Commit Graph

183 Commits

Author SHA1 Message Date
Mahavir Jain
ea3bb21cf7
fix(esp-tls): fix the certificate check failure logging for cert bundle case
For ESP certificate bundle case, the certificate failure error from
underlying TLS stack was not being tracked. Added the fix and also
updated example code showcasing how to retrieve it.

Closes https://github.com/espressif/esp-idf/issues/12034
2023-08-11 17:27:01 +05:30
Laukik Hase
3565a9ba89
fix(esp-tls): Add explicit inclusion of header mbedtls/x509_crt.h
- Closes https://github.com/espressif/esp-idf/issues/11761
2023-07-03 14:24:38 +05:30
KonstantinKondrashov
e72061695e all: Removes unnecessary newline character in logs
Closes https://github.com/espressif/esp-idf/issues/11465
2023-06-09 03:31:21 +08:00
David Cermak
b2af4d9689 lwip/linux: Add lwip support for networking component under linux
linux/lwip: Wrap some IO posix functions
* to workaourd the FreeRTOS EINTR issue (when building without lwip)
* to correctly choose the sub-system based on fd (when building with
lwip) -- passing control to either linux/system or to lwip
This commit also addapts tapio-if to provide DHCP client by default and
configurable settings for static IP
2023-05-05 05:03:39 +00:00
Mahavir Jain
b5055b9bfa Merge branch 'feature/add_mbedtls_ciphersuites_set_get_api' into 'master'
esp-tls: Add config and api to set and get ciphersuites list

Closes IDF-7183

See merge request espressif/esp-idf!23320
2023-04-28 13:01:59 +08:00
yuanjianmin
f74447103f esp-tls: Add config and api to set and get ciphersuites list 2023-04-27 19:22:27 +08:00
Mahavir Jain
7fd1378fbb
esp_tls: add initial support for TLS 1.3 connection 2023-04-25 17:40:01 +05:30
Aditya Patwardhan
2dd280f126
esp-tls: Added getter/setter function for the conn_state.
* Added the setter function to set the connection sockfd value
Closes https://github.com/espressif/esp-idf/issues/10871
2023-04-13 20:03:50 +05:30
Aditya Patwardhan
7c8e8557a6 Merge branch 'bugfix/esp_tls_coverity_warning' into 'master'
Fix coverity warning in esp-tls component

See merge request espressif/esp-idf!22934
2023-03-31 15:22:58 +08:00
boarchuz
0c85f7407e
fix preprocessor log condition in esp_tls_mbedtls 2023-03-30 14:08:57 +11:00
Mahavir Jain
496cd83944
Fix coverity warning in esp-tls component
The regressions was introduced in the commit: 0abd1cb51f
2023-03-27 12:03:49 +05:30
Mahavir Jain
8d90249829 Merge branch 'contrib/github_pr_10967' into 'master'
[esp-tls] Add addr_family option to esp_tls_cfg_t (GitHub PR)

Closes IDFGH-9620

See merge request espressif/esp-idf!22892
2023-03-24 18:02:31 +08:00
Marius Vikhammer
75591a8a13 Merge branch 'ci/driver_single_board' into 'master'
ci: update test apps to use run_all_single_board_cases

