alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-12-26 05:09:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(esp_http_server): Allow the https server to request client certs optionally

Browse Source 
Closes https://github.com/espressif/esp-idf/pull/17641
This commit is contained in:
0xFEEDC0DE64
2025-09-23 17:07:05 +02:00
committed by Ashish Sharma
parent 23c04b681e
commit 5b56b00ac8
23 changed files with 431 additions and 188 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
components/esp_https_server/include/esp_https_server.h
View File

@@ -91,6 +91,11 @@ struct httpd_ssl_config {
/** CA certificate byte length */
size_t cacert_len;
#ifdef CONFIG_ESP_TLS_SERVER_MIN_AUTH_MODE_OPTIONAL
/** Client certificate authentication mode */
bool client_cert_authmode_optional;
#endif // CONFIG_ESP_TLS_SERVER_MIN_AUTH_MODE_OPTIONAL
/** Private key */
const uint8_t *prvtkey_pem;
@@ -154,6 +159,16 @@ struct httpd_ssl_config {
typedef struct httpd_ssl_config httpd_ssl_config_t;
/**
* Helper macro for optional client certificate authentication field
*/
#ifdef CONFIG_ESP_TLS_SERVER_MIN_AUTH_MODE_OPTIONAL
#define HTTPD_SSL_CONFIG_CLIENT_AUTH_OPTIONAL_INIT \
.client_cert_authmode_optional = false,
#else
#define HTTPD_SSL_CONFIG_CLIENT_AUTH_OPTIONAL_INIT
#endif
/**
* Default config struct init
* Notes:
@@ -197,6 +212,7 @@ typedef struct httpd_ssl_config httpd_ssl_config_t;
.servercert_len = 0, \
.cacert_pem = NULL, \
.cacert_len = 0, \
HTTPD_SSL_CONFIG_CLIENT_AUTH_OPTIONAL_INIT \
.prvtkey_pem = NULL, \
.prvtkey_len = 0, \
.use_ecdsa_peripheral = false, \