mirror of
https://github.com/espressif/esp-idf.git
synced 2025-09-22 17:02:25 +00:00
esp_https_server: API cleanup
This commit is contained in:
Harshit Malpani
@@ -50,22 +50,18 @@ struct httpd_ssl_config {
|
||||
*/
|
||||
httpd_config_t httpd;
|
||||
|
||||
/** CA certificate (here it is treated as server cert)
|
||||
* Todo: Fix this change in release/v5.0 as it would be a breaking change
|
||||
* i.e. Rename the nomenclature of variables holding different certs in https_server component as well as example
|
||||
* 1)The cacert variable should hold the CA which is used to authenticate clients (should inherit current role of client_verify_cert_pem var)
|
||||
* 2)There should be another variable servercert which whould hold servers own certificate (should inherit current role of cacert var) */
|
||||
/** Server certificate */
|
||||
const uint8_t *servercert;
|
||||
|
||||
/** Server certificate byte length */
|
||||
size_t servercert_len;
|
||||
|
||||
/** CA certificate ((CA used to sign clients, or client cert itself) */
|
||||
const uint8_t *cacert_pem;
|
||||
|
||||
/** CA certificate byte length */
|
||||
size_t cacert_len;
|
||||
|
||||
/** Client verify authority certificate (CA used to sign clients, or client cert itself */
|
||||
const uint8_t *client_verify_cert_pem;
|
||||
|
||||
/** Client verify authority cert len */
|
||||
size_t client_verify_cert_len;
|
||||
|
||||
/** Private key */
|
||||
const uint8_t *prvtkey_pem;
|
||||
|
||||
@@ -123,10 +119,10 @@ typedef struct httpd_ssl_config httpd_ssl_config_t;
|
||||
.close_fn = NULL, \
|
||||
.uri_match_fn = NULL \
|
||||
}, \
|
||||
.servercert = NULL, \
|
||||
.servercert_len = 0, \
|
||||
.cacert_pem = NULL, \
|
||||
.cacert_len = 0, \
|
||||
.client_verify_cert_pem = NULL, \
|
||||
.client_verify_cert_len = 0, \
|
||||
.prvtkey_pem = NULL, \
|
||||
.prvtkey_len = 0, \
|
||||
.transport_mode = HTTPD_SSL_TRANSPORT_SECURE, \
|
||||
|
||||
@@ -181,20 +181,20 @@ static httpd_ssl_ctx_t *create_secure_context(const struct httpd_ssl_config *con
|
||||
|
||||
ssl_ctx->tls_cfg = cfg;
|
||||
ssl_ctx->user_cb = config->user_cb;
|
||||
/* cacert = CA which signs client cert, or client cert itself , which is mapped to client_verify_cert_pem */
|
||||
if(config->client_verify_cert_pem != NULL) {
|
||||
cfg->cacert_buf = (unsigned char *)malloc(config->client_verify_cert_len);
|
||||
/* cacert = CA which signs client cert, or client cert itself */
|
||||
if(config->cacert_pem != NULL) {
|
||||
cfg->cacert_buf = (unsigned char *)malloc(config->cacert_len);
|
||||
if (!cfg->cacert_buf) {
|
||||
ESP_LOGE(TAG, "Could not allocate memory");
|
||||
free(cfg);
|
||||
free(ssl_ctx);
|
||||
return NULL;
|
||||
}
|
||||
memcpy((char *)cfg->cacert_buf, config->client_verify_cert_pem, config->client_verify_cert_len);
|
||||
cfg->cacert_bytes = config->client_verify_cert_len;
|
||||
memcpy((char *)cfg->cacert_buf, config->cacert_pem, config->cacert_len);
|
||||
cfg->cacert_bytes = config->cacert_len;
|
||||
}
|
||||
/* servercert = cert of server itself ( in our case it is mapped to cacert in https_server example) */
|
||||
cfg->servercert_buf = (unsigned char *)malloc(config->cacert_len);
|
||||
/* servercert = cert of server itself */
|
||||
cfg->servercert_buf = (unsigned char *)malloc(config->servercert_len);
|
||||
if (!cfg->servercert_buf) {
|
||||
ESP_LOGE(TAG, "Could not allocate memory");
|
||||
free((void *)cfg->cacert_buf);
|
||||
@@ -202,8 +202,8 @@ static httpd_ssl_ctx_t *create_secure_context(const struct httpd_ssl_config *con
|
||||
free(ssl_ctx);
|
||||
return NULL;
|
||||
}
|
||||
memcpy((char *)cfg->servercert_buf, config->cacert_pem, config->cacert_len);
|
||||
cfg->servercert_bytes = config->cacert_len;
|
||||
memcpy((char *)cfg->servercert_buf, config->servercert, config->servercert_len);
|
||||
cfg->servercert_bytes = config->servercert_len;
|
||||
|
||||
cfg->serverkey_buf = (unsigned char *)malloc(config->prvtkey_len);
|
||||
if (!cfg->serverkey_buf) {
|
||||
|
||||
Reference in New Issue
Block a user