arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-06-06 05:21:22 +03:00
Code

WiFiClientSecure: initialize ssl_ctx when loading certificate

Browse Source 
Fixes #2470
This commit is contained in:
Ivan Grokhotkov 2017-05-22 00:52:59 +08:00 committed by Ivan Grokhotkov
parent f211014dd3
commit 79cfad5d46
1 changed files with 19 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
libraries/ESP8266WiFi/src/WiFiClientSecure.cpp
View File

@ -94,6 +94,9 @@ public:
ssl_ext_set_host_name(ext, hostName); ssl_ext_set_host_name(ext, hostName);
ssl_ext_set_max_fragment_size(ext, 4096); ssl_ext_set_max_fragment_size(ext, 4096);
s_io_ctx = ctx; s_io_ctx = ctx;
if (_ssl) {
ssl_free(_ssl);
}
_ssl = ssl_client_new(_ssl_ctx, 0, nullptr, 0, ext); _ssl = ssl_client_new(_ssl_ctx, 0, nullptr, 0, ext);
uint32_t t = millis(); uint32_t t = millis();
@ -239,7 +242,7 @@ protected:
} }
return 0; return 0;
} }
DEBUGV(":wcs ra %d", rc); DEBUGV(":wcs ra %d\r\n", rc);
_read_ptr = data; _read_ptr = data;
_available = rc; _available = rc;
return _available; return _available;
@ -311,13 +314,10 @@ int WiFiClientSecure::connect(const char* name, uint16_t port)
int WiFiClientSecure::_connectSSL(const char* hostName) int WiFiClientSecure::_connectSSL(const char* hostName)
{ {
if (_ssl) { if (!_ssl) {
_ssl->unref(); _ssl = new SSLContext;
_ssl = nullptr; _ssl->ref();
} }
_ssl = new SSLContext;
_ssl->ref();
_ssl->connect(_client, hostName, 5000); _ssl->connect(_client, hostName, 5000);
auto status = ssl_handshake_status(*_ssl); auto status = ssl_handshake_status(*_ssl);
@ -553,7 +553,8 @@ bool WiFiClientSecure::verifyCertChain(const char* domain_name)
bool WiFiClientSecure::setCACert(const uint8_t* pk, size_t size) bool WiFiClientSecure::setCACert(const uint8_t* pk, size_t size)
{ {
if (!_ssl) { if (!_ssl) {
return false; _ssl = new SSLContext;
_ssl->ref();
} }
return _ssl->loadObject(SSL_OBJ_X509_CACERT, pk, size); return _ssl->loadObject(SSL_OBJ_X509_CACERT, pk, size);
} }
@ -561,7 +562,8 @@ bool WiFiClientSecure::setCACert(const uint8_t* pk, size_t size)
bool WiFiClientSecure::setCertificate(const uint8_t* pk, size_t size) bool WiFiClientSecure::setCertificate(const uint8_t* pk, size_t size)
{ {
if (!_ssl) { if (!_ssl) {
return false; _ssl = new SSLContext;
_ssl->ref();
} }
return _ssl->loadObject(SSL_OBJ_X509_CERT, pk, size); return _ssl->loadObject(SSL_OBJ_X509_CERT, pk, size);
} }
@ -569,7 +571,8 @@ bool WiFiClientSecure::setCertificate(const uint8_t* pk, size_t size)
bool WiFiClientSecure::setPrivateKey(const uint8_t* pk, size_t size) bool WiFiClientSecure::setPrivateKey(const uint8_t* pk, size_t size)
{ {
if (!_ssl) { if (!_ssl) {
return false; _ssl = new SSLContext;
_ssl->ref();
} }
return _ssl->loadObject(SSL_OBJ_RSA_KEY, pk, size); return _ssl->loadObject(SSL_OBJ_RSA_KEY, pk, size);
} }
@ -577,7 +580,8 @@ bool WiFiClientSecure::setPrivateKey(const uint8_t* pk, size_t size)
bool WiFiClientSecure::loadCACert(Stream& stream, size_t size) bool WiFiClientSecure::loadCACert(Stream& stream, size_t size)
{ {
if (!_ssl) { if (!_ssl) {
return false; _ssl = new SSLContext;
_ssl->ref();
} }
return _ssl->loadObject(SSL_OBJ_X509_CACERT, stream, size); return _ssl->loadObject(SSL_OBJ_X509_CACERT, stream, size);
} }
@ -585,7 +589,8 @@ bool WiFiClientSecure::loadCACert(Stream& stream, size_t size)
bool WiFiClientSecure::loadCertificate(Stream& stream, size_t size) bool WiFiClientSecure::loadCertificate(Stream& stream, size_t size)
{ {
if (!_ssl) { if (!_ssl) {
return false; _ssl = new SSLContext;
_ssl->ref();
} }
return _ssl->loadObject(SSL_OBJ_X509_CERT, stream, size); return _ssl->loadObject(SSL_OBJ_X509_CERT, stream, size);
} }
@ -593,7 +598,8 @@ bool WiFiClientSecure::loadCertificate(Stream& stream, size_t size)
bool WiFiClientSecure::loadPrivateKey(Stream& stream, size_t size) bool WiFiClientSecure::loadPrivateKey(Stream& stream, size_t size)
{ {
if (!_ssl) { if (!_ssl) {
return false; _ssl = new SSLContext;
_ssl->ref();
} }
return _ssl->loadObject(SSL_OBJ_RSA_KEY, stream, size); return _ssl->loadObject(SSL_OBJ_RSA_KEY, stream, size);
} }