#ifndef _SSL_DEBUG_H_
#define _SSL_DEBUG_H_
+#include "platform/ssl_opt.h"
+#include "platform/ssl_port.h"
+
#ifdef __cplusplus
extern "C" {
#endif
-#define SSL_DEBUG_ENBALE 1
+#ifndef SSL_DEBUG_ENBALE
+#define SSL_DEBUG_ENBALE 0
+#endif
+
+#ifndef SSL_DEBUG_LEVEL
#define SSL_DEBUG_LEVEL 0
-#define SSL_ASSERT_ENABLE 1
-#define SSL_DEBUG_LOCATION_ENABLE 1
+#endif
-#if SSL_DEBUG_ENBALE
- extern int ets_printf(const char *fmt, ...);
+#ifndef SSL_ASSERT_ENABLE
+#define SSL_ASSERT_ENABLE 0
+#endif
- #define SSL_PRINT ets_printf
-#else
- #define SSL_PRINT(...)
+#ifndef SSL_DEBUG_LOCATION_ENABLE
+#define SSL_DEBUG_LOCATION_ENABLE 0
+#endif
+
+#ifndef SSL_PRINT
+ #include "stdio.h"
+ extern int printf(const char *fmt, ...);
+ #define SSL_PRINT printf
#endif
#if SSL_DEBUG_LOCATION_ENABLE
--- /dev/null
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _SSL_OPT_H_
+#define _SSL_OPT_H_
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/**
+ * if not define "ESP32_IDF_PLATFORM", system will use esp8266 platform interface
+ */
+#define ESP32_IDF_PLATFORM
+
+/**
+ * openssl debug print function enable
+ */
+#define SSL_DEBUG_ENBALE 0
+
+/**
+ * openssl debug print function level. function whose level is lower that "SSL_DEBUG_LEVEL"
+ * will not print message
+ */
+#define SSL_DEBUG_LEVEL 0
+
+/**
+ * openssl assert function enable, it will check the input paramter and print the message
+ */
+#define SSL_ASSERT_ENABLE 0
+
+/**
+ * openssl location function enable, it will print location of the positioning error
+ */
+#define SSL_DEBUG_LOCATION_ENABLE 0
+
+#endif
extern "C" {
#endif
+#include "platform/ssl_opt.h"
+
+#ifdef ESP32_IDF_PLATFORM
+
#include "esp_types.h"
-void* ssl_zalloc(size_t size);
-void *ssl_malloc(size_t size);
-void ssl_free(void *p);
+void *ssl_mem_zalloc(size_t size);
+void *ssl_mem_malloc(size_t size);
+void ssl_mem_free(void *p);
void* ssl_memcpy(void *to, const void *from, size_t size);
size_t ssl_strlen(const char *src);
void ssl_speed_up_enter(void);
void ssl_speed_up_exit(void);
+#elif defined(SSL_PLATFORM_USER_INCLUDE)
+
+SSL_PLATFORM_USER_INCLUDE
+
+#endif
+
#endif
X509 *ix;
EVP_PKEY *ipk;
- cert = ssl_zalloc(sizeof(CERT));
+ cert = ssl_mem_zalloc(sizeof(CERT));
if (!cert)
- SSL_RET(failed1, "ssl_zalloc\n");
+ SSL_RET(failed1, "ssl_mem_zalloc\n");
if (ic) {
ipk = ic->pkey;
failed3:
EVP_PKEY_free(cert->pkey);
failed2:
- ssl_free(cert);
+ ssl_mem_free(cert);
failed1:
return NULL;
}
EVP_PKEY_free(cert->pkey);
- ssl_free(cert);
+ ssl_mem_free(cert);
}
{
SSL_SESSION *session;
- session = ssl_zalloc(sizeof(SSL_SESSION));
+ session = ssl_mem_zalloc(sizeof(SSL_SESSION));
if (!session)
- SSL_RET(failed1, "ssl_zalloc\n");
+ SSL_RET(failed1, "ssl_mem_zalloc\n");
session->peer = X509_new();
if (!session->peer)
return session;
failed2:
- ssl_free(session);
+ ssl_mem_free(session);
failed1:
return NULL;
}
void SSL_SESSION_free(SSL_SESSION *session)
{
X509_free(session->peer);
- ssl_free(session);
+ ssl_mem_free(session);
}
/**
if (!cert)
SSL_RET(go_failed2, "ssl_cert_new\n");
- ctx = (SSL_CTX *)ssl_zalloc(sizeof(SSL_CTX));
+ ctx = (SSL_CTX *)ssl_mem_zalloc(sizeof(SSL_CTX));
if (!ctx)
