jacob.eva/arduino-esp32
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

handshake in ssl_client.cpp (#2044)

Browse Source 
* issue #2041

* handshake timeout

* seconds to milliseconds
This commit is contