From 1d3f4074deb2fa5fbfc15e68b779d6bacbd678b0 Mon Sep 17 00:00:00 2001 From: Anurag Kar Date: Mon, 12 Nov 2018 14:19:20 +0530 Subject: [PATCH] esp_https_server : change config option secure_enable to transport_mode and some minor changes transport_mode accepts enum httpd_ssl_transport_t instead of true/false. This will allow for extension to dual mode (server running on both secure and insecure ports) in the future. --- .../esp_https_server/include/esp_https_server.h | 17 +++++++++++------ components/esp_https_server/src/https_server.c | 8 ++++---- 2 files changed, 15 insertions(+), 10 deletions(-) diff --git a/components/esp_https_server/include/esp_https_server.h b/components/esp_https_server/include/esp_https_server.h index 1bc9885874..2b7343e772 100644 --- a/components/esp_https_server/include/esp_https_server.h +++ b/components/esp_https_server/include/esp_https_server.h @@ -19,6 +19,11 @@ #include "esp_err.h" #include "esp_http_server.h" +typedef enum { + HTTPD_SSL_TRANSPORT_SECURE, // SSL Enabled + HTTPD_SSL_TRANSPORT_INSECURE // SSL disabled +} httpd_ssl_transport_mode_t; + /** * HTTPS server config struct * @@ -44,13 +49,13 @@ struct httpd_ssl_config { /** Private key byte length */ size_t prvtkey_len; - /** Enable SSL (default true) */ - bool secure_enable; + /** Transport Mode (default secure) */ + httpd_ssl_transport_mode_t transport_mode; - /** Port used when SSL is enabled (default 443) */ + /** Port used when transport mode is secure (default 443) */ uint16_t port_secure; - /** Port used when SSL is disabled (default 80) */ + /** Port used when transport mode is insecure (default 80) */ uint16_t port_insecure; }; @@ -62,7 +67,7 @@ typedef struct httpd_ssl_config httpd_ssl_config_t; * (http_server default config had to be copied for customization) * * Notes: - * - port is set when starting the server, according to 'secure_enable' + * - port is set when starting the server, according to 'transport_mode' * - one socket uses ~ 40kB RAM with SSL, we reduce the default socket count to 4 * - SSL sockets are usually long-lived, closing LRU prevents pool exhaustion DOS * - Stack size may need adjustments depending on the user application @@ -87,7 +92,7 @@ typedef struct httpd_ssl_config httpd_ssl_config_t; .open_fn = NULL, \ .close_fn = NULL, \ }, \ - .secure_enable = true, \ + .transport_mode = HTTPD_SSL_TRANSPORT_SECURE, \ .port_secure = 443, \ .port_insecure = 80, \ } diff --git a/components/esp_https_server/src/https_server.c b/components/esp_https_server/src/https_server.c index 0cf741b374..4a0d21792f 100644 --- a/components/esp_https_server/src/https_server.c +++ b/components/esp_https_server/src/https_server.c @@ -118,9 +118,9 @@ static esp_err_t httpd_ssl_open(httpd_handle_t server, int sockfd) httpd_sess_set_transport_ctx(server, sockfd, ssl, httpd_ssl_close); // Set rx/tx/pending override functions - httpd_set_sess_send_override(server, sockfd, httpd_ssl_send); - httpd_set_sess_recv_override(server, sockfd, httpd_ssl_recv); - httpd_set_sess_pending_override(server, sockfd, httpd_ssl_pending); + httpd_sess_set_send_override(server, sockfd, httpd_ssl_send); + httpd_sess_set_recv_override(server, sockfd, httpd_ssl_recv); + httpd_sess_set_pending_override(server, sockfd, httpd_ssl_pending); // all access should now go through SSL @@ -183,7 +183,7 @@ esp_err_t httpd_ssl_start(httpd_handle_t *pHandle, struct httpd_ssl_config *conf ESP_LOGI(TAG, "Starting server"); - if (config->secure_enable) { + if (HTTPD_SSL_TRANSPORT_SECURE == config->transport_mode) { SSL_CTX *ctx = create_secure_context(config); if (!ctx) { return ESP_FAIL; -- 2.40.0