See merge request espressif/esp-idf!22669
2023-03-13 09:25:42 +08:00
Mark H. Spatz
0abd1cb51f [esp-tls] Add addr_family option to esp_tls_cfg_t 2023-03-12 17:41:30 -04:00
Marius Vikhammer
0be8e03907 ci: update test apps to use run_all_single_board_cases 2023-03-10 14:27:09 +08:00
Harshit Malpani
866e6b0d6b
esp-tls: Fix esp-tls component to resolve esp_http_client example failure for Linux target.
esp_http_client does not use lwip component when building for linux target. Using lwip configs directly in esp-tls caused the test failures
2023-03-08 14:56:04 +05:30
David Cermak
5f6cb31105 lwip: Support IPv6 only mode 2023-02-27 08:53:34 +01:00
Aditya Patwardhan
0d20f8816f esp-tls: Fix build issue when esp-tls server session tickets have been enabled.
Closes https://github.com/espressif/esp-idf/issues/10765
2023-02-24 04:45:23 +00:00
Omar Chebib
5e5343d429 TWDT: Use the new TWDT Kconfig options in the examples and tests 2023-02-17 11:22:25 +08:00
Cao Sen Miao
94120b82c2 esp32h2: add build test 2023-01-17 10:29:04 +08:00
Harshit Malpani
49ce5ada76
ci: Fix ci failures for target esp32c6 2023-01-04 11:20:52 +05:30
Harshit Malpani
43e4383bb7
esp-tls: fix build error without -Wno-format compile flag when building for Linux target 2023-01-04 11:17:27 +05:30
Harshit Malpani
aefd3b0aec
esp-tls: update esp-tls to support linux build 2023-01-04 11:17:27 +05:30
Laukik Hase
665ad3dbdb
esp_tls: Fix issue when timeout is not explicitly given in esp_tls_cfg_t
- If internet connectivity weakened or disappeared suddenly while we were
  in the TLS handshake stage, the app got stuck at that point indefinitely.
- This was because when timeout was not explicitly specified in esp_tls_cfg_t,
  the default timeout was set at the wrong place. This causes the sockets to be
  setup with zero timeout, hence the indefinite wait.
2022-12-16 10:20:21 +05:30
Nathan Phillips
057f5cb120 Distinguish 4 identical log messages
Say which certificate couldn't be parsed in each one.
2022-12-08 10:31:28 +00:00
Harshit Malpani
295507bc1b
esp-tls: use gettimeofday() instead of xTaskGetTickCount() 2022-11-29 11:04:54 +05:30
Aditya Patwardhan
c099209d7c esp-tls: Fix esp-cryptoauthlib built dependency when secure element
support is enabled
2022-11-11 16:13:15 +05:30
Aditya Patwardhan
14e64783e7 esp-tls/Kconfig: Fix dependency for ESP-TLS Server menuconfig option 2022-11-03 07:17:05 +00:00
Aditya Patwardhan
8ad4de7991 esp-tls: Add changes to the Cert selection callback PR. 2022-11-03 07:17:05 +00:00
Akos Vandra
e9e3dc7904 esp-tls: Add support for the CERTIFICATE SELECTION HOOK. The hook has access to required information so that the application can make a more informed decision on which certificate to serve (such as alpn value, server certificate type, etc.)
Closes https://github.com/espressif/esp-idf/pull/9833

Signed-off-by: Aditya Patwardhan <aditya.patwardhan@espressif.com>
2022-11-03 07:17:05 +00:00
Song Ruo Jing
be0fdfa176 soc: Add a soc cap, SOC_CLK_RC_FAST_D256_SUPPORTED, for whether the target has the RC_FAST_D256 clock 2022-11-01 11:23:26 +08:00
yuanjianmin
ddbe6aa42a esp-tls: Fix memory leak in mbedtls ds peripheral when MBEDTLS_THREADING_C enabled 2022-10-13 14:17:42 +08:00
Yuan Jian Min
9a97cfbffc esp-tls: socket will be set to -1 and will not be closed
Closes https://github.com/espressif/esp-idf/issues/9847
2022-09-26 19:15:04 +08:00
harshal.patil
aaf8b5d98e ci: Migrate esp-tls unit tests from unit-test-app to component-test-app 2022-09-14 12:03:49 +05:30
Laukik Hase
6319970ab7
esp_tls/wpa_supplicant: Updated deprecated mbedtls APIs 2022-08-24 11:59:34 +05:30
Ivan Grokhotkov
401c10ecfb build system: re-add -Wno-format as private flag for some components 2022-08-03 16:42:47 +04:00
Marius Vikhammer
7e60e07a0a Merge branch 'feature/esp8684_sha' into 'master'
mbedtls: enable hw support for SHA on C2

Closes IDF-3830 and IDF-5141

See merge request espressif/esp-idf!18531
2022-06-23 14:18:49 +08:00
Marius Vikhammer
f4c79687f8 SHA: added hardware support for SHA on C2. 2022-06-23 11:01:16 +08:00
Aditya Patwardhan
8785d1687c esp_tls.h: Add note regarding default timeout_ms value 2022-06-21 16:33:52 +05:30
Aditya Patwardhan
2ea419db22 esp_tls_mbedtls.c: Fix esp-idf integration of esp-cryptoauthlib
menuconfig option
2022-06-03 23:12:11 +05:30
Michael (XIAO Xufeng)
6a8aed12ee ci: partially enable ut tests for esp32c2
Disabled test cases are tracked in:

