Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Contribute to GitLab
Sign in
Toggle navigation
E
esp32-http-server
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
esp
esp32-http-server
Commits
baf849bf
Commit
baf849bf
authored
May 16, 2018
by
Franco (nextime) Lanza
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'certificate_chain' into 'master'
Certificate chain See merge request
!1
parents
711bf969
24d7b83d
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
354 additions
and
299 deletions
+354
-299
https_server.c
https_server.c
+336
-299
https_server.h
https_server.h
+18
-0
No files found.
https_server.c
View file @
baf849bf
...
...
@@ -41,6 +41,7 @@
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/error.h"
#include "mbedtls/certs.h"
#include "mbedtls/ssl_ticket.h"
#if defined(MBEDTLS_SSL_CACHE_C)
#include "mbedtls/ssl_cache.h"
...
...
@@ -111,9 +112,9 @@ struct http_context_ {
struct
http_server_context_
{
int
port
;
err_t
server_task_err
;
TaskHandle_t
task
;
EventGroupHandle_t
start_done
;
err_t
server_task_err
;
SLIST_HEAD
(,
http_handler_t
)
handlers
;
_lock_t
handlers_lock
;
struct
http_context_
connection_context
;
...
...
@@ -125,6 +126,7 @@ struct http_server_context_ {
mbedtls_x509_crt
*
srvcert
;
mbedtls_pk_context
*
pkey
;
mbedtls_ssl_cache_context
*
cache
;
mbedtls_ssl_ticket_context
*
ticket_ctx
;
#else
struct
netconn
*
server_conn
;
#endif
...
...
@@ -132,6 +134,7 @@ struct http_server_context_ {
#define SERVER_STARTED_BIT BIT(0)
#define SERVER_DONE_BIT BIT(1)
#define SERVER_ERR_NO_MEM BIT(2)
static
const
char
*
http_response_code_to_str
(
int
code
);
...
...
@@ -139,24 +142,6 @@ static esp_err_t add_keyval_pair(http_header_list_t *list, const char* name, con
static
const
char
*
TAG
=
"http_server"
;
const
static
char
index_html
[]
=
"<!DOCTYPE html>"
"<html>
\n
"
"<head>
\n
"
" <meta name=
\"
viewport
\"
content=
\"
width=device-width, initial-scale=1
\"
>
\n
"
" <style type=
\"
text/css
\"
>
\n
"
" html, body, iframe { margin: 0; padding: 0; height: 100%; }
\n
"
" iframe { display: block; width: 100%; border: none; }
\n
"
" </style>
\n
"
"<title>HELLO ESP32</title>
\n
"
"</head>
\n
"
"<body>
\n
"
"<h1>Hello World, from ESP32!</h1>
\n
"
"</body>
\n
"
"</html>
\n
"
;
const
static
char
response_OK
[]
=
"OK!
\n
"
;
esp_err_t
http_register_handler
(
http_server_t
server
,
const
char
*
uri_pattern
,
int
method
,
...
...
@@ -879,11 +864,11 @@ static void http_handle_connection(http_server_t server, void *arg_conn)
if
(
ret
>
0
)
{
ctx
->
state
=
HTTP_COLLECTING_RESPONSE_HEADERS
;
if
(
ctx
->
handler
==
NULL
)
{
ESP_LOGD
(
TAG
,
"No registered Handler!"
)
ESP_LOGD
(
TAG
,
"No registered Handler!"
)
;
http_send_not_found_response
(
ctx
);
}
else
{
ESP_LOGD
(
TAG
,
"Registered Handler Found!"
)
ESP_LOGD
(
TAG
,
"Registered Handler Found!"
)
;
invoke_handler
(
ctx
,
HTTP_HANDLE_RESPONSE
);
}
}
...
...
@@ -891,10 +876,10 @@ static void http_handle_connection(http_server_t server, void *arg_conn)
if
(
err
==
ERR_OK
)
{
ctx
->
state
=
HTTP_COLLECTING_RESPONSE_HEADERS
;
if
(
ctx
->
handler
==
NULL
)
{
ESP_LOGD
(
TAG
,
"No registered Handler!"
)
ESP_LOGD
(
TAG
,
"No registered Handler!"
)
;
http_send_not_found_response
(
ctx
);
}
else
{
ESP_LOGD
(
TAG
,
"Registered Handler Found!"
)
ESP_LOGD
(
TAG
,
"Registered Handler Found!"
)
;
invoke_handler
(
ctx
,
HTTP_HANDLE_RESPONSE
);
}
}
...
...
@@ -933,23 +918,44 @@ static void http_handle_connection(http_server_t server, void *arg_conn)
static
void
http_server
(
void
*
arg
)
{
uint8_t
bits
;
http_server_t
ctx
=
(
http_server_t
)
arg
;
#ifdef HTTPS_SERVER
do
{
ESP_LOGV
(
TAG
,
"Checking Server Status..."
);
bits
=
xEventGroupWaitBits
(
ctx
->
start_done
,
SERVER_STARTED_BIT
|
SERVER_DONE_BIT
,
0
,
pdTRUE
,
1000
/
portTICK_PERIOD_MS
);
//If server had already been successfully started but it has crashed,
if
((
bits
&
SERVER_STARTED_BIT
)
&&
(
bits
&
SERVER_DONE_BIT
))
{
ESP_LOGE
(
TAG
,
"Server has closed. Restarting server..."
);
xEventGroupClearBits
(
ctx
->
start_done
,
SERVER_STARTED_BIT
|
SERVER_DONE_BIT
);
memset
(
&
(
ctx
->
connection_context
),
0
,
sizeof
(
*
ctx
)
-
(
size_t
)((
int
)
&
(
ctx
->
connection_context
)
-
(
int
)
ctx
)
);
bits
=
pdFALSE
;
}
//If server has not successfully been started yet,
if
(
!
(
bits
&
SERVER_STARTED_BIT
))
{
#ifdef HTTPS_SERVER
char
*
error_buf
;
ESP_LOGV
(
TAG
,
"Declaring local mbedTLS context on task..."
);
int
ret
;
mbedtls_net_context
listen_fd
;
mbedtls_net_context
client_fd
;
mbedtls_entropy_context
entropy
;
mbedtls_ctr_drbg_context
ctr_drbg
;
mbedtls_ssl_context
ssl_conn
;
mbedtls_ssl_config
conf
;
mbedtls_x509_crt
srvcert
;
mbedtls_pk_context
pkey
;
#if defined(MBEDTLS_SSL_CACHE_C)
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_context
cache
;
(
ctx
->
cache
)
=
&
cache
;
#endif
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
mbedtls_ssl_ticket_context
ticket_ctx
;
(
ctx
->
ticket_ctx
)
=
&
ticket_ctx
;
#endif
(
ctx
->
listen_fd
)
=
&
listen_fd
;
(
ctx
->
connection_context
.
client_fd
)
=
&
client_fd
;
(
ctx
->
entropy
)
=
&
entropy
;
(
ctx
->
ctr_drbg
)
=
&
ctr_drbg
;
(
ctx
->
connection_context
.
ssl_conn
)
=
&
ssl_conn
;
...
...
@@ -957,20 +963,34 @@ static void http_server(void *arg)
(
ctx
->
srvcert
)
=
&
srvcert
;
(
ctx
->
pkey
)
=
&
pkey
;
ESP_LOGV
(
TAG
,
"Reading CA certificate......"
);
extern
const
unsigned
char
cacert_pem_start
[]
asm
(
"_binary_cacert_pem_start"
);
extern
const
unsigned
char
cacert_pem_end
[]
asm
(
"_binary_cacert_pem_end"
);
const
unsigned
int
cacert_pem_bytes
=
cacert_pem_end
-
cacert_pem_start
;
ESP_LOGV
(
TAG
,
"Reading Root CA certificate......"
