abc/lwip
1
0
Fork 0
mirror of https://git.savannah.nongnu.org/git/lwip.git synced 2025-08-04 13:34:38 +08:00
Code Issues Packages Projects Releases Wiki Activity
6,461 Commits 4 Branches 51 Tags
Commit Graph

47 Commits

Author SHA1 Message Date
Simon Goldschmidt
6b3ed88d9c ALTCP_TLS_MBEDTLS: include mbedtls/net_sockets.h instead of deprecated mbedtls/net.h 
See patch #9815

Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
 2019-07-26 20:29:27 +02:00
Giuseppe Modugno
832490eec8 Added the configuration option ALTCP_MBEDTLS_AUTHMODE to set the certificate verification mode. 
Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
 2019-06-11 21:15:45 +02:00
Dirk Ziegelmeier
3d7ff53070 Apply patch for bug #56098: Support for MQTT over TLS port 443 instead of 8883 2019-04-30 13:22:09 +02:00
David Girault
3cb6ae7770 altcp_tls: assert in altcp_mbedtls_bio_recv if bad state 2019-01-30 17:42:52 +01:00
David Girault
b04d8a6a6c altcp: support for setting keepalive parameters 2019-01-30 17:42:46 +01:00
David Girault
b298afabdc altcp_tls_mbedtls: remove entropy/ctr_drbg from altcp_tls_config struct 
Use only one entropy/ctr_drbg context for all altcp_tls_config structure allocated.

(Small adjustments before committing: fix coding style, adapt to changes in master)
 2019-01-30 17:42:39 +01:00
Dirk Ziegelmeier
ea14b774c8 Replace several occurences of stdint types by lwIPs portability typedefs 
Fixes bug #55405: Usage of uint8_t instead of ui8_t in TCP code
 2019-01-06 21:19:04 +01:00
Simon Goldschmidt
282389a332 altcp_tls_mbedtls: listen: free members of the ssl context 
The ssl context is not used on listening pcbs. This includes freeing
input/output buffers, so saves ~32KByte by default.
 2018-12-03 07:14:02 +01:00
Simon Goldschmidt
3f583a1757 altcp_tls: add functions to create servers with multiple certificates 2018-11-24 13:41:34 +01:00
Simon Goldschmidt
6f232b7c3f altcp_tls_mbedtls: add session tickes, improve configuration for session cache 2018-11-23 22:39:58 +01:00
Simon Goldschmidt
54448559bb altcp_tls_mbedtls: add debug output of mbedtls library 2018-11-23 22:25:21 +01:00
Simon Goldschmidt
153c295b6f altcp_tls_mbedtls: use mbedtls_entropy_func for mbedtls_ctr_drbg_seed 
This is the default way for mbedTLS. Add entropy sources via defines (see
mbedtls_entropy_init).

This removes the use of ALTCP_MBEDTLS_RNG_FN

Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
 2018-11-06 21:28:45 +01:00
Simon Goldschmidt
fa37888da2 altcp_tls_mbedtls: update list of todos 
Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
 2018-10-26 20:43:06 +02:00
David GIRAULT
6e994f9df2 bug #54744: if altcp_close() called from recv() callback, there is some write to freed memory 
Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
 2018-10-26 19:56:54 +02:00
Dirk Ziegelmeier
06cc825431 Whitespace cleanup lwIP 2018-10-22 20:53:58 +02:00
Simon Goldschmidt
a044c807f8 altcp_tls: rename altcp_tls_new -> altcp_tls_wrap, add altcp_tls_new 
The new altcp_tls_new() is a type safe version of altcp_tls_alloc()

Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
 2018-09-24 22:29:54 +02:00
Simon Goldschmidt
fc24d4139f altcp_tls_mbedtls: convert #error on too small TCP_WND to warning 
Many TLS use cases are OK with a small TCP_WND, so don't prevent these
by having a preprocessor check that cannot be disabled.
 2018-09-12 22:24:05 +02:00
Simon Goldschmidt
7749088a83 Fix 2way-auth connections for TLS clients 
TLS clients that need 2-way authentication (e.g. Amazon AWS IoT cloud mqtt)
need to pass a certificate and private key when creating the tls altcp_pcb.

Added a new function altcp_tls_create_config_client_2wayauth() for this that
replaces altcp_tls_create_config_client() for such clients.

