From aace0470e707248cc9a0fb0107cc3b7d94caaabb Mon Sep 17 00:00:00 2001 From: jasenk2 Date: Sun, 24 Jul 2022 15:35:24 +0000 Subject: [PATCH 1/6] Update HTTPConnection.hpp Fix header to existing mbedtls/sha1.h one --- src/HTTPConnection.hpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/HTTPConnection.hpp b/src/HTTPConnection.hpp index fb15d7a..bab6150 100644 --- a/src/HTTPConnection.hpp +++ b/src/HTTPConnection.hpp @@ -6,7 +6,7 @@ #include #include -#include +#include #include // Required for sockets From 7aec8fe9c0304a12686b54a3c9c6a2ce435cd822 Mon Sep 17 00:00:00 2001 From: jasenk2 Date: Sun, 24 Jul 2022 15:36:33 +0000 Subject: [PATCH 2/6] Update HTTPConnection.cpp --- src/HTTPConnection.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/HTTPConnection.cpp b/src/HTTPConnection.cpp index 0ab739c..553a36c 100644 --- a/src/HTTPConnection.cpp +++ b/src/HTTPConnection.cpp @@ -664,7 +664,7 @@ void handleWebsocketHandshake(HTTPRequest * req, HTTPResponse * res) { std::string websocketKeyResponseHash(std::string const &key) { std::string newKey = key + "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"; uint8_t shaData[HTTPS_SHA1_LENGTH]; - esp_sha(SHA1, (uint8_t*)newKey.data(), newKey.length(), shaData); + mbedtls_sha1_ret((uint8_t*)newKey.data(), newKey.length(), shaData); // Get output size required for base64 representation size_t b64BufferSize = 0; From 2780e9f4f4654434b90032f5ab51bbdba0479bf4 Mon Sep 17 00:00:00 2001 From: jkolev Date: Sun, 11 Dec 2022 12:07:46 +0200 Subject: [PATCH 3/6] fix tag --- src/WebsocketHandler.cpp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/WebsocketHandler.cpp b/src/WebsocketHandler.cpp index 5e4c1d1..779f946 100644 --- a/src/WebsocketHandler.cpp +++ b/src/WebsocketHandler.cpp @@ -1,5 +1,7 @@ #include "WebsocketHandler.hpp" - +#ifndef TAG +#define TAG "ARDUINO" +#endif namespace httpsserver { /** @@ -17,7 +19,7 @@ static void dumpFrame(WebsocketFrame frame) { case WebsocketHandler::OPCODE_TEXT: opcode = std::string("TEXT"); break; } ESP_LOGI( - TAG, + "", "Fin: %d, OpCode: %d (%s), Mask: %d, Len: %d", (int)frame.fin, (int)frame.opCode, From d87e59a1586c4f2819a8266d88d7ee3298811e15 Mon Sep 17 00:00:00 2001 From: jkolev Date: Sun, 11 Dec 2022 22:07:00 +0200 Subject: [PATCH 4/6] change from openssl to esp_tls --- src/ConnectionContext.hpp | 6 ++-- src/HTTPResponse.hpp | 3 +- src/HTTPSConnection.cpp | 61 +++++++++++++++++------------------- src/HTTPSConnection.hpp | 11 ++++--- src/HTTPSServer.cpp | 66 ++++++++++++++++++++++++--------------- src/HTTPSServer.hpp | 11 ++++--- 6 files changed, 86 insertions(+), 72 deletions(-) diff --git a/src/ConnectionContext.hpp b/src/ConnectionContext.hpp index da88964..6778cd7 100644 --- a/src/ConnectionContext.hpp +++ b/src/ConnectionContext.hpp @@ -5,9 +5,9 @@ #include // Required for SSL -#include "openssl/ssl.h" -#undef read - +//#include "openssl/ssl.h" +//#undef read +#include namespace httpsserver { class WebsocketHandler; diff --git a/src/HTTPResponse.hpp b/src/HTTPResponse.hpp index 7bd1758..2ff5c88 100644 --- a/src/HTTPResponse.hpp +++ b/src/HTTPResponse.hpp @@ -9,7 +9,8 @@ #undef write #include -#include +//#include +#include #include "util.hpp" diff --git a/src/HTTPSConnection.cpp b/src/HTTPSConnection.cpp index e0e3dd0..64c9cd4 100644 --- a/src/HTTPSConnection.cpp +++ b/src/HTTPSConnection.cpp @@ -22,33 +22,36 @@ bool HTTPSConnection::isSecure() { * * The call WILL BLOCK if accept(serverSocketID) blocks. So