From 4c23e66bbae61693b377172d61583ac356dc82e2 Mon Sep 17 00:00:00 2001
From: "Earle F. Philhower, III" <earlephilhower@yahoo.com>
Date: Tue, 6 Feb 2018 07:33:26 -0800
Subject: [PATCH] SSL server DEBUG, code cleanup fixes (#4280)

The server needs to load an X509 and RSA key, but instead of using
the existing loadObject() calls implemented its own.  Remove them and
use the standard ones instead.

The DEBUG_OUTPUT macro was undefined in the SSL Web server.  Add it
in do that when you compile with DEBUG=HTTP_SERVER it actually compiles.
---
 .../src/ESP8266WebServerSecure.cpp            |  6 ++++++
 .../ESP8266WiFi/src/WiFiClientSecure.cpp      | 21 ++++---------------
 2 files changed, 10 insertions(+), 17 deletions(-)

diff --git a/libraries/ESP8266WebServer/src/ESP8266WebServerSecure.cpp b/libraries/ESP8266WebServer/src/ESP8266WebServerSecure.cpp
index 7b860c6e2..21922497a 100644
--- a/libraries/ESP8266WebServer/src/ESP8266WebServerSecure.cpp
+++ b/libraries/ESP8266WebServer/src/ESP8266WebServerSecure.cpp
@@ -27,6 +27,12 @@
 #include "WiFiClient.h"
 #include "ESP8266WebServerSecure.h"
 
+//#define DEBUG_ESP_HTTP_SERVER
+#ifdef DEBUG_ESP_PORT
+#define DEBUG_OUTPUT DEBUG_ESP_PORT
+#else
+#define DEBUG_OUTPUT Serial
+#endif
 
 ESP8266WebServerSecure::ESP8266WebServerSecure(IPAddress addr, int port) 
 : _serverSecure(addr, port)
diff --git a/libraries/ESP8266WiFi/src/WiFiClientSecure.cpp b/libraries/ESP8266WiFi/src/WiFiClientSecure.cpp
index 4876a4710..325b4c1b5 100644
--- a/libraries/ESP8266WiFi/src/WiFiClientSecure.cpp
+++ b/libraries/ESP8266WiFi/src/WiFiClientSecure.cpp
@@ -329,14 +329,6 @@ public:
         return reinterpret_cast<SSLContext*>(fd)->io_ctx;
     }
 
-    int loadServerX509Cert(const uint8_t *cert, int len) {
-        return ssl_obj_memory_load(SSLContext::_ssl_ctx, SSL_OBJ_X509_CERT, cert, len, NULL);
-    }
-
-    int loadServerRSAKey(const uint8_t *rsakey, int len) {
-        return ssl_obj_memory_load(SSLContext::_ssl_ctx, SSL_OBJ_RSA_KEY, rsakey, len, NULL);
-    }
-
 protected:
     int _readAll()
     {
@@ -471,23 +463,18 @@ WiFiClientSecure::WiFiClientSecure(ClientContext* client, bool usePMEM, const ui
     _ssl->ref();
 
     if (usePMEM) {
-        // When using PMEM based certs, allocate stack and copy from flash to DRAM, call SSL functions to avoid
-        // heap fragmentation that would happen w/malloc()
-        uint8_t *stackData = (uint8_t*)alloca(max(certLen, rsakeyLen));
         if (rsakey && rsakeyLen) {
-              memcpy_P(stackData, rsakey, rsakeyLen);
-              _ssl->loadServerRSAKey(stackData, rsakeyLen);
+            _ssl->loadObject_P(SSL_OBJ_RSA_KEY, rsakey, rsakeyLen);
         }
         if (cert && certLen) {
-            memcpy_P(stackData, cert, certLen);
-            _ssl->loadServerX509Cert(stackData, certLen);
+            _ssl->loadObject_P(SSL_OBJ_X509_CERT, cert, certLen);
         }
     } else {
         if (rsakey && rsakeyLen) {
-            _ssl->loadServerRSAKey(rsakey, rsakeyLen);
+            _ssl->loadObject(SSL_OBJ_RSA_KEY, rsakey, rsakeyLen);
         }
         if (cert && certLen) {
-            _ssl->loadServerX509Cert(cert, certLen);
+            _ssl->loadObject(SSL_OBJ_X509_CERT, cert, certLen);
         }
     }
     _client->ref();