From 0b277bb87e8ee620ff8f09524d1a4961cda71d20 Mon Sep 17 00:00:00 2001 From: Larry Bernstone Date: Tue, 26 Dec 2017 17:18:59 -0700 Subject: [PATCH 1/3] Added a lastError method to WiFiClientSecure so that a connection error from mbedTLS can be retrieved if connection fails (and then presented to a user). --- .../WiFiClientSecure/src/WiFiClientSecure.cpp | 392 +++++++++--------- .../WiFiClientSecure/src/WiFiClientSecure.h | 185 +++++---- 2 files changed, 297 insertions(+), 280 deletions(-) diff --git a/libraries/WiFiClientSecure/src/WiFiClientSecure.cpp b/libraries/WiFiClientSecure/src/WiFiClientSecure.cpp index 46c69af3444..12fc7432d27 100644 --- a/libraries/WiFiClientSecure/src/WiFiClientSecure.cpp +++ b/libraries/WiFiClientSecure/src/WiFiClientSecure.cpp @@ -1,189 +1,203 @@ -/* - WiFiClientSecure.cpp - Client Secure class for ESP32 - Copyright (c) 2016 Hristo Gochkov All right reserved. - Additions Copyright (C) 2017 Evandro Luis Copercini. - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this library; if not, write to the Free Software - Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -*/ - -#include "WiFiClientSecure.h" -#include -#include -#include - -#undef connect -#undef write -#undef read - - -WiFiClientSecure::WiFiClientSecure() -{ - _connected = false; - - sslclient = new sslclient_context; - ssl_init(sslclient); - sslclient->socket = -1; - - _CA_cert = NULL; - _cert = NULL; - _private_key = NULL; - next = NULL; -} - - -WiFiClientSecure::WiFiClientSecure(int sock) -{ - _connected = false; - - sslclient = new sslclient_context; - ssl_init(sslclient); - sslclient->socket = sock; - - if (sock >= 0) { - _connected = true; - } - - _CA_cert = NULL; - _cert = NULL; - _private_key = NULL; - next = NULL; -} - -WiFiClientSecure::~WiFiClientSecure() -{ - stop(); - delete sslclient; -} - -WiFiClientSecure &WiFiClientSecure::operator=(const WiFiClientSecure &other) -{ - stop(); - sslclient->socket = other.sslclient->socket; - _connected = other._connected; - return *this; -} - -void WiFiClientSecure::stop() -{ - if (sslclient->socket >= 0) { - close(sslclient->socket); - sslclient->socket = -1; - _connected = false; - } - stop_ssl_socket(sslclient, _CA_cert, _cert, _private_key); -} - -int WiFiClientSecure::connect(IPAddress ip, uint16_t port) -{ - return connect(ip, port, _CA_cert, _cert, _private_key); -} - -int WiFiClientSecure::connect(const char *host, uint16_t port) -{ - return connect(host, port, _CA_cert, _cert, _private_key); -} - -int WiFiClientSecure::connect(IPAddress ip, uint16_t port, const char *_CA_cert, const char *_cert, const char *_private_key) -{ - return connect(ip.toString().c_str(), port, _CA_cert, _cert, _private_key); -} - -int WiFiClientSecure::connect(const char *host, uint16_t port, const char *_CA_cert, const char *_cert, const char *_private_key) -{ - int ret = start_ssl_client(sslclient, host, port, _CA_cert, _cert, _private_key); - if (ret < 0) { - log_e("lwip_connect_r: %d", errno); - stop(); - return 0; - } - _connected = true; - return 1; -} - -size_t WiFiClientSecure::write(uint8_t data) -{ - return write(&data, 1); -} - -int WiFiClientSecure::read() -{ - uint8_t data = 0; - int res = read(&data, 1); - if (res < 0) { - return res; - } - return data; -} - -size_t WiFiClientSecure::write(const uint8_t *buf, size_t size) -{ - if (!_connected) { - return 0; - } - int res = send_ssl_data(sslclient, buf, size); - if (res < 0) { - stop(); - res = 0; - } - return res; -} - -int WiFiClientSecure::read(uint8_t *buf, size_t size) -{ - if (!available()) { - return -1; - } - int res = get_ssl_receive(sslclient, buf, size); - if (res < 0) { - stop(); - } - return res; -} - -int WiFiClientSecure::available() -{ - if (!_connected) { - return 0; - } - int res = data_to_read(sslclient); - if (res < 0 ) { - stop(); - } - return res; -} - -uint8_t WiFiClientSecure::connected() -{ - uint8_t dummy = 0; - read(&dummy, 0); - - return _connected; -} - -void WiFiClientSecure::setCACert (const char *rootCA) -{ - _CA_cert = rootCA; -} - -void WiFiClientSecure::setCertificate (const char *client_ca) -{ - _cert = client_ca; -} - -void WiFiClientSecure::setPrivateKey (const char *private_key) -{ - _private_key = private_key; -} - +/* + WiFiClientSecure.cpp - Client Secure class for ESP32 + Copyright (c) 2016 Hristo Gochkov All right reserved. + Additions Copyright (C) 2017 Evandro Luis Copercini. + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +*/ + +#include "WiFiClientSecure.h" +#include +#include +#include + +#undef connect +#undef write +#undef read + + +WiFiClientSecure::WiFiClientSecure() +{ + _connected = false; + + sslclient = new sslclient_context; + ssl_init(sslclient); + sslclient->socket = -1; + + _CA_cert = NULL; + _cert = NULL; + _private_key = NULL; + next = NULL; +} + + +WiFiClientSecure::WiFiClientSecure(int sock) +{ + _connected = false; + + sslclient = new sslclient_context; + ssl_init(sslclient); + sslclient->socket = sock; + + if (sock >= 0) { + _connected = true; + } + + _CA_cert = NULL; + _cert = NULL; + _private_key = NULL; + next = NULL; +} + +WiFiClientSecure::~WiFiClientSecure() +{ + stop(); + delete sslclient; +} + +WiFiClientSecure &WiFiClientSecure::operator=(const WiFiClientSecure &other) +{ + stop(); + sslclient->socket = other.sslclient->socket; + _connected = other._connected; + return *this; +} + +void WiFiClientSecure::stop() +{ + if (sslclient->socket >= 0) { + close(sslclient->socket); + sslclient->socket = -1; + _connected = false; + } + stop_ssl_socket(sslclient, _CA_cert, _cert, _private_key); +} + +int WiFiClientSecure::connect(IPAddress ip, uint16_t port) +{ + return connect(ip, port, _CA_cert, _cert, _private_key); +} + +int WiFiClientSecure::connect(const char *host, uint16_t port) +{ + return connect(host, port, _CA_cert, _cert, _private_key); +} + +int WiFiClientSecure::connect(IPAddress ip, uint16_t port, const char *_CA_cert, const char *_cert, const char *_private_key) +{ + return connect(ip.toString().c_str(), port, _CA_cert, _cert, _private_key); +} + +int WiFiClientSecure::connect(const char *host, uint16_t port, const char *_CA_cert, const char *_cert, const char *_private_key) +{ + int ret = start_ssl_client(sslclient, host, port, _CA_cert, _cert, _private_key); + _lastError = ret; + if (ret < 0) { + log_e("lwip_connect_r: %d", errno); + stop(); + return 0; + } + _connected = true; + return 1; +} + +size_t WiFiClientSecure::write(uint8_t data) +{ + return write(&data, 1); +} + +int WiFiClientSecure::read() +{ + uint8_t data = 0; + int res = read(&data, 1); + if (res < 0) { + return res; + } + return data; +} + +size_t WiFiClientSecure::write(const uint8_t *buf, size_t size) +{ + if (!_connected) { + return 0; + } + int res = send_ssl_data(sslclient, buf, size); + if (res < 0) { + + stop(); + res = 0; + } + return res; +} + +int WiFiClientSecure::read(uint8_t *buf, size_t size) +{ + if (!available()) { + return -1; + } + int res = get_ssl_receive(sslclient, buf, size); + if (res < 0) { + + stop(); + } + return res; +} + +int WiFiClientSecure::available() +{ + if (!_connected) { + return 0; + } + int res = data_to_read(sslclient); + if (res < 0 ) { + stop(); + } + return res; +} + +uint8_t WiFiClientSecure::connected() +{ + uint8_t dummy = 0; + read(&dummy, 0); + + return _connected; +} + +void WiFiClientSecure::setCACert (const char *rootCA) +{ + _CA_cert = rootCA; +} + +void WiFiClientSecure::setCertificate (const char *client_ca) +{ + _cert = client_ca; +} + +void WiFiClientSecure::setPrivateKey (const char *private_key) +{ + _private_key = private_key; +} + +int WiFiClientSecure::lastError(char *buf, size_t size) +{ + if (!_lastError) { + return 0; + } + char error_buf[100]; + mbedtls_strerror(_lastError, error_buf, 100); + snprintf(buf,size,"%s",error_buf); + return _lastError; +} + diff --git a/libraries/WiFiClientSecure/src/WiFiClientSecure.h b/libraries/WiFiClientSecure/src/WiFiClientSecure.h index d5ce92688df..7770ebdb936 100644 --- a/libraries/WiFiClientSecure/src/WiFiClientSecure.h +++ b/libraries/WiFiClientSecure/src/WiFiClientSecure.h @@ -1,91 +1,94 @@ -/* - WiFiClientSecure.h - Base class that provides Client SSL to ESP32 - Copyright (c) 2011 Adrian McEwen. All right reserved. - Additions Copyright (C) 2017 Evandro Luis Copercini. - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this library; if not, write to the Free Software - Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -*/ - -#ifndef WiFiClientSecure_h -#define WiFiClientSecure_h -#include "Arduino.h" -#include "IPAddress.h" -#include -#include "ssl_client.h" - -class WiFiClientSecure : public WiFiClient -{ -protected: - sslclient_context *sslclient; - - const char *_CA_cert; - const char *_cert; - const char *_private_key; - -public: - WiFiClientSecure *next; - WiFiClientSecure(); - WiFiClientSecure(int socket); - ~WiFiClientSecure(); - int connect(IPAddress ip, uint16_t port); - int connect(const char *host, uint16_t port); - int connect(IPAddress ip, uint16_t port, const char *rootCABuff, const char *cli_cert, const char *cli_key); - int connect(const char *host, uint16_t port, const char *rootCABuff, const char *cli_cert, const char *cli_key); - size_t write(uint8_t data); - size_t write(const uint8_t *buf, size_t size); - int available(); - int read(); - int read(uint8_t *buf, size_t size); - int peek() - { - return 0; - } - void flush() {} - void stop(); - uint8_t connected(); - - void setCACert(const char *rootCA); - void setCertificate(const char *client_ca); - void setPrivateKey (const char *private_key); - - operator bool() - { - return connected(); - } - WiFiClientSecure &operator=(const WiFiClientSecure &other); - bool operator==(const bool value) - { - return bool() == value; - } - bool operator!=(const bool value) - { - return bool() != value; - } - bool operator==(const WiFiClientSecure &); - bool operator!=(const WiFiClientSecure &rhs) - { - return !this->operator==(rhs); - }; - - int socket() - { - return sslclient->socket = -1; - } - - //friend class WiFiServer; - using Print::write; -}; - -#endif /* _WIFICLIENT_H_ */ +/* + WiFiClientSecure.h - Base class that provides Client SSL to ESP32 + Copyright (c) 2011 Adrian McEwen. All right reserved. + Additions Copyright (C) 2017 Evandro Luis Copercini. + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +*/ + +#ifndef WiFiClientSecure_h +#define WiFiClientSecure_h +#include "Arduino.h" +#include "IPAddress.h" +#include +#include "ssl_client.h" + +class WiFiClientSecure : public WiFiClient +{ +protected: + bool _connected; + sslclient_context *sslclient; + int _lastError = 0; + + const char *_CA_cert; + const char *_cert; + const char *_private_key; + +public: + WiFiClientSecure *next; + WiFiClientSecure(); + WiFiClientSecure(int socket); + ~WiFiClientSecure(); + int connect(IPAddress ip, uint16_t port); + int connect(const char *host, uint16_t port); + int connect(IPAddress ip, uint16_t port, const char *rootCABuff, const char *cli_cert, const char *cli_key); + int connect(const char *host, uint16_t port, const char *rootCABuff, const char *cli_cert, const char *cli_key); + size_t write(uint8_t data); + size_t write(const uint8_t *buf, size_t size); + int available(); + int read(); + int read(uint8_t *buf, size_t size); + int peek() + { + return 0; + } + void flush() {} + void stop(); + uint8_t connected(); + int lastError(char *buf, size_t size); + + void setCACert(const char *rootCA); + void setCertificate(const char *client_ca); + void setPrivateKey (const char *private_key); + + operator bool() + { + return connected(); + } + WiFiClientSecure &operator=(const WiFiClientSecure &other); + bool operator==(const bool value) + { + return bool() == value; + } + bool operator!