See bug #54601.
 2018-09-07 20:59:31 +02:00
Axel Lin
a56e61c942 Fix compiling with LWIP_NOASSERT defined 
Signed-off-by: Axel Lin <axel.lin@ingics.com>
 2018-06-24 18:18:35 +08:00
goldsimon
325cdf3c0b altcp_tls_mbedtls: restructure upper callbacks to prevent double-free 
This fixes bug #53192: use-after-free in altcp_mbedtls

Signed-off-by: goldsimon <goldsimon@gmx.de>
 2018-02-21 14:20:34 +01:00
goldsimon
d66c0e3381 altcp: mbedtls: move freeing state->rx from close to dealloc (catch-all) 2018-02-20 22:12:11 +01:00
goldsimon
2648d30843 altcp_tls_mbedtls.c: tiny function rename 2018-02-16 13:57:38 +01:00
goldsimon
de68c5bed6 altcp_mbedtls_sndbuf: use mbedtls_ssl_get_record_expansion() 2018-01-25 13:15:49 +01:00
goldsimon
8a27408eb2 altcp_tls_mbedtls: hide allocation strategy in altcp_tls_create_config() 2018-01-16 21:41:44 +01:00
David Girault
42f14a96fb altcp_tls: avoid use of static in altcp_tls_config 
cert and pkey are allocated with the altcp_tls_config structure.

Signed-off-by: goldsimon <goldsimon@gmx.de>
 2018-01-16 21:03:43 +01:00
David Girault
c7106cc57f altcp_tls: fix pbuf leaked when handshake failed 
Signed-off-by: goldsimon <goldsimon@gmx.de>
 2018-01-16 20:56:15 +01:00
David Girault
6ccd12b97c altcp_mbedtls: added altcp_mbedtls_sndbuf implementation 
Signed-off-by: goldsimon <goldsimon@gmx.de>
 2018-01-11 10:34:55 +01:00
David Girault
5290eacf08 altcp_mbedtls: close and error related fixes 
- call conn->err() instead of conn->recv() if handshake fail and free conn
- close inner_conn and free current conn in altcp_mbedtls_close()

Signed-off-by: goldsimon <goldsimon@gmx.de>
 2017-11-15 21:58:12 +01:00
goldsimon
bd2e820829 Fix double-free when closing mbedTLS connections 
Partly revert commit 0486100a2bcbce74a7214ee4f11782a9441acbf0 from 07.08.2017 as it breaks layering: every layer must free its own altcp_pcb. Freeing the inner_conn is not the right way.
 2017-11-14 22:21:08 +01:00
Dirk Ziegelmeier
c35b1099a4 Reformat altcp_tls_mbedtls* using astylerc 2017-09-17 17:52:44 +02:00
goldsimon
991f751305 Even more pbuf_header -> pbuf_add/remove_header replacements (also in strings) 2017-08-08 20:51:57 +02:00
goldsimon
07434aa73a More pbuf_header -> pbuf_add/remove_header replacements 2017-08-08 20:40:26 +02:00
goldsimon
6d28e9de79 Some cleanups after applying David Girault's altcp patches 2017-08-08 12:59:49 +02:00
David Girault
bc3edfb4d7 altcp_tls_mbedtls: remove "rx pbufs left at end of handshake" assert 
There is case where a close notify come right after the handshake and is in the same pbuf!
So just handle these data like any other data.
 2017-08-08 12:59:48 +02:00
David Girault
0486100a2b altcp_tls: some fixes 
- added `altcp_tls_free_config()`.
- added `altcp_tls_context()` function to allow mbedtls parameter tweak.

  Since state structure isn't exported, this allow application to get
  internal context (port dependent) to tweak it.

- free altcp_pcb when lower error callback called.
 2017-08-08 12:59:47 +02:00
David Girault
8b1a4ef711 altcp_tls_mbedtls: fix log messages by include a \n 2017-08-08 12:59:44 +02:00
goldsimon
44f7a3cb0d work on -Wconversion... 2017-07-05 22:31:58 +02:00
Dirk Ziegelmeier
6559ffd848 Fix C++ style comment in altcp_tls_mbedtls.c 2017-03-31 13:05:04 +02:00
goldsimon
4313bf2a74 altcp_tls_mbedtls: fix TX when lower write returns ERR_MEM 2017-03-30 14:55:37 +02:00
goldsimon
51dbd1a7c0 altcp: added altcp_get_port() 2017-03-30 14:19:31 +02:00
Dirk Ziegelmeier
38651b8069 Cleanup #include structure of altcp_tls a bit 
(as discussed with Simon today)
 2017-03-28 20:31:25 +02:00
goldsimon
537c258efa httpd/altcp: add forgotten functions 2017-03-28 14:04:40 +02:00
goldsimon
425b2dda61 altcp_get_ip: added altcp_get_ip(), added default functions that only defer a call to the inner_conn (moved from tls_mbedtls to generic altcp) 2017-03-26 22:26:40 +02:00
goldsimon
6add16e36b altcp_tls_mbedtls: fixed memory leak introduced by delayed deallocation 2017-03-25 20:35:46 +01:00
goldsimon
0581a77731 Prepare altcp_tls_mbedtls for TLS clients (not fully tested yet) 2017-03-24 15:25:43 +01:00
goldsimon
a2bc02d682 altcp_tls_mbedtls: improve sent/recved handling 2017-03-23 22:04:36 +01:00
goldsimon
1e26652d2e renamed altcp_mbedtls files to altcp_tls_mbedtls 2017-03-23 08:34:02 +01:00