From d03508f79ee48cd2090419cbeb2051326fe6d71f Mon Sep 17 00:00:00 2001 From: Andreas Pokorny Date: Sun, 29 Oct 2017 12:37:53 +0100 Subject: [PATCH 1/2] Forward client certificate to wificlient secure --- libraries/HTTPClient/src/HTTPClient.cpp | 26 ++++++++++++++++++++++--- libraries/HTTPClient/src/HTTPClient.h | 1 + 2 files changed, 24 insertions(+), 3 deletions(-) diff --git a/libraries/HTTPClient/src/HTTPClient.cpp b/libraries/HTTPClient/src/HTTPClient.cpp index 8b82bbe08e3..d7fcb46f1ab 100644 --- a/libraries/HTTPClient/src/HTTPClient.cpp +++ b/libraries/HTTPClient/src/HTTPClient.cpp @@ -54,8 +54,8 @@ class TransportTraits class TLSTraits : public TransportTraits { public: - TLSTraits(const char* CAcert) : - _cacert(CAcert) + TLSTraits(const char* CAcert, const char* clicert = nullptr, const char* clikey = nullptr) : + _cacert(CAcert), _clicert(clicert), _clikey(clikey) { } @@ -67,12 +67,16 @@ class TLSTraits : public TransportTraits bool verify(WiFiClient& client, const char* host) override { WiFiClientSecure& wcs = static_cast(client); - wcs.setCACert(_cacert); + wcs.setCACert(_cacert); + wcs.setCertificate(_clicert); + wcs.setPrivateKey(_clikey); return true; } protected: const char* _cacert; + const char* _clicert; + const char* _clikey; }; /** @@ -203,6 +207,22 @@ bool HTTPClient::begin(String host, uint16_t port, String uri, const char* CAcer return true; } +bool HTTPClient::begin(String host, uint16_t port, String uri, const char* CAcert, const char* cli_cert, const char* cli_key) +{ + clear(); + _host = host; + _port = port; + _uri = uri; + + if (strlen(CAcert) == 0) { + return false; + } + _transportTraits = TransportTraitsPtr(new TLSTraits(CAcert, cli_cert, cli_key)); + // //Serial.printf("[HTTP-Client][begin] host: %s port: %d url: %s httpsFingerprint: %s", host.c_str(), port, uri.c_str(), + // httpsFingerprint.c_str()); + return true; +} + /** * end * called after the payload is handled diff --git a/libraries/HTTPClient/src/HTTPClient.h b/libraries/HTTPClient/src/HTTPClient.h index 2104fb0c3e4..d51abca975e 100644 --- a/libraries/HTTPClient/src/HTTPClient.h +++ b/libraries/HTTPClient/src/HTTPClient.h @@ -129,6 +129,7 @@ class HTTPClient bool begin(String url, const char* CAcert); bool begin(String host, uint16_t port, String uri = "/"); bool begin(String host, uint16_t port, String uri, const char* CAcert); + bool begin(String host, uint16_t port, String uri, const char* CAcert, const char* cli_cert, const char* cli_key); void end(void); From 826fad3499dfa5d98cf3cdee55c3fb8caca8d173 Mon Sep 17 00:00:00 2001 From: Andreas Pokorny Date: Sun, 29 Oct 2017 19:21:58 +0100 Subject: [PATCH 2/2] remove comment --- libraries/HTTPClient/src/HTTPClient.cpp | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/libraries/HTTPClient/src/HTTPClient.cpp b/libraries/HTTPClient/src/HTTPClient.cpp index d7fcb46f1ab..fea672fc359 100644 --- a/libraries/HTTPClient/src/HTTPClient.cpp +++ b/libraries/HTTPClient/src/HTTPClient.cpp @@ -218,9 +218,7 @@ bool HTTPClient::begin(String host, uint16_t port, String uri, const char* CAcer return false; } _transportTraits = TransportTraitsPtr(new TLSTraits(CAcert, cli_cert, cli_key)); - // //Serial.printf("[HTTP-Client][begin] host: %s port: %d url: %s httpsFingerprint: %s", host.c_str(), port, uri.c_str(), - // httpsFingerprint.c_str()); - return true; + return true; } /**