);
extern
const
unsigned
char
rootcacert_pem_start
[]
asm
(
"_binary_rootcacert_pem_start"
);
extern
const
unsigned
char
rootcacert_pem_end
[]
asm
(
"_binary_rootcacert_pem_end"
);
const
unsigned
int
rootcacert_pem_bytes
=
rootcacert_pem_end
-
rootcacert_pem_start
;
ESP_LOGV
(
TAG
,
"Reading Intermediate CA certificate......"
);
extern
const
unsigned
char
intermediatecacert_pem_start
[]
asm
(
"_binary_intermediatecacert_pem_start"
);
extern
const
unsigned
char
intermediatecacert_pem_end
[]
asm
(
"_binary_intermediatecacert_pem_end"
);
const
unsigned
int
intermediatecacert_pem_bytes
=
intermediatecacert_pem_end
-
intermediatecacert_pem_start
;
ESP_LOGV
(
TAG
,
"Reading Private Key
......"
);
extern
const
unsigned
char
prvtkey_pem_start
[]
asm
(
"_binary_prvtkey
_pem_start"
);
extern
const
unsigned
char
prvtkey_pem_end
[]
asm
(
"_binary_prvtkey
_pem_end"
);
const
unsigned
int
prvtkey_pem_bytes
=
prvtkey_pem_end
-
prvtkey
_pem_start
;
ESP_LOGV
(
TAG
,
"Reading Server certificate
......"
);
extern
const
unsigned
char
servercert_pem_start
[]
asm
(
"_binary_servercert
_pem_start"
);
extern
const
unsigned
char
servercert_pem_end
[]
asm
(
"_binary_servercert
_pem_end"
);
const
unsigned
int
servercert_pem_bytes
=
servercert_pem_end
-
servercert
_pem_start
;
ESP_LOGV
(
TAG
,
"Setting mbedTLS context......"
);
ESP_LOGV
(
TAG
,
"Reading Server Private Key......"
);
extern
const
unsigned
char
serverprvtkey_pem_start
[]
asm
(
"_binary_serverprvtkey_pem_start"
);
extern
const
unsigned
char
serverprvtkey_pem_end
[]
asm
(
"_binary_serverprvtkey_pem_end"
);
const
unsigned
int
serverprvtkey_pem_bytes
=
serverprvtkey_pem_end
-
serverprvtkey_pem_start
;
ESP_LOGV
(
TAG
,
"Setting server_fd......"
);
mbedtls_net_init
(
ctx
->
listen_fd
);
ESP_LOGV
(
TAG
,
"OK"
);
ESP_LOGV
(
TAG
,
"Setting client fd......"
);
mbedtls_net_init
(
ctx
->
connection_context
.
client_fd
);
ESP_LOGV
(
TAG
,
"OK"
);
ESP_LOGV
(
TAG
,
"SSL server context create ......"
);
mbedtls_ssl_init
(
ctx
->
connection_context
.
ssl_conn
);
ESP_LOGV
(
TAG
,
"OK"
);
...
...
@@ -980,7 +1000,10 @@ static void http_server(void *arg)
ESP_LOGV
(
TAG
,
"OK"
);
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_init
(
&
cache
);
mbedtls_ssl_cache_init
(
ctx
->
cache
);
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
mbedtls_ssl_ticket_init
(
ctx
->
ticket_ctx
);
#endif
mbedtls_x509_crt_init
(
ctx
->
srvcert
);
mbedtls_pk_init
(
ctx
->
pkey
);
...
...
@@ -998,8 +1021,28 @@ static void http_server(void *arg)
*/
ESP_LOGV
(
TAG
,
"SSL server context set own certification......"
);
ESP_LOGV
(
TAG
,
"Parsing test srv_crt......"