=(const bool value) + { + return bool() != value; + } + bool operator==(const WiFiClientSecure &); + bool operator!=(const WiFiClientSecure &rhs) + { + return !this->operator==(rhs); + }; + + int socket() + { + return sslclient->socket = -1; + } + + //friend class WiFiServer; + using Print::write; +}; + +#endif /* _WIFICLIENT_H_ */ From 7859e2d8b08f735955b410dc5b4bc8dac6c6c3da Mon Sep 17 00:00:00 2001 From: Larry Bernstone Date: Tue, 26 Dec 2017 17:21:50 -0700 Subject: [PATCH 2/3] Changed to dos CRLF --- .../WiFiClientSecure/src/WiFiClientSecure.cpp | 406 +++++++++--------- .../WiFiClientSecure/src/WiFiClientSecure.h | 188 ++++---- 2 files changed, 297 insertions(+), 297 deletions(-) diff --git a/libraries/WiFiClientSecure/src/WiFiClientSecure.cpp b/libraries/WiFiClientSecure/src/WiFiClientSecure.cpp index 12fc7432d27..0f0e653430e 100644 --- a/libraries/WiFiClientSecure/src/WiFiClientSecure.cpp +++ b/libraries/WiFiClientSecure/src/WiFiClientSecure.cpp @@ -1,203 +1,203 @@ -/* - WiFiClientSecure.cpp - Client Secure class for ESP32 - Copyright (c) 2016 Hristo Gochkov All right reserved. - Additions Copyright (C) 2017 Evandro Luis Copercini. - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this library; if not, write to the Free Software - Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -*/ - -#include "WiFiClientSecure.h" -#include -#include -#include - -#undef connect -#undef write -#undef read - - -WiFiClientSecure::WiFiClientSecure() -{ - _connected = false; - - sslclient = new sslclient_context; - ssl_init(sslclient); - sslclient->socket = -1; - - _CA_cert = NULL; - _cert = NULL; - _private_key = NULL; - next = NULL; -} - - -WiFiClientSecure::WiFiClientSecure(int sock) -{ - _connected = false; - - sslclient = new sslclient_context; - ssl_init(sslclient); - sslclient->socket = sock; - - if (sock >= 0) { - _connected = true; - } - - _CA_cert = NULL; - _cert = NULL; - _private_key = NULL; - next = NULL; -} - -WiFiClientSecure::~WiFiClientSecure() -{ - stop(); - delete sslclient; -} - -WiFiClientSecure &WiFiClientSecure::operator=(const WiFiClientSecure &other) -{ - stop(); - sslclient->socket = other.sslclient->socket; - _connected = other._connected; - return *this; -} - -void WiFiClientSecure::stop() -{ - if (sslclient->socket >= 0) { - close(sslclient->socket); - sslclient->socket = -1; - _connected = false; - } - stop_ssl_socket(sslclient, _CA_cert, _cert, _private_key); -} - -int WiFiClientSecure::connect(IPAddress ip, uint16_t port) -{ - return connect(ip, port, _CA_cert, _cert, _private_key); -} - -int WiFiClientSecure::connect(const char *host, uint16_t port) -{ - return connect(host, port, _CA_cert, _cert, _private_key); -} - -int WiFiClientSecure::connect(IPAddress ip, uint16_t port, const char *_CA_cert, const char *_cert, const char *_private_key) -{ - return connect(ip.toString().c_str(), port, _CA_cert, _cert, _private_key); -} - -int WiFiClientSecure::connect(const char *host, uint16_t port, const char *_CA_cert, const char *_cert, const char *_private_key) -{ - int ret = start_ssl_client(sslclient, host, port, _CA_cert, _cert, _private_key); - _lastError = ret; - if (ret < 0) { - log_e("lwip_connect_r: %d", errno); - stop(); - return 0; - } - _connected = true; - return 1; -} - -size_t WiFiClientSecure::write(uint8_t data) -{ - return write(&data, 1); -} - -int WiFiClientSecure::read() -{ - uint8_t data = 0; - int res = read(&data, 1); - if (res < 0) { - return res; - } - return data; -} - -size_t WiFiClientSecure::write(const uint8_t *buf, size_t size) -{ - if (!