arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-07-07 06:01:35 +03:00
Code Activity

Remove stray axtls refs, deprecated compat funcs (#7626)

Browse Source 
Remove the axTLS compatability functions from WiFiClient/ServerSecure,
device tests for axTLS, and any document refs to axTLS.
This commit is contained in:
Earle F. Philhower, III
2020-10-02 21:39:36 -07:00
committed by GitHub
parent 7c8f934d2b
commit 85ba53a249
6 changed files with 4 additions and 218 deletions
Download Patch File Download Diff File Expand all files Collapse all files

82
libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.cpp
View File

@ -97,7 +97,6 @@ void WiFiClientSecure::_clearAuthenticationSettings() {
_use_self_signed = false;
_knownkey = nullptr;
_ta = nullptr;
_axtls_ta = nullptr;
}
@ -106,8 +105,6 @@ WiFiClientSecure::WiFiClientSecure() : WiFiClient() {
_clearAuthenticationSettings();
_certStore = nullptr; // Don't want to remove cert store on a clear, should be long lived
_sk = nullptr;
_axtls_chain = nullptr;
_axtls_sk = nullptr;
stack_thunk_add_ref();
}
@ -124,10 +121,6 @@ WiFiClientSecure::~WiFiClientSecure() {
_cipher_list = nullptr; // std::shared will free if last reference
_freeSSL();
stack_thunk_del_ref();
// Clean up any dangling axtls compat structures, if needed
_axtls_ta = nullptr;
_axtls_chain = nullptr;
_axtls_sk = nullptr;
}
WiFiClientSecure::WiFiClientSecure(ClientContext* client,
@ -1576,79 +1569,4 @@ bool WiFiClientSecure::probeMaxFragmentLength(IPAddress ip, uint16_t port, uint1
return _SendAbort(probe, supportsLen);
}
// AXTLS compatibility interfaces
bool WiFiClientSecure::setCACert(const uint8_t* pk, size_t size) {
_axtls_ta = nullptr;
_axtls_ta = std::shared_ptr<X509List>(new X509List(pk, size));
_ta = _axtls_ta.get();
return _ta ? true : false;
}
bool WiFiClientSecure::setCertificate(const uint8_t* pk, size_t size) {
_axtls_chain = nullptr;
_axtls_chain = std::shared_ptr<X509List>(new X509List(pk, size));
_chain = _axtls_chain.get();
return _chain ? true : false;
}
bool WiFiClientSecure::setPrivateKey(const uint8_t* pk, size_t size) {
_axtls_sk = nullptr;
_axtls_sk = std::shared_ptr<PrivateKey>(new PrivateKey(pk, size));
_sk = _axtls_sk.get();
return _sk ? true : false;
}
uint8_t *WiFiClientSecure::_streamLoad(Stream& stream, size_t size) {
uint8_t *dest = (uint8_t*)malloc(size);
if (!dest) {
return nullptr;
}
if (size != stream.readBytes(dest, size)) {
free(dest);
return nullptr;
}
return dest;
}
bool WiFiClientSecure::loadCACert(Stream& stream, size_t size) {
uint8_t *dest = _streamLoad(stream, size);
bool ret = false;
if (dest) {
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
ret = setCACert(dest, size);
#pragma GCC diagnostic pop
}
free(dest);
return ret;
}
bool WiFiClientSecure::loadCertificate(Stream& stream, size_t size) {
uint8_t *dest = _streamLoad(stream, size);
bool ret = false;
if (dest) {
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
ret = setCertificate(dest, size);
#pragma GCC diagnostic pop
}
free(dest);
return ret;
}
bool WiFiClientSecure::loadPrivateKey(Stream& stream, size_t size) {
uint8_t *dest = _streamLoad(stream, size);
bool ret = false;
if (dest) {
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
ret = setPrivateKey(dest, size);
#pragma GCC diagnostic pop
}
free(dest);
return ret;
}
};