);
ret
=
mbedtls_x509_crt_parse
(
ctx
->
srvcert
,
(
const
unsigned
char
*
)
cacert_pem_start
,
cacert_pem_bytes
);
ret
=
mbedtls_x509_crt_parse
(
ctx
->
srvcert
,
(
const
unsigned
char
*
)
servercert_pem_start
,
servercert_pem_bytes
);
if
(
ret
!=
ERR_OK
)
{
ESP_LOGE
(
TAG
,
"ERROR: mbedtls_x509_crt_parse returned %d"
,
ret
);
goto
exit
;
}
ESP_LOGV
(
TAG
,
"OK"
);
ESP_LOGV
(
TAG
,
"Parsing Intermediate CA crt......"
);
ret
=
mbedtls_x509_crt_parse
(
ctx
->
srvcert
,
(
const
unsigned
char
*
)
intermediatecacert_pem_start
,
intermediatecacert_pem_bytes
);
if
(
ret
!=
ERR_OK
)
{
ESP_LOGE
(
TAG
,
"ERROR: mbedtls_x509_crt_parse returned %d"
,
ret
);
goto
exit
;
}
ESP_LOGV
(
TAG
,
"OK"
);
ESP_LOGV
(
TAG
,
"Parsing Root CA crt......"
);
ret
=
mbedtls_x509_crt_parse
(
ctx
->
srvcert
,
(
const
unsigned
char
*
)
rootcacert_pem_start
,
rootcacert_pem_bytes
);
if
(
ret
!=
ERR_OK
)
{
ESP_LOGE
(
TAG
,
"ERROR: mbedtls_x509_crt_parse returned %d"
,
ret
);
...
...
@@ -1007,9 +1050,10 @@ static void http_server(void *arg)
}
ESP_LOGV
(
TAG
,
"OK"
);
ESP_LOGV
(
TAG
,
"SSL server context set private key......"
);
ret
=
mbedtls_pk_parse_key
(
ctx
->
pkey
,
(
const
unsigned
char
*
)
prvtkey_pem_start
,
prvtkey_pem_bytes
,
NULL
,
0
);
ret
=
mbedtls_pk_parse_key
(
ctx
->
pkey
,
(
const
unsigned
char
*
)
server
prvtkey_pem_start
,
server
prvtkey_pem_bytes
,
NULL
,
0
);
if
(
ret
!=
ERR_OK
)
{
ESP_LOGE
(
TAG
,
"ERROR: mbedtls_pk_parse_key returned %d"
,
ret
);
...
...
@@ -1048,9 +1092,9 @@ static void http_server(void *arg)
* 4. Setup stuff
*/
ESP_LOGV
(
TAG
,
"Setting up the SSL conf data...."
);
#ifdef CONFIG_MBEDTLS_DEBUG
#ifdef CONFIG_MBEDTLS_DEBUG
mbedtls_esp_enable_debug_log
(
ctx
->
conf
,
4
);
#endif
#endif
if
(
(
ret
=
mbedtls_ssl_config_defaults
(
ctx
->
conf
,
MBEDTLS_SSL_IS_SERVER
,
MBEDTLS_SSL_TRANSPORT_STREAM
,
...
...
@@ -1068,6 +1112,23 @@ static void http_server(void *arg)
mbedtls_ssl_cache_set
);
#endif
ESP_LOGV
(
TAG
,
"Setting up the SSL Session Tickets...."
);
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
if
(
(
ret
=
mbedtls_ssl_ticket_setup
(
ctx
->
ticket_ctx
,
mbedtls_ctr_drbg_random
,
&
ctr_drbg
,
MBEDTLS_CIPHER_AES_256_GCM
,
86400
)
)
!=
0
)
{
ESP_LOGE
(
TAG
,
"ERROR: mbedtls_ssl_ticket_setup returned %d"
,
ret
);
goto
exit
;
}
mbedtls_ssl_conf_session_tickets_cb
(
&
conf
,
mbedtls_ssl_ticket_write
,
mbedtls_ssl_ticket_parse
,
ctx
->
ticket_ctx
);
#endif
mbedtls_ssl_conf_ca_chain
(
ctx
->
conf
,
(
*
ctx
->
srvcert
).
next
,
NULL
);
if
(
(
ret
=
mbedtls_ssl_conf_own_cert
(
ctx
->
conf
,
ctx
->
srvcert
,
ctx
->
pkey
)
)
!=
0
)
{
...