_connected) { - return 0; - } - int res = send_ssl_data(sslclient, buf, size); - if (res < 0) { - - stop(); - res = 0; - } - return res; -} - -int WiFiClientSecure::read(uint8_t *buf, size_t size) -{ - if (!available()) { - return -1; - } - int res = get_ssl_receive(sslclient, buf, size); - if (res < 0) { - - stop(); - } - return res; -} - -int WiFiClientSecure::available() -{ - if (!_connected) { - return 0; - } - int res = data_to_read(sslclient); - if (res < 0 ) { - stop(); - } - return res; -} - -uint8_t WiFiClientSecure::connected() -{ - uint8_t dummy = 0; - read(&dummy, 0); - - return _connected; -} - -void WiFiClientSecure::setCACert (const char *rootCA) -{ - _CA_cert = rootCA; -} - -void WiFiClientSecure::setCertificate (const char *client_ca) -{ - _cert = client_ca; -} - -void WiFiClientSecure::setPrivateKey (const char *private_key) -{ - _private_key = private_key; -} - -int WiFiClientSecure::lastError(char *buf, size_t size) -{ - if (!_lastError) { - return 0; - } - char error_buf[100]; - mbedtls_strerror(_lastError, error_buf, 100); - snprintf(buf,size,"%s",error_buf); - return _lastError; -} - +/* + WiFiClientSecure.cpp - Client Secure class for ESP32 + Copyright (c) 2016 Hristo Gochkov All right reserved. + Additions Copyright (C) 2017 Evandro Luis Copercini. + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +*/ + +#include "WiFiClientSecure.h" +#include +#include +#include + +#undef connect +#undef write +#undef read + + +WiFiClientSecure::WiFiClientSecure() +{ + _connected = false; + + sslclient = new sslclient_context; + ssl_init(sslclient); + sslclient->socket = -1; + + _CA_cert = NULL; + _cert = NULL; + _private_key = NULL; + next = NULL; +} + + +WiFiClientSecure::WiFiClientSecure(int sock) +{ + _connected = false; + + sslclient = new sslclient_context; + ssl_init(sslclient); + sslclient->socket = sock; + + if (sock >= 0) { + _connected = true; + } + + _CA_cert = NULL; + _cert = NULL; + _private_key = NULL; + next = NULL; +} + +WiFiClientSecure::~WiFiClientSecure() +{ + stop(); + delete sslclient; +} + +WiFiClientSecure &WiFiClientSecure::operator=(const WiFiClientSecure &other) +{ + stop(); + sslclient->socket = other.sslclient->socket; + _connected = other._connected; + return *this; +} + +void WiFiClientSecure::stop() +{ + if (sslclient->socket >= 0) { + close(sslclient->socket); + sslclient->socket = -1; + _connected = false; + } + stop_ssl_socket(sslclient, _CA_cert, _cert, _private_key); +} + +int WiFiClientSecure::connect(IPAddress ip, uint16_t port) +{ + return connect(ip, port, _CA_cert, _cert, _private_key); +} + +int WiFiClientSecure::connect(const char *host, uint16_t port) +{ + return connect(host, port, _CA_cert, _cert, _private_key); +} + +int WiFiClientSecure::connect(IPAddress ip, uint16_t port, const char *_CA_cert, const char *_cert, const char *_private_key) +{ + return connect(ip.toString().c_str(), port, _CA_cert, _cert, _private_key); +} + +int WiFiClientSecure::connect(const char *host, uint16_t port, const char *_CA_cert, const char *_cert, const char *_private_key) +{ + int ret = start_ssl_client(sslclient, host, port, _CA_cert, _cert, _private_key); + _lastError = ret; + if (ret < 0) { + log_e("lwip_connect_r: %d", errno); + stop(); + return 0; + } + _connected = true; + return 1; +} + +size_t WiFiClientSecure::write(uint8_t data) +{ + return write(&data, 1); +} + +int WiFiClientSecure::read() +{ + uint8_t data = 0; + int res = read(&data, 1); + if (res < 0) { + return res; + } + return data; +} + +size_t WiFiClientSecure::write(const uint8_t *buf, size_t size) +{ + if (!_connected) { + return 0; + } + int res = send_ssl_data(sslclient, buf, size); + if (res < 0) { + + stop(); + res = 0; + } + return res; +} + +int WiFiClientSecure::read(uint8_t *buf, size_t size) +{ + if (!available()) { + return -1; + } + int res = get_ssl_receive(sslclient, buf, size); + if (res < 0) { + + stop(); + } + return res; +} + +int WiFiClientSecure::available() +{ + if (!_connected) { + return 0; + } + int res = data_to_read(sslclient); + if (res < 0 ) { + stop(); + } + return res; +} + +uint8_t WiFiClientSecure::connected() +{ + uint8_t dummy = 0; + read(&dummy, 0); + + return _connected; +} + +void WiFiClientSecure::setCACert (const char *rootCA) +{ + _CA_cert = rootCA; +} + +void WiFiClientSecure::setCertificate (const char *client_ca) +{ + _cert = client_ca; +} + +void WiFiClientSecure::setPrivateKey (const char *private_key) +{ + _private_key = private_key; +} + +int WiFiClientSecure::lastError(char *buf, size_t size) +{ + if (!_lastError) { + return 0; + } + char error_buf[100]; + mbedtls_strerror(_lastError, error_buf, 100); + snprintf(buf,size,"%s",error_buf); + return _lastError; +} + diff --git a/libraries/WiFiClientSecure/src/WiFiClientSecure.h b/libraries/WiFiClientSecure/src/WiFiClientSecure.h index 7770ebdb936..752f9390f24 100644 --- a/libraries/WiFiClientSecure/src/WiFiClientSecure.h +++ b/libraries/WiFiClientSecure/src/WiFiClientSecure.h @@ -1,94 +1,94 @@ -/* - WiFiClientSecure.h - Base class that provides Client SSL to ESP32 - Copyright (c) 2011 Adrian McEwen. All right reserved. - Additions Copyright (C) 2017 Evandro Luis Copercini. - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this library; if not, write to the Free Software - Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -*/ - -#ifndef WiFiClientSecure_h -#define WiFiClientSecure_h -#include "Arduino.h" -#include "IPAddress.h" -#include -#include "ssl_client.h" - -class WiFiClientSecure : public WiFiClient -{ -protected: - bool _connected; - sslclient_context *sslclient; - int _lastError = 0; - - const char *_CA_cert; - const char *_cert; - const char *_private_key; - -public: - WiFiClientSecure *next; - WiFiClientSecure(); - WiFiClientSecure(int socket); - ~WiFiClientSecure(); - int connect(IPAddress ip, uint16_t port); - int connect(const char *host, uint16_t port); - int connect(IPAddress ip, uint16_t port, const char *rootCABuff, const char *cli_cert, const char *cli_key); - int connect(const char *host, uint16_t port, const char *rootCABuff, const char *cli_cert, const char *cli_key); - size_t write(uint8_t data); - size_t write(const uint8_t *buf, size_t size); - int available(); - int read(); - int read(uint8_t *buf, size_t size); - int peek() - { - return 0; - } - void flush() {} - void stop(); - uint8_t connected(); - int lastError(char *buf, size_t size); - - void setCACert(const char *rootCA); - void setCertificate(const char *client_ca); - void setPrivateKey (const char *private_key); - - operator bool() - { - return connected(); - } - WiFiClientSecure &operator=(const WiFiClientSecure &other); - bool operator==(const bool value) - { - return bool() == value; - } - bool operator!=(const bool value) - { - return bool() != value; - } - bool operator==(const WiFiClientSecure &); - bool operator!=(const WiFiClientSecure &rhs) - { - return !this->operator==(rhs); - }; - - int socket() - { - return sslclient->socket = -1; - } - - //friend class WiFiServer; - using Print::write; -}; - -#endif /* _WIFICLIENT_H_ */ +/* + WiFiClientSecure.h - Base class that provides Client SSL to ESP32 + Copyright (c) 2011 Adrian McEwen. All right reserved. + Additions Copyright (C) 2017 Evandro Luis Copercini. + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +*/ + +#ifndef WiFiClientSecure_h +#define WiFiClientSecure_h +#include "Arduino.h" +#include "IPAddress.h" +#include +#include "ssl_client.h" + +class WiFiClientSecure : public WiFiClient +{ +protected: + bool _connected; + sslclient_context *sslclient; + int _lastError = 0; + + const char *_CA_cert; + const char *_cert; + const char *_private_key; + +public: + WiFiClientSecure *next; + WiFiClientSecure(); + WiFiClientSecure(int socket); + ~WiFiClientSecure(); + int connect(IPAddress ip, uint16_t port); + int connect(const char *host, uint16_t port); + int connect(IPAddress ip, uint16_t port, const char *rootCABuff, const char *cli_cert, const char *cli_key); + int connect(const char *host, uint16_t port, const char *rootCABuff, const char *cli_cert, const char *cli_key); + size_t write(uint8_t data); + size_t write(const uint8_t *buf, size_t size); + int available(); + int read(); + int read(uint8_t *buf, size_t size); + int peek() + { + return 0; + } + void flush() {} + void stop(); + uint8_t connected(); + int lastError(char *buf, size_t size); + + void setCACert(const char *rootCA); + void setCertificate(const char *client_ca); + void setPrivateKey (const char *private_key); + + operator bool() + { + return connected(); + } + WiFiClientSecure &operator=(const WiFiClientSecure &other); + bool operator==(const bool value) + { + return bool() == value; + } + bool operator!=(const bool value) + { + return bool() != value; + } + bool operator==(const WiFiClientSecure &); + bool operator!=(const WiFiClientSecure &rhs) + { + return !this->operator==(rhs); + }; + + int socket() + { + return sslclient->socket = -1; + } + + //friend class WiFiServer; + using Print::write; +}; + +#endif /* _WIFICLIENT_H_ */ From 92ffed817e37cdf499bc71c2e13f8347bbcbbfe5 Mon Sep 17 00:00:00 2001 From: Larry Bernstone Date: Tue, 26 Dec 2017 18:11:42 -0700 Subject: [PATCH 3/3] Made buffer size a const\nMore cleanup to match source --- libraries/WiFiClientSecure/src/WiFiClientSecure.cpp | 7 ++----- libraries/WiFiClientSecure/src/WiFiClientSecure.h | 6 ++---- 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/libraries/WiFiClientSecure/src/WiFiClientSecure.cpp b/libraries/WiFiClientSecure/src/WiFiClientSecure.cpp index 0f0e653430e..a0a8b3d888f 100644 --- a/libraries/WiFiClientSecure/src/WiFiClientSecure.cpp +++ b/libraries/WiFiClientSecure/src/WiFiClientSecure.cpp @@ -135,7 +135,6 @@ size_t WiFiClientSecure::write(const uint8_t *buf, size_t size) } int res = send_ssl_data(sslclient, buf, size); if (res < 0) { - stop(); res = 0; } @@ -149,7 +148,6 @@ int WiFiClientSecure::read(uint8_t *buf, size_t size) } int res = get_ssl_receive(sslclient, buf, size); if (res < 0) { - stop(); } return res; @@ -190,14 +188,13 @@ void WiFiClientSecure::setPrivateKey (const char *private_key) _private_key = private_key; } -int WiFiClientSecure::lastError(char *buf, size_t size) +int WiFiClientSecure::lastError(char *buf, const size_t size) { if (!_lastError) { return 0; } char error_buf[100]; mbedtls_strerror(_lastError, error_buf, 100); - snprintf(buf,size,"%s",error_buf); + snprintf(buf, size, "%s", error_buf); return _lastError; } - diff --git a/libraries/WiFiClientSecure/src/WiFiClientSecure.h b/libraries/WiFiClientSecure/src/WiFiClientSecure.h index 752f9390f24..8b6899a6f21 100644 --- a/libraries/WiFiClientSecure/src/WiFiClientSecure.h +++ b/libraries/WiFiClientSecure/src/WiFiClientSecure.h @@ -28,10 +28,9 @@ class WiFiClientSecure : public WiFiClient { protected: - bool _connected; sslclient_context *sslclient; + int _lastError = 0; - const char *_CA_cert; const char *_cert; const char *_private_key; @@ -57,8 +56,7 @@ class WiFiClientSecure : public WiFiClient void flush() {} void stop(); uint8_t connected(); - int lastError(char *buf, size_t size); - + int lastError(char *buf, const size_t size); void setCACert(const char *rootCA); void setCertificate(const char *client_ca); void setPrivateKey (const char *private_key);