use select() to check for that in advance. */ -int HTTPSConnection::initialize(int serverSocketID, SSL_CTX * sslCtx, HTTPHeaders *defaultHeaders) { +int HTTPSConnection::initialize(int serverSocketID, esp_tls_t * sslCtx, esp_tls_cfg_server_t * cfgSrv, HTTPHeaders *defaultHeaders) { if (_connectionState == STATE_UNDEFINED) { // Let the base class connect the plain tcp socket int resSocket = HTTPConnection::initialize(serverSocketID, defaultHeaders); - + // Build up SSL Connection context if the socket has been created successfully if (resSocket >= 0) { - - _ssl = SSL_new(sslCtx); - - if (_ssl) { +// _ssl = SSL_new(sslCtx); + int res=esp_tls_server_session_create(cfgSrv,resSocket,sslCtx); + if (0==res) { + esp_tls_cfg_server_session_tickets_init(cfgSrv); + _ssl = sslCtx; + _cfg = cfgSrv; + // Bind SSL to the socket - int success = SSL_set_fd(_ssl, resSocket); - if (success) { - - // Perform the handshake - success = SSL_accept(_ssl); - if (success) { + // int success = SSL_set_fd(_ssl, resSocket); + if (ESP_OK == esp_tls_get_conn_sockfd(sslCtx,&resSocket)) { + + // // Perform the handshake + // success = SSL_accept(_ssl); + // if (success) { return resSocket; - } else { - HTTPS_LOGE("SSL_accept failed. Aborting handshake. FID=%d", resSocket); - } } else { - HTTPS_LOGE("SSL_set_fd failed. Aborting handshake. FID=%d", resSocket); + HTTPS_LOGE("SSL_accept failed. Aborting handshake. FID=%d", resSocket); } + // } else { + // HTTPS_LOGE("SSL_set_fd failed. Aborting handshake. FID=%d", resSocket); + // } } else { - HTTPS_LOGE("SSL_new failed. Aborting handshake. FID=%d", resSocket); + HTTPS_LOGE("SSL_new failed. Aborting handshake. Error=%d", res); } } else { @@ -84,18 +87,10 @@ void HTTPSConnection::closeConnection() { // Try to tear down SSL while we are in the _shutdownTS timeout period or if an error occurred if (_ssl) { - if(_connectionState == STATE_ERROR || SSL_shutdown(_ssl) == 0) { - // SSL_shutdown will return 1 as soon as the client answered with close notify - // This means we are safe to close the socket - SSL_free(_ssl); - _ssl = NULL; - } else if (_shutdownTS + HTTPS_SHUTDOWN_TIMEOUT < millis()) { - // The timeout has been hit, we force SSL shutdown now by freeing the context - SSL_free(_ssl); - _ssl = NULL; - HTTPS_LOGW("SSL_shutdown did not receive close notification from the client"); - _connectionState = STATE_ERROR; - } + esp_tls_cfg_server_session_tickets_free(_cfg); + esp_tls_server_session_delete(_ssl); + _ssl = NULL; + _connectionState = STATE_ERROR; } // If SSL has been brought down, close the socket @@ -105,19 +100,19 @@ void HTTPSConnection::closeConnection() { } size_t HTTPSConnection::writeBuffer(byte* buffer, size_t length) { - return SSL_write(_ssl, buffer, length); + return esp_tls_conn_write(_ssl,buffer,length);// SSL_write(_ssl, buffer, length); } size_t HTTPSConnection::readBytesToBuffer(byte* buffer, size_t length) { - return SSL_read(_ssl, buffer, length); + return esp_tls_conn_read(_ssl, buffer, length); } size_t HTTPSConnection::pendingByteCount() { - return SSL_pending(_ssl); + return esp_tls_get_bytes_avail(_ssl); } bool HTTPSConnection::canReadData() { - return HTTPConnection::canReadData() || (SSL_pending(_ssl) > 0); + return HTTPConnection::canReadData() || (esp_tls_get_bytes_avail(_ssl) > 0); } } /* namespace httpsserver */ diff --git a/src/HTTPSConnection.hpp b/src/HTTPSConnection.hpp index 8adbce5..9989620 100644 --- a/src/HTTPSConnection.hpp +++ b/src/HTTPSConnection.hpp @@ -6,8 +6,9 @@ #include // Required for SSL -#include "openssl/ssl.h" -#undef read +//#include "openssl/ssl.h" +//#undef read +#include // Required for sockets #include "lwip/netdb.h" @@ -34,7 +35,7 @@ class HTTPSConnection : public HTTPConnection { HTTPSConnection(ResourceResolver * resResolver); virtual ~HTTPSConnection(); - virtual int initialize(int serverSocketID, SSL_CTX * sslCtx, HTTPHeaders *defaultHeaders); + virtual int initialize(int serverSocketID, esp_tls_t * sslCtx,esp_tls_cfg_server_t * cfgSrv, HTTPHeaders *defaultHeaders); virtual void closeConnection(); virtual bool isSecure(); @@ -49,8 +50,8 @@ class HTTPSConnection : public HTTPConnection { private: // SSL context for this connection - SSL * _ssl; - + esp_tls_t * _ssl; + esp_tls_cfg_server_t * _cfg; }; } /* namespace httpsserver */ diff --git a/src/HTTPSServer.cpp b/src/HTTPSServer.cpp index 4d8352d..d5ba435 100644 --- a/src/HTTPSServer.cpp +++ b/src/HTTPSServer.cpp @@ -2,17 +2,24 @@ namespace httpsserver { +constexpr char * alpn_protos[] = { "h2", NULL } ; HTTPSServer::HTTPSServer(SSLCert * cert, const uint16_t port, const uint8_t maxConnections, const in_addr_t bindAddress): HTTPServer(port, maxConnections, bindAddress), _cert(cert) { - + // Configure runtime data _sslctx = NULL; + _cfg = new esp_tls_cfg_server(); + _cfg->alpn_protos = (const char **)alpn_protos; + _cfg->servercert_buf =cert->getCertData(); + _cfg->servercert_bytes = cert->getPKLength(); + _cfg->serverkey_buf= cert->getPKData(); + _cfg->serverkey_bytes= cert->getPKLength(); } HTTPSServer::~HTTPSServer() { - + free(_cfg); } /** @@ -27,7 +34,7 @@ uint8_t HTTPSServer::setupSocket() { if (!setupCert()) { Serial.println("setupCert failed"); - SSL_CTX_free(_sslctx); +// SSL_CTX_free(_sslctx); _sslctx = NULL; return 0; } @@ -36,7 +43,7 @@ uint8_t HTTPSServer::setupSocket() { return 1; } else { Serial.println("setupSockets failed"); - SSL_CTX_free(_sslctx); +// SSL_CTX_free(_sslctx); _sslctx = NULL; return 0; } @@ -50,27 +57,29 @@ void HTTPSServer::teardownSocket() { HTTPServer::teardownSocket(); // Tear down the SSL context - SSL_CTX_free(_sslctx); + if (NULL != _sslctx) + //SSL_CTX_free(_sslctx); _sslctx = NULL; } int HTTPSServer::createConnection(int idx) { HTTPSConnection * newConnection = new HTTPSConnection(this); _connections[idx] = newConnection; - return newConnection->initialize(_socket, _sslctx, &_defaultHeaders); + return newConnection->initialize(_socket, _sslctx, _cfg , &_defaultHeaders); } /** * This method configures the ssl context that is used for the server */ uint8_t HTTPSServer::setupSSLCTX() { - _sslctx = SSL_CTX_new(TLSv1_2_server_method()); - if (_sslctx) { + +// _sslctx = SSL_CTX_new(TLSv1_2_server_method()); + _sslctx = esp_tls_init(); + if (NULL != _sslctx) { // Set SSL Timeout to 5 minutes - SSL_CTX_set_timeout(_sslctx, 300); +// SSL_CTX_set_timeout(_sslctx, 300); return 1; } else { - _sslctx = NULL; return 0; } } @@ -81,22 +90,27 @@ uint8_t HTTPSServer::setupSSLCTX() { */ uint8_t HTTPSServer::setupCert() { // Configure the certificate first - uint8_t ret = SSL_CTX_use_certificate_ASN1( - _sslctx, - _cert->getCertLength(), - _cert->getCertData() - ); - - // Then set the private key accordingly - if (ret) { - ret = SSL_CTX_use_RSAPrivateKey_ASN1( - _sslctx, - _cert->getPKData(), - _cert->getPKLength() - ); - } - - return ret; + _cfg->servercert_buf= _cert->getCertData(); + _cfg->servercert_bytes = _cert->getPKLength(); + _cfg->serverkey_buf= _cert->getPKData(); + _cfg->serverkey_bytes= _cert->getPKLength(); + + // uint8_t ret = SSL_CTX_use_certificate_ASN1( + // _sslctx, + // _cert->getCertLength(), + // _cert->getCertData() + // ); + + // // Then set the private key accordingly + // if (ret) { + // ret = SSL_CTX_use_RSAPrivateKey_ASN1( + // _sslctx, + // _cert->getPKData(), + // _cert->getPKLength() + // ); + // } + + return 1; } } /* namespace httpsserver */ diff --git a/src/HTTPSServer.hpp b/src/HTTPSServer.hpp index 68596bf..10c925d 100644 --- a/src/HTTPSServer.hpp +++ b/src/HTTPSServer.hpp @@ -8,8 +8,9 @@ #include // Required for SSL -#include "openssl/ssl.h" -#undef read +//#include "openssl/ssl.h" +#include +//#undef read // Internal includes #include "HTTPServer.hpp" @@ -31,14 +32,16 @@ class HTTPSServer : public HTTPServer { public: HTTPSServer(SSLCert * cert, const uint16_t portHTTPS = 443, const uint8_t maxConnections = 4, const in_addr_t bindAddress = 0); virtual ~HTTPSServer(); - + virtual esp_tls_cfg_server_t *getConfig() {return _cfg;} private: // Static configuration. Port, keys, etc. ==================== // Certificate that should be used (includes private key) SSLCert * _cert; //// Runtime data ============================================ - SSL_CTX * _sslctx; + //SSL_CTX * _sslctx; + esp_tls_t * _sslctx; + esp_tls_cfg_server_t * _cfg; // Status of the server: Are we running, or not? // Setup functions From 8bf72f170ebb5eab4cd01c873b9a2a446c712457 Mon Sep 17 00:00:00 2001 From: jkolev Date: Sun, 11 Dec 2022 22:14:01 +0200 Subject: [PATCH 5/6] remove old comments --- src/HTTPSConnection.cpp | 11 ----------- src/HTTPSServer.cpp | 23 +---------------------- 2 files changed, 1 insertion(+), 33 deletions(-) diff --git a/src/HTTPSConnection.cpp b/src/HTTPSConnection.cpp index 64c9cd4..3d93138 100644 --- a/src/HTTPSConnection.cpp +++ b/src/HTTPSConnection.cpp @@ -29,27 +29,16 @@ int HTTPSConnection::initialize(int serverSocketID, esp_tls_t * sslCtx, esp_tls_ // Build up SSL Connection context if the socket has been created successfully if (resSocket >= 0) { -// _ssl = SSL_new(sslCtx); int res=esp_tls_server_session_create(cfgSrv,resSocket,sslCtx); if (0==res) { esp_tls_cfg_server_session_tickets_init(cfgSrv); _ssl = sslCtx; _cfg = cfgSrv; - - // Bind SSL to the socket - // int success = SSL_set_fd(_ssl, resSocket); if (ESP_OK == esp_tls_get_conn_sockfd(sslCtx,&resSocket)) { - - // // Perform the handshake - // success = SSL_accept(_ssl); - // if (success) { return resSocket; } else { HTTPS_LOGE("SSL_accept failed. Aborting handshake. FID=%d", resSocket); } - // } else { - // HTTPS_LOGE("SSL_set_fd failed. Aborting handshake. FID=%d", resSocket); - // } } else { HTTPS_LOGE("SSL_new failed. Aborting handshake. Error=%d", res); } diff --git a/src/HTTPSServer.cpp b/src/HTTPSServer.cpp index d5ba435..c1925ef 100644 --- a/src/HTTPSServer.cpp +++ b/src/HTTPSServer.cpp @@ -34,7 +34,6 @@ uint8_t HTTPSServer::setupSocket() { if (!setupCert()) { Serial.println("setupCert failed"); -// SSL_CTX_free(_sslctx); _sslctx = NULL; return 0; } @@ -43,7 +42,6 @@ uint8_t HTTPSServer::setupSocket() { return 1; } else { Serial.println("setupSockets failed"); -// SSL_CTX_free(_sslctx); _sslctx = NULL; return 0; } @@ -58,8 +56,7 @@ void HTTPSServer::teardownSocket() { // Tear down the SSL context if (NULL != _sslctx) - //SSL_CTX_free(_sslctx); - _sslctx = NULL; + _sslctx = NULL; } int