 IDF-4465, IDF-5045, IDF-5057, IDF-5058, IDF-5059, IDF-5060, IDF-5061, IDF-5131

- test_fatfs: IDF-5136

- test_pm: IDF-5053

- test_cache_mmu: IDF-5138

- test_partitions: IDF-5137

- test_vfs: IDF-5139

- test_freertos: IDF-5140

- test_wpa_supplicant: IDF-5046

- test_mbedtls: IDF-5141

- test_pthread: IDF-5142

- test_protocomm: IDF-5143

- test_lightsleep: IDF-5053

- test_taskwdt: IDF-5055

- test_tcp_transport: IDF-5144

- test_app_update: IDF-5145

- test_timer: IDF-5052

- test_spi: IDF-5146

- test_rtc_clk: IDF-5060

- test_heap: IDF-5167

ci: fixed issues for tests of libgcc, ets_timer, newlib

test_pm: support on C2
2022-06-02 14:23:35 +08:00
Li Jingyi
6d58008119 esp-tls: add api to free client session
Free session with mbedtls api to avoid mem-leak
2022-05-23 16:28:40 +08:00
Aditya Patwardhan
aa9de02259 esp_tls.h: Clean up included header files. 2022-05-11 07:09:34 +00:00
Aditya Patwardhan
788c9ddf8d esp_tls: Added getter function for esp_tls ssl ctx. 2022-05-11 07:09:34 +00:00
Aditya Patwardhan
434e74ff73 esp_tls: Make esp_tls_t as private structure. 2022-05-11 07:09:34 +00:00
Ivan Grokhotkov
47659be5b8
build system: remove lwip from common requirements
lwip was added to common requirements list to provide "sys/socket.h"
header to all components without additional requirements specified.

However, lwip pulls in a lot of dependencies on other components.
This commit removes lwip from common requirements to reduce the number
of components in G1-only apps.

To compensate for this removal, the following changes are made:
- newlib (which is a common requirement) has a public dependency on
  lwip if lwip is present in the build. This ensures that sys/socket.h
  is available as long as lwip component is included into the build.
- lwip is now a public requirement of esp-tls since esp_tls.h includes
  sys/socket.h header.
- lwip is now a public requirement o esp_http_client because
  sys/socket.h is included from esp_http_client.h
- lwip is now a private requirement of esp_wifi for "smartconfig_ack"
- lwip is now a private requirement of mqtt for socket functions
- lwip is now a public requirement of tcp_transport because
  esp_transport_tcp.h includes sys/socket.h header.
- mbedtls checks if lwip component is present in the build. If yes,
  net_sockets.c is added to the build, along with the dependency on
  lwip. Previously lwip was a public requirement of mbedtls
  unconditionally.

system/g1_components test app is updated to reflect the changes

Default public dependencies of a component before and after this
change, except common requirements:

- esp_timer (public dependency of freertos)
- bootloader_support (public dependency of esp_hw_support)
- vfs (public dependency of lwip)
- esp_wifi (public dependency of lwip)
- esp_event (public dependency of esp_wifi)
- esp_netif (public dependency of esp_event)
- esp_eth (public dependency of esp_netif)
- esp_phy (public dependency of esp_wifi)

After:

- esp_timer (public dependency of freertos)
- bootloader_support (public dependency of esp_hw_support)

Altogether, the following components have been always added as
public requirements to all other components, and are not added now
([breaking-change]):

- lwip
- vfs
- esp_wifi
- esp_event
- esp_netif
- esp_eth
- esp_phy

Application components now need to explicitly declare dependencies on
these components.
2022-05-02 20:47:17 +02:00
Laukik Hase
864c59c091
esp_tls: Remove deprecated API
- Removed deprecated esp_tls_conn_new() viz. duplicated by
  esp_tls_conn_new_sync()
- Removed deprecated esp_tls_conn_delete()
- Marked esp_tls_conn_http_new() as deprecated, added alternative
  esp_tls_conn_http_new_sync() (similar to esp_tls_conn_http_new_async())
2022-04-20 12:18:25 +05:30
Laukik Hase
d7090b4d52 https_server: Add config option to min. cert. auth mode
- Added a config option to set the minimum Certificate Verification
  mode to Optional
- When this option is enabled, the peer (the client) certificate
  is checked by the server, however the handshake continues even if
  verification failed.
- By default, the peer certificate is not checked and ignored by the server.

Closes https://github.com/espressif/esp-idf/issues/8664
2022-03-29 08:57:36 +00:00
Aditya Patwardhan
4c58685c00 esp_https_server: Enable secure element support.
Closes https://github.com/espressif/esp-idf/issues/8286
2022-03-27 14:35:25 +05:30
Mahavir Jain
102f8e961f esp-tls: use SOC capability macros instead of target names 2022-03-22 02:06:30 +00:00