is not MBEDTLS_SSL_HANDSHAKE_OVER,
mbedtls_ssl_handshake is called again.
2023-08-16 11:26:58 +05:30
Alex
6704566476
fix(esp-tls): fix pointer cast and condition for CONFIG_ATECC608A_TCUSTOM
Closes https://github.com/espressif/esp-idf/pull/11923
2023-08-14 16:20:20 +05:30
Mahavir Jain
ea3bb21cf7
fix(esp-tls): fix the certificate check failure logging for cert bundle case
For ESP certificate bundle case, the certificate failure error from
underlying TLS stack was not being tracked. Added the fix and also
updated example code showcasing how to retrieve it.

Closes https://github.com/espressif/esp-idf/issues/12034
2023-08-11 17:27:01 +05:30
Laukik Hase
3565a9ba89
fix(esp-tls): Add explicit inclusion of header mbedtls/x509_crt.h
- Closes https://github.com/espressif/esp-idf/issues/11761
2023-07-03 14:24:38 +05:30
KonstantinKondrashov
e72061695e all: Removes unnecessary newline character in logs
Closes https://github.com/espressif/esp-idf/issues/11465
2023-06-09 03:31:21 +08:00
David Cermak
b2af4d9689 lwip/linux: Add lwip support for networking component under linux
linux/lwip: Wrap some IO posix functions
* to workaourd the FreeRTOS EINTR issue (when building without lwip)
* to correctly choose the sub-system based on fd (when building with
lwip) -- passing control to either linux/system or to lwip
This commit also addapts tapio-if to provide DHCP client by default and
configurable settings for static IP
2023-05-05 05:03:39 +00:00
Mahavir Jain
b5055b9bfa Merge branch 'feature/add_mbedtls_ciphersuites_set_get_api' into 'master'
esp-tls: Add config and api to set and get ciphersuites list

Closes IDF-7183

See merge request espressif/esp-idf!23320
2023-04-28 13:01:59 +08:00
yuanjianmin
f74447103f esp-tls: Add config and api to set and get ciphersuites list 2023-04-27 19:22:27 +08:00
Mahavir Jain
7fd1378fbb
esp_tls: add initial support for TLS 1.3 connection 2023-04-25 17:40:01 +05:30
Aditya Patwardhan
2dd280f126
esp-tls: Added getter/setter function for the conn_state.
* Added the setter function to set the connection sockfd value
Closes https://github.com/espressif/esp-idf/issues/10871
2023-04-13 20:03:50 +05:30
Aditya Patwardhan
7c8e8557a6 Merge branch 'bugfix/esp_tls_coverity_warning' into 'master'
Fix coverity warning in esp-tls component

See merge request espressif/esp-idf!22934
2023-03-31 15:22:58 +08:00
boarchuz
0c85f7407e
fix preprocessor log condition in esp_tls_mbedtls 2023-03-30 14:08:57 +11:00
Mahavir Jain
496cd83944
Fix coverity warning in esp-tls component
The regressions was introduced in the commit: 0abd1cb51f0a346adcda932e25182692b1f642e1
2023-03-27 12:03:49 +05:30
Mahavir Jain
8d90249829 Merge branch 'contrib/github_pr_10967' into 'master'
[esp-tls] Add addr_family option to esp_tls_cfg_t (GitHub PR)

Closes IDFGH-9620

See merge request espressif/esp-idf!22892
2023-03-24 18:02:31 +08:00
Marius Vikhammer
75591a8a13 Merge branch 'ci/driver_single_board' into 'master'
ci: update test apps to use run_all_single_board_cases

See merge request espressif/esp-idf!22669
2023-03-13 09:25:42 +08:00
Mark H. Spatz
0abd1cb51f [esp-tls] Add addr_family option to esp_tls_cfg_t 2023-03-12 17:41:30 -04:00
Marius Vikhammer
0be8e03907 ci: update test apps to use run_all_single_board_cases 2023-03-10 14:27:09 +08:00
Harshit Malpani
866e6b0d6b
esp-tls: Fix esp-tls component to resolve esp_http_client example failure for Linux target.
esp_http_client does not use lwip component when building for linux target. Using lwip configs directly in esp-tls caused the test failures
2023-03-08 14:56:04 +05:30
David Cermak
5f6cb31105 lwip: Support IPv6 only mode 2023-02-27 08:53:34 +01:00