...
@@ -1083,24 +1144,9 @@ static void http_server(void *arg)
ESP_LOGV
(
TAG
,
"OK"
);
xEventGroupSetBits
(
ctx
->
start_done
,
SERVER_STARTED_BIT
);
reset:
reset:
ESP_LOGI
(
TAG
,
"mbedTLS HTTPS server is running! Waiting for new connection..."
);
do
{
mbedtls_net_context
client_fd
;
(
ctx
->
connection_context
.
client_fd
)
=
&
client_fd
;
mbedtls_net_init
(
ctx
->
connection_context
.
client_fd
);
#ifdef MBEDTLS_ERROR_C
if
(
ret
!=
ERR_OK
)
{
error_buf
=
malloc
(
sizeof
(
char
)
*
ERROR_BUF_LENGTH
);
mbedtls_strerror
(
ctx
->
server_task_err
,
error_buf
,
sizeof
(
char
)
*
ERROR_BUF_LENGTH
);
ESP_LOGE
(
TAG
,
"Error %d: %s"
,
ret
,
error_buf
);
free
(
error_buf
);
}
#endif
mbedtls_net_free
(
ctx
->
connection_context
.
client_fd
);
mbedtls_ssl_session_reset
(
ctx
->
connection_context
.
ssl_conn
);
...
...
@@ -1130,7 +1176,6 @@ reset:
}
}
ESP_LOGV
(
TAG
,
"OK"
);
ESP_LOGV
(
TAG
,
"Handling connection..."
);
if
(
ret
==
ERR_OK
)
{
http_handle_connection
(
ctx
,
NULL
);
...
...
@@ -1138,15 +1183,17 @@ reset:
ESP_LOGV
(
TAG
,
"OK"
);
}
while
(
ret
==
ERR_OK
);
exit:
if
(
ret
!=
ERR_OK
)
{
exit:
if
(
ret
!=
ERR_OK
)
{
error_buf
=
malloc
(
sizeof
(
char
)
*
ERROR_BUF_LENGTH
);
mbedtls_strerror
(
ctx
->
server_task_err
,
error_buf
,
sizeof
(
char
)
*
ERROR_BUF_LENGTH
);
mbedtls_strerror
(
ret
,
error_buf
,
sizeof
(
char
)
*
ERROR_BUF_LENGTH
);
ESP_LOGE
(
TAG
,
"Error %d: %s"
,
ret
,
error_buf
);
free
(
error_buf
);
//Set SERVER_DONE_BIT and save error at http_server_t struct
ctx
->
server_task_err
=
ret
;
xEventGroupSetBits
(
ctx
->
start_done
,
SERVER_DONE_BIT
);
}
}
mbedtls_net_free
(
ctx
->
connection_context
.
client_fd
);
mbedtls_net_free
(
ctx
->
listen_fd
);
...
...
@@ -1156,14 +1203,14 @@ if (ret != ERR_OK) {
mbedtls_ssl_config_free
(
ctx
->
conf
);
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_free
(
ctx
->
cache
);
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
mbedtls_ssl_ticket_free
(
ctx
->
ticket_ctx
);
#endif
mbedtls_ctr_drbg_free
(
ctx
->
ctr_drbg
);
mbedtls_entropy_free
(
ctx
->
entropy
);
ESP_LOGE
(
TAG
,
"Closing Task"
);
vTaskDelete
(
NULL
);
#else
#else
struct
netconn
*
client_conn
;
err_t
err
;
ctx
->
server_conn
=
netconn_new
(
NETCONN_TCP
);
...
...
@@ -1190,7 +1237,7 @@ if (ret != ERR_OK) {
netconn_delete
(
client_conn
);
}
}
while
(
err
==
ERR_OK
);
out:
out:
if
(
ctx
->
server_conn
)
{
netconn_close
(
ctx
->
server_conn
);
netconn_delete
(
ctx
->
server_conn
);
...
...
@@ -1200,7 +1247,9 @@ out:
xEventGroupSetBits
(
ctx
->
start_done
,
SERVER_DONE_BIT
);
}
vTaskDelete
(
NULL
);
#endif
#endif
}
}
while
(
1
);
}
esp_err_t
http_server_start
(
const
http_server_options_t
*
options
,
http_server_t
*
out_server
)
...
...
@@ -1217,8 +1266,9 @@ esp_err_t http_server_start(const http_server_options_t* options, http_server_t*
return
ESP_ERR_NO_MEM
;
}
//Start http_server task if it had not been started before
ESP_LOGV
(
TAG
,
"Creating http_server task..."
);
int
ret
=
xTaskCreatePinnedToCore
(
&
http_server
,
"httpd
"
,
int
ret
=
xTaskCreatePinnedToCore
(
&
http_server
,
"http_server
"
,
options
->
task_stack_size
,
ctx
,
options
->
task_priority
,
&
ctx
->
task
,
...
...
@@ -1228,24 +1278,11 @@ esp_err_t http_server_start(const http_server_options_t* options, http_server_t*
free
(
ctx
);
return
ESP_ERR_NO_MEM
;
}
ESP_LOGI
(
TAG
,
"
T
ask has been created!"
);
ESP_LOGI
(
TAG
,
"
http_server t
ask has been created!"
);
//Check server status by checking SERVER_STARTED_BIT (it server has been succesfully started) or SERVER_DONE_BIT (if it has crashed)
ESP_LOGV
(
TAG
,
"Checking server status..."
);
int
bits
=
xEventGroupWaitBits
(
ctx
->
start_done
,
SERVER_STARTED_BIT
|
SERVER_DONE_BIT
,
0
,
0
,
portMAX_DELAY
);
if
(
bits
&
SERVER_DONE_BIT
)
{
ESP_LOGE
(
TAG
,
"SERVER_DONE_BIT Error..."
);
#ifdef HTTPS_SERVER
char
*
error_buf
=
malloc
(
sizeof
(
char
)
*
ERROR_BUF_LENGTH
);
mbedtls_strerror
(
ctx
->
server_task_err
,
error_buf
,
100
);
ESP_LOGE
(
TAG
,
"Error %d: %s"
,
ret
,
error_buf
);
free
(
error_buf
);
#endif
esp_err_t
err
=
lwip_err_to_esp_err
(
ctx
->
server_task_err
);
vEventGroupDelete
(
ctx
->
start_done
);
free
(
ctx
);
return
err
;
}
xEventGroupWaitBits
(
ctx
->
start_done
,
SERVER_STARTED_BIT
,
0
,
0
,
portMAX_DELAY
);
ESP_LOGI
(
TAG
,
"Server started!"
);
*
out_server
=
ctx
;
return
ESP_OK
;
...
...
https_server.h
View file @
baf849bf
...
...
@@ -81,6 +81,24 @@ typedef struct {
.task_priority = 8, \
}
const
static
char
index_html
[]
=
"<!DOCTYPE html>"
"<html>
\n
"
"<head>
\n
"
" <meta name=
\"
viewport
\"
content=
\"
width=device-width, initial-scale=1
\"
>
\n
"
" <style type=
\"
text/css
\"
>
\n
"
" html, body, iframe { margin: 0; padding: 0; height: 100%; }
\n
"
" iframe { display: block; width: 100%; border: none; }
\n
"
" </style>
\n
"
"<title>HELLO ESP32</title>
\n
"
"</head>
\n
"
"<body>
\n
"
"<h1>Hello World, from ESP32!</h1>
\n
"
"</body>
\n
"
"</html>
\n
"
;
const
static
char
response_OK
[]
=
"OK!
\n
"
;
/**
* @brief initialize HTTP server, start listening
* @param options pointer to http server options, can point to a temporary
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment