Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mbed TLS client & server support (WIP) #90

Open
wants to merge 44 commits into
base: master
Choose a base branch
from
Open

mbed TLS client & server support (WIP) #90

wants to merge 44 commits into from

Conversation

Bmooij
Copy link
Contributor

@Bmooij Bmooij commented Apr 16, 2020

I started implementing the server side TLS support.
I used the implementation provided by @tve #48
It is not finished yet!

Currently the first request can successfully be made with HTTPS and processed.
The next HTTPS request could not be processed, and fails.

I'm looking for feedback on the implementation, and help with the last issue.
Any help is appreciated.

For quick testing I made a sample project that could be used with PlatformIO.
https://github.com/Bmooij/AsyncTCP-https-server-example

Thanks!

fremouw and others added 30 commits September 26, 2018 10:00
@fremouw
- very early version with mbed TLS support.
a251e59
@fremouw
improved TLS support, removed some not needed debug statements.
d4257e6
@fremouw
removed some more logging.
eeff609
@fremouw
getting there, seems to start working, there are still some issues wi…
f2127a0 
…th the handshake failing.
@fremouw
add fix for reading larger amounts of data.
3c9fbd9
@fremouw
some code clean-up
d501a90
@fremouw
more code clean-up.
c9dd608
@fremouw
revert IDF changes, so it works with the latest stable IDF.
52e550b
@fremouw
Not a fan of defines, but to keep things in line with the esp8266 ver…
001ae06 
…sion added all SSL stuff between defines. In order to enable SSL add -DASYNC_TCP_SSL_ENABLED to your build flags.
@fremouw
clean-up
9f7a918
@fremouw
merge origin/idf-update into mbed-tls, as it's now part of the latest…
5187673 
… released version of arduino-esp32...
@fremouw
Merge branch 'master' into mbed-tls
373c334
@fremouw
add some dummy functions so we can compile when the ESP Async WebServ…
d631d7d 
…er library is also used.
@fremouw
allow setting a root CA.
78f952e
@fremouw
oops, set debug disabled as default again.
0879ba2
@fremouw
add ASYNC_TCP_SSL_ENABLED around setRootCa call.
ef50357
@fremouw
Update README.md
3fa9abf
@tve
add support for pre-shared key TLS cipher suites
5e06389
@tve
update mbed-tls implementation to account for restructing
5e511de
@tve
don't assign _hostname unless necessary
8e55be4
@tve
fix indentation; make SSL timeout a #define
9cba86e
@tve
make SSL timeout a #define, 2nd try
f34df7f
@tve
Merge remote-tracking branch 'upstream/master' into mbed-tls-try2
7bca0f4
@tve
fix while loop in _recv; fix calls into LwIP; add some comments
8ef604b
@tve
fix c/c++ linking from tcp_ssl to tcp code
b7ee312
@tve
TLS fixes: pbuf free bug when reading; add debug printfs; useless ext…
73480f3 
…ra copy in read
@tve
add minor comment
8b52f6c
@tve
merge upstream into mbed-tls
1e8da66
@tve
fix Codacy issues
8e77fe7
@tve
Merge remote-tracking branch 'upstream/master' into mbed-tls-try2
b0b2bac
tve and others added 10 commits September 25, 2019 21:10
@tve
fix issues with closed_slots
3cc7048
@me-no-dev
Merge branch 'master' into mbed-tls-try2
abdd496
@robert-alfaro @tve
mbed-tls-try2 updates (me-no-dev#3)
44b3d6b 
* Fix LoadProhibited (me-no-dev#73)
* Use sizeof instead of strlen for const char[]
* Add Kconfig option to control ASYNC_TCP_SSL_ENABLED
* Optionally include ssl header files
* Add null check for psk_ident and pskey
* Do not default to PSK when root_ca is not explcitly set. tcp_ssl_new_client() has a case to handle this.
* Move psk null checks to top of function, remove unneeded include, syntax cleanup.

Authored-by: Bob <[email protected]>
@tve
fix codacity strlen issues
540bf7d
@tve
Merge branch 'master' into mbed-tls-try2
3d67ffe
@r3no1t @tve
add client certificate authentication
59f83d8
@bmooij-beeliners
Init server implementation
5ceb4db
@bmooij-beeliners
Move stuff from AsyncTCP to tcp_mbedtls
6bac001
@bmooij-beeliners
implement free ssl free for server clients
dbe391c
@bmooij-beeliners
Update server handshake flow
4c260fb
@Bmooij Bmooij changed the title mbed TLS client & server support mbed TLS client & server support (WIP) Apr 16, 2020
@BlueAndi BlueAndi mentioned this pull request Jul 8, 2020
Closed
@zekageri
Copy link

Any news on this?

@frippe75
Copy link

frippe75 commented Aug 5, 2020

Would this also enable TLS/SSL for Server side Web Sockets ??
Looked long and hard for that.... :-)

@BlueAndi BlueAndi mentioned this pull request Aug 30, 2020
Closed
@RomeHein
Copy link

RomeHein commented Nov 13, 2020
edited
Loading

Hey, is there any code sample to try the client part? I've tried to make https requests, but I'm missing libraries to build the AsyncTCP with this branch, any help would be much appreciated :)

Compilation errors:

libraries/asyncHTTPrequest/asyncHTTPrequest.cpp.o:(.literal._ZN16asyncHTTPrequest8_connectEv+0x28): undefined reference to `AsyncClient::AsyncClient(tcp_pcb*, tcp_pcb*)'
Multiple libraries were found for "FS.h"
libraries/asyncHTTPrequest/asyncHTTPrequest.cpp.o:(.literal._ZN16asyncHTTPrequest8_connectEv+0x2c): undefined reference to `AsyncClient::connect(char const*, unsigned short, bool)'

robert-alfaro
robert-alfaro reviewed Mar 5, 2021
View reviewed changes
src/tcp_mbedtls.c
@@ -389,7 +389,7 @@ int tcp_ssl_new_server(struct tcp_pcb *tcp, void *arg, const char *cert, const s
TCP_SSL_DEBUG("Seeding the random number generator...\n" );
ret = mbedtls_ctr_drbg_seed(&tcp_ssl->drbg_ctx, mbedtls_entropy_func, &tcp_ssl->entropy_ctx,
(const unsigned char *) pers,
strlen(pers));
sizeof(pers));
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I understand strlen appears as risky, but taking sizeof here does not return the same numeric value.

@zekageri zekageri mentioned this pull request Apr 23, 2021
Closed
@dgtized dgtized mentioned this pull request Aug 10, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@robert-alfaro robert-alfaro robert-alfaro left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
10 participants
@Bmooij @zekageri @frippe75 @RomeHein @robert-alfaro @fremouw @tve @me-no-dev @r3no1t @bmooij-beeliners