HTTPSServer::createConnection(int idx) { @@ -76,8 +73,6 @@ uint8_t HTTPSServer::setupSSLCTX() { // _sslctx = SSL_CTX_new(TLSv1_2_server_method()); _sslctx = esp_tls_init(); if (NULL != _sslctx) { - // Set SSL Timeout to 5 minutes -// SSL_CTX_set_timeout(_sslctx, 300); return 1; } else { return 0; @@ -94,22 +89,6 @@ uint8_t HTTPSServer::setupCert() { _cfg->servercert_bytes = _cert->getPKLength(); _cfg->serverkey_buf= _cert->getPKData(); _cfg->serverkey_bytes= _cert->getPKLength(); - - // uint8_t ret = SSL_CTX_use_certificate_ASN1( - // _sslctx, - // _cert->getCertLength(), - // _cert->getCertData() - // ); - - // // Then set the private key accordingly - // if (ret) { - // ret = SSL_CTX_use_RSAPrivateKey_ASN1( - // _sslctx, - // _cert->getPKData(), - // _cert->getPKLength() - // ); - // } - return 1; } From 7adefd60824609274a6c8e3f13bddf4129467b13 Mon Sep 17 00:00:00 2001 From: jkolev Date: Mon, 12 Dec 2022 02:07:02 +0200 Subject: [PATCH 6/6] ready to merge --- src/HTTPSConnection.cpp | 14 ++++++------- src/HTTPSConnection.hpp | 2 +- src/HTTPSServer.cpp | 44 ++++++++++------------------------------- src/HTTPSServer.hpp | 3 --- 4 files changed, 17 insertions(+), 46 deletions(-) diff --git a/src/HTTPSConnection.cpp b/src/HTTPSConnection.cpp index 3d93138..ff9ba5d 100644 --- a/src/HTTPSConnection.cpp +++ b/src/HTTPSConnection.cpp @@ -5,7 +5,7 @@ namespace httpsserver { HTTPSConnection::HTTPSConnection(ResourceResolver * resResolver): HTTPConnection(resResolver) { - _ssl = NULL; + _ssl = esp_tls_init(); } HTTPSConnection::~HTTPSConnection() { @@ -22,19 +22,19 @@ bool HTTPSConnection::isSecure() { * * The call WILL BLOCK if accept(serverSocketID) blocks. So use select() to check for that in advance. */ -int HTTPSConnection::initialize(int serverSocketID, esp_tls_t * sslCtx, esp_tls_cfg_server_t * cfgSrv, HTTPHeaders *defaultHeaders) { +int HTTPSConnection::initialize(int serverSocketID, esp_tls_cfg_server_t * cfgSrv, HTTPHeaders *defaultHeaders) { if (_connectionState == STATE_UNDEFINED) { // Let the base class connect the plain tcp socket int resSocket = HTTPConnection::initialize(serverSocketID, defaultHeaders); - + HTTPS_LOGI("Cert len:%d, apn:%s\n",cfgSrv->servercert_bytes,cfgSrv->alpn_protos[0]); // Build up SSL Connection context if the socket has been created successfully if (resSocket >= 0) { - int res=esp_tls_server_session_create(cfgSrv,resSocket,sslCtx); + int res=esp_tls_server_session_create(cfgSrv,resSocket,_ssl); if (0==res) { esp_tls_cfg_server_session_tickets_init(cfgSrv); - _ssl = sslCtx; _cfg = cfgSrv; - if (ESP_OK == esp_tls_get_conn_sockfd(sslCtx,&resSocket)) { + // Bind SSL to the socket + if (ESP_OK == esp_tls_get_conn_sockfd(_ssl,&resSocket)) { return resSocket; } else { HTTPS_LOGE("SSL_accept failed. Aborting handshake. FID=%d", resSocket); @@ -46,10 +46,8 @@ int HTTPSConnection::initialize(int serverSocketID, esp_tls_t * sslCtx, esp_tls_ } else { HTTPS_LOGE("Could not accept() new connection. FID=%d", resSocket); } - _connectionState = STATE_ERROR; _clientState = CSTATE_ACTIVE; - // This will only be called if the connection could not be established and cleanup // variables like _ssl etc. closeConnection(); diff --git a/src/HTTPSConnection.hpp b/src/HTTPSConnection.hpp index 9989620..6b0efa0 100644 --- a/src/HTTPSConnection.hpp +++ b/src/HTTPSConnection.hpp @@ -35,7 +35,7 @@ class HTTPSConnection : public HTTPConnection { HTTPSConnection(ResourceResolver * resResolver); virtual ~HTTPSConnection(); - virtual int initialize(int serverSocketID, esp_tls_t * sslCtx,esp_tls_cfg_server_t * cfgSrv, HTTPHeaders *defaultHeaders); + virtual int initialize(int serverSocketID,esp_tls_cfg_server_t * cfgSrv, HTTPHeaders *defaultHeaders); virtual void closeConnection(); virtual bool isSecure(); diff --git a/src/HTTPSServer.cpp b/src/HTTPSServer.cpp index c1925ef..249e5ce 100644 --- a/src/HTTPSServer.cpp +++ b/src/HTTPSServer.cpp @@ -2,18 +2,18 @@ namespace httpsserver { -constexpr char * alpn_protos[] = { "h2", NULL } ; +constexpr const char * alpn_protos[] = { "http/1.1", NULL } ; HTTPSServer::HTTPSServer(SSLCert * cert, const uint16_t port, const uint8_t maxConnections, const in_addr_t bindAddress): HTTPServer(port, maxConnections, bindAddress), _cert(cert) { - // Configure runtime data - _sslctx = NULL; _cfg = new esp_tls_cfg_server(); _cfg->alpn_protos = (const char **)alpn_protos; + _cfg->cacert_buf = NULL; + _cfg->cacert_bytes = 0; _cfg->servercert_buf =cert->getCertData(); - _cfg->servercert_bytes = cert->getPKLength(); + _cfg->servercert_bytes = cert->getCertLength(); _cfg->serverkey_buf= cert->getPKData(); _cfg->serverkey_bytes= cert->getPKLength(); } @@ -27,22 +27,15 @@ HTTPSServer::~HTTPSServer() { */ uint8_t HTTPSServer::setupSocket() { if (!isRunning()) { - if (!setupSSLCTX()) { - Serial.println("setupSSLCTX failed"); - return 0; - } - - if (!setupCert()) { - Serial.println("setupCert failed"); - _sslctx = NULL; - return 0; - } + _cfg->servercert_buf= _cert->getCertData(); + _cfg->servercert_bytes = _cert->getCertLength(); + _cfg->serverkey_buf= _cert->getPKData(); + _cfg->serverkey_bytes= _cert->getPKLength(); if (HTTPServer::setupSocket()) { return 1; } else { Serial.println("setupSockets failed"); - _sslctx = NULL; return 0; } } else { @@ -54,29 +47,12 @@ void HTTPSServer::teardownSocket() { HTTPServer::teardownSocket(); - // Tear down the SSL context - if (NULL != _sslctx) - _sslctx = NULL; } int HTTPSServer::createConnection(int idx) { HTTPSConnection * newConnection = new HTTPSConnection(this); _connections[idx] = newConnection; - return newConnection->initialize(_socket, _sslctx, _cfg , &_defaultHeaders); -} - -/** - * This method configures the ssl context that is used for the server - */ -uint8_t HTTPSServer::setupSSLCTX() { - -// _sslctx = SSL_CTX_new(TLSv1_2_server_method()); - _sslctx = esp_tls_init(); - if (NULL != _sslctx) { - return 1; - } else { - return 0; - } + return newConnection->initialize(_socket, _cfg , &_defaultHeaders); } /** @@ -86,7 +62,7 @@ uint8_t HTTPSServer::setupSSLCTX() { uint8_t HTTPSServer::setupCert() { // Configure the certificate first _cfg->servercert_buf= _cert->getCertData(); - _cfg->servercert_bytes = _cert->getPKLength(); + _cfg->servercert_bytes = _cert->getCertLength(); _cfg->serverkey_buf= _cert->getPKData(); _cfg->serverkey_bytes= _cert->getPKLength(); return 1; diff --git a/src/HTTPSServer.hpp b/src/HTTPSServer.hpp index 10c925d..5e87430 100644 --- a/src/HTTPSServer.hpp +++ b/src/HTTPSServer.hpp @@ -39,15 +39,12 @@ class HTTPSServer : public HTTPServer { SSLCert * _cert; //// Runtime data ============================================ - //SSL_CTX * _sslctx; - esp_tls_t * _sslctx; esp_tls_cfg_server_t * _cfg; // Status of the server: Are we running, or not? // Setup functions virtual uint8_t setupSocket(); virtual void teardownSocket(); - uint8_t setupSSLCTX(); uint8_t setupCert(); // Helper functions