70
libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h
View File

@ -131,68 +131,6 @@ class WiFiClientSecure : public WiFiClient {
static bool probeMaxFragmentLength(const char *hostname, uint16_t port, uint16_t len);
static bool probeMaxFragmentLength(const String& host, uint16_t port, uint16_t len);
////////////////////////////////////////////////////
// AxTLS API deprecated warnings to help upgrading
#define AXTLS_DEPRECATED \
__attribute__((deprecated( \
"This is deprecated AxTLS API, " \
"check https://github.com/esp8266/Arduino/blob/master/libraries/ESP8266WiFi/src/WiFiClientSecure.h#L25-L99")))
bool setCACert(const uint8_t* pk, size_t size) AXTLS_DEPRECATED;
bool setCertificate(const uint8_t* pk, size_t size) AXTLS_DEPRECATED;
bool setPrivateKey(const uint8_t* pk, size_t size) AXTLS_DEPRECATED;
bool loadCACert(Stream& stream, size_t size) AXTLS_DEPRECATED;
bool loadCertificate(Stream& stream, size_t size) AXTLS_DEPRECATED;
bool loadPrivateKey(Stream& stream, size_t size) AXTLS_DEPRECATED;
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
bool setCACert_P(PGM_VOID_P pk, size_t size) AXTLS_DEPRECATED {
return setCACert((const uint8_t *)pk, size);
}
bool setCertificate_P(PGM_VOID_P pk, size_t size) AXTLS_DEPRECATED {
return setCertificate((const uint8_t *)pk, size);
}
bool setPrivateKey_P(PGM_VOID_P pk, size_t size) AXTLS_DEPRECATED {
return setPrivateKey((const uint8_t *)pk, size);
}
#pragma GCC diagnostic pop
template<typename TFile>
bool loadCertificate(TFile& file) {
return loadCertificate(file, file.size());
}
template<typename TFile>
bool loadPrivateKey(TFile& file) {
return loadPrivateKey(file, file.size());
}
template<typename TFile>
bool loadCACert(TFile& file) {
return loadCACert(file, file.size());
}
bool verify(const char* fingerprint, const char* domain_name) AXTLS_DEPRECATED {
(void)fingerprint;
(void)domain_name;
return connected();
}
bool verifyCertChain(const char* domain_name) AXTLS_DEPRECATED {
(void)domain_name;
return connected();
}
// AxTLS API deprecated section end
/////////////////////////////////////
protected:
bool _connectSSL(const char *hostName); // Do initial SSL handshake
@ -219,14 +157,6 @@ class WiFiClientSecure : public WiFiClient {
bool _handshake_done;
bool _oom_err;
// AXTLS compatibility shim elements:
// AXTLS managed memory for certs and keys, while BearSSL assumes
// the app manages these. Use this local storage for holding the
// BearSSL created objects in a shared form.
std::shared_ptr<X509List> _axtls_ta;
std::shared_ptr<X509List> _axtls_chain;
std::shared_ptr<PrivateKey> _axtls_sk;
// Optional storage space pointer for session parameters
// Will be used on connect and updated on close
Session *_session;

16
libraries/ESP8266WiFi/src/WiFiServerSecureBearSSL.cpp
View File

@ -56,8 +56,6 @@ WiFiServerSecure::WiFiServerSecure(const WiFiServerSecure &rhs) : WiFiServer(rhs
WiFiServerSecure::~WiFiServerSecure() {
stack_thunk_del_ref();
_axtls_chain = nullptr;
_axtls_sk = nullptr;
}
// Specify a RSA-signed certificate and key for the server. Only copies the pointer, the
@ -103,18 +101,4 @@ WiFiClientSecure WiFiServerSecure::available(uint8_t* status) {
return WiFiClientSecure();
}
void WiFiServerSecure::setServerKeyAndCert(const uint8_t *key, int keyLen, const uint8_t *cert, int certLen) {
_axtls_chain = nullptr;
_axtls_sk = nullptr;
_axtls_chain = std::shared_ptr<X509List>(new X509List(cert, certLen));
_axtls_sk = std::shared_ptr<PrivateKey>(new PrivateKey(key, keyLen));
setRSACert(_axtls_chain.get(), _axtls_sk.get());
}
void WiFiServerSecure::setServerKeyAndCert_P(const uint8_t *key, int keyLen, const uint8_t *cert, int certLen) {
setServerKeyAndCert(key, keyLen, cert, certLen);
}
};

8
libraries/ESP8266WiFi/src/WiFiServerSecureBearSSL.h
View File

@ -58,10 +58,6 @@ class WiFiServerSecure : public WiFiServer {
// If awaiting connection available and authenticated (i.e. client cert), return it.
WiFiClientSecure available(uint8_t* status = NULL);
// Compatibility with axTLS interface
void setServerKeyAndCert(const uint8_t *key, int keyLen, const uint8_t *cert, int certLen);
void setServerKeyAndCert_P(const uint8_t *key, int keyLen, const uint8_t *cert, int certLen);
WiFiServerSecure& operator=(const WiFiServerSecure&) = default;
using ClientType = WiFiClientSecure;
@ -74,10 +70,6 @@ class WiFiServerSecure : public WiFiServer {
int _iobuf_out_size = 837;
const X509List *_client_CA_ta = nullptr;
// axTLS compat
std::shared_ptr<X509List> _axtls_chain;
std::shared_ptr<PrivateKey> _axtls_sk;
};
};