- SSL_RET(go_failed3, "ssl_zalloc:ctx\n");
+ SSL_RET(go_failed3, "ssl_mem_zalloc:ctx\n");
ctx->method = method;
ctx->client_CA = client_ca;
X509_free(ctx->client_CA);
- ssl_free(ctx);
+ ssl_mem_free(ctx);
}
/**
if (!ctx)
SSL_RET(failed1, "ctx:NULL\n");
- ssl = (SSL *)ssl_zalloc(sizeof(SSL));
+ ssl = (SSL *)ssl_mem_zalloc(sizeof(SSL));
if (!ssl)
- SSL_RET(failed1, "ssl_zalloc\n");
+ SSL_RET(failed1, "ssl_mem_zalloc\n");
ssl->session = SSL_SESSION_new();
if (!ssl->session)
failed3:
SSL_SESSION_free(ssl->session);
failed2:
- ssl_free(ssl);
+ ssl_mem_free(ssl);
failed1:
return NULL;
}
SSL_SESSION_free(ssl->session);
- ssl_free(ssl);
+ ssl_mem_free(ssl);
}
/**
SSL_ASSERT(ssl);
- if (SSL_get_state(ssl) != TLS_ST_OK) return 0;
+ if (SSL_get_state(ssl) != TLS_ST_OK) return 1;
ret = SSL_METHOD_CALL(shutdown, ssl);
int ret;
EVP_PKEY *pkey;
- pkey = ssl_zalloc(sizeof(EVP_PKEY));
+ pkey = ssl_mem_zalloc(sizeof(EVP_PKEY));
if (!pkey)
- SSL_RET(failed1, "ssl_zalloc\n");
+ SSL_RET(failed1, "ssl_mem_zalloc\n");
if (ipk) {
pkey->method = ipk->method;
return pkey;
failed2:
- ssl_free(pkey);
+ ssl_mem_free(pkey);
failed1:
return NULL;
}
{
EVP_PKEY_METHOD_CALL(free, pkey);
- ssl_free(pkey);
+ ssl_mem_free(pkey);
}
/**
OPENSSL_STACK *stack;
char **data;
- stack = ssl_zalloc(sizeof(OPENSSL_STACK));
+ stack = ssl_mem_zalloc(sizeof(OPENSSL_STACK));
if (!stack)
- SSL_RET(failed1, "ssl_zalloc\n");
+ SSL_RET(failed1, "ssl_mem_zalloc\n");
- data = ssl_zalloc(sizeof(*data) * MIN_NODES);
+ data = ssl_mem_zalloc(sizeof(*data) * MIN_NODES);
if (!data)
- SSL_RET(failed2, "ssl_zalloc\n");
+ SSL_RET(failed2, "ssl_mem_zalloc\n");
stack->data = data;
stack->num_alloc = MIN_NODES;
return stack;
failed2:
- ssl_free(stack);
+ ssl_mem_free(stack);
failed1:
return NULL;
}
{
SSL_ASSERT(stack);
- ssl_free(stack->data);
- ssl_free(stack);
+ ssl_mem_free(stack->data);
+ ssl_mem_free(stack);
}
int ret;
X509 *x;
- x = ssl_zalloc(sizeof(X509));
+ x = ssl_mem_zalloc(sizeof(X509));
if (!x)
- SSL_RET(failed1, "ssl_malloc\n");
+ SSL_RET(failed1, "ssl_mem_zalloc\n");
if (ix)
x->method = ix->method;
return x;
failed2:
- ssl_free(x);
+ ssl_mem_free(x);
failed1:
return NULL;
}
{
X509_METHOD_CALL(free, x);
- ssl_free(x);
+ ssl_mem_free(x);
};
/**
const SSL_METHOD *method = ssl->method;
- ssl_pm = ssl_zalloc(sizeof(struct ssl_pm));
+ ssl_pm = ssl_mem_zalloc(sizeof(struct ssl_pm));
if (!ssl_pm)
- SSL_ERR(ret, failed1, "ssl_zalloc\n");
+ SSL_ERR(ret, failed1, "ssl_mem_zalloc\n");
+ if (ssl->ctx->read_buffer_len < 2048 ||
+ ssl->ctx->read_buffer_len > 8192)
+ return -1;
+
+ max_content_len = ssl->ctx->read_buffer_len;
+
mbedtls_net_init(&ssl_pm->fd);
mbedtls_net_init(&ssl_pm->cl_fd);
mbedtls_ctr_drbg_free(&ssl_pm->ctr_drbg);
failed2:
mbedtls_entropy_free(&ssl_pm->entropy);
+ ssl_mem_free(ssl_pm);
failed1:
return -1;
}
mbedtls_ssl_config_free(&ssl_pm->conf);
mbedtls_ssl_free(&ssl_pm->ssl);
- ssl_free(ssl_pm);
+ ssl_mem_free(ssl_pm);
ssl->ssl_pm = NULL;
}
if (!x509_crt)
return -1;
- buf = ssl_malloc(X509_INFO_STRING_LENGTH);
+ buf = ssl_mem_malloc(X509_INFO_STRING_LENGTH);
if (!buf)
SSL_RET(failed1, "");
SSL_RET(failed2, "");
buf[ret] = 0;
- ssl_free(buf);
+ ssl_mem_free(buf);
SSL_PRINT("%s", buf);
return 0;
failed2:
- ssl_free(buf);
+ ssl_mem_free(buf);
failed1:
return -1;
}
{
struct x509_pm *x509_pm;
- x509_pm = ssl_zalloc(sizeof(struct x509_pm));
+ x509_pm = ssl_mem_zalloc(sizeof(struct x509_pm));
if (!x509_pm)
- SSL_RET(failed1, "ssl_zalloc\n");
+ SSL_RET(failed1, "ssl_mem_zalloc\n");
x->x509_pm = x509_pm;
if (x509_pm->x509_crt) {
mbedtls_x509_crt_free(x509_pm->x509_crt);
- ssl_free(x509_pm->x509_crt);
+ ssl_mem_free(x509_pm->x509_crt);
x509_pm->x509_crt = NULL;
}
- ssl_free(x->x509_pm);
+ ssl_mem_free(x->x509_pm);
x->x509_pm = NULL;
}
mbedtls_x509_crt_free(x509_pm->x509_crt);
if (!x509_pm->x509_crt) {
- x509_pm->x509_crt = ssl_malloc(sizeof(mbedtls_x509_crt));
+ x509_pm->x509_crt = ssl_mem_malloc(sizeof(mbedtls_x509_crt));
if (!x509_pm->x509_crt)
- SSL_RET(failed1, "ssl_malloc\n");
+ SSL_RET(failed1, "ssl_mem_malloc\n");
}
- load_buf = ssl_malloc(len + 1);
+ load_buf = ssl_mem_malloc(len + 1);
if (!load_buf)
- SSL_RET(failed2, "ssl_malloc\n");
+ SSL_RET(failed2, "ssl_mem_malloc\n");
ssl_memcpy(load_buf, buffer, len);
load_buf[len] = '\0';
mbedtls_x509_crt_init(x509_pm->x509_crt);
ret = mbedtls_x509_crt_parse(x509_pm->x509_crt, load_buf, len + 1);
- ssl_free(load_buf);
+ ssl_mem_free(load_buf);
if (ret)
SSL_RET(failed2, "mbedtls_x509_crt_parse, return [-0x%x]\n", -ret);
return 0;
failed2:
- ssl_free(x509_pm->x509_crt);
+ ssl_mem_free(x509_pm->x509_crt);
x509_pm->x509_crt = NULL;
failed1:
return -1;
{
struct pkey_pm *pkey_pm;
- pkey_pm = ssl_zalloc(sizeof(struct pkey_pm));
+ pkey_pm = ssl_mem_zalloc(sizeof(struct pkey_pm));
if (!pkey_pm)
return -1;
if (pkey_pm->pkey) {
mbedtls_pk_free(pkey_pm->pkey);
- ssl_free(pkey_pm->pkey);
+ ssl_mem_free(pkey_pm->pkey);
pkey_pm->pkey = NULL;
}
- ssl_free(pk->pkey_pm);
+ ssl_mem_free(pk->pkey_pm);
pk->pkey_pm = NULL;
}
mbedtls_pk_free(pkey_pm->pkey);
if (!pkey_pm->pkey) {
- pkey_pm->pkey = ssl_malloc(sizeof(mbedtls_pk_context));
+ pkey_pm->pkey = ssl_mem_malloc(sizeof(mbedtls_pk_context));
if (!pkey_pm->pkey)
- SSL_RET(failed1, "ssl_malloc\n");
+ SSL_RET(failed1, "ssl_mem_malloc\n");
}
- load_buf = ssl_malloc(len + 1);
+ load_buf = ssl_mem_malloc(len + 1);
if (!load_buf)
- SSL_RET(failed2, "ssl_malloc\n");
+ SSL_RET(failed2, "ssl_mem_malloc\n");
ssl_memcpy(load_buf, buffer, len);
load_buf[len] = '\0';
mbedtls_pk_init(pkey_pm->pkey);
ret = mbedtls_pk_parse_key(pkey_pm->pkey, load_buf, len + 1, NULL, 0);
- ssl_free(load_buf);
+ ssl_mem_free(load_buf);
if (ret)
SSL_RET(failed2, "mbedtls_pk_parse_key, return [-0x%x]\n", -ret);
return 0;
failed2:
- ssl_free(pkey_pm->pkey);
+ ssl_mem_free(pkey_pm->pkey);
pkey_pm->pkey = NULL;
failed1:
return -1;
#include "ssl_port.h"
#include "string.h"
#include "malloc.h"
+#include "esp_system.h"
/*********************************************************************************************/
/********************************* SSL general interface *************************************/
void ssl_speed_up_enter(void)
{
-
+ system_update_cpu_freq(SYS_CPU_160MHZ);
}
void ssl_speed_up_exit(void)
{
-
+ system_update_cpu_freq(SYS_CPU_80MHZ);
}
+
projects / esp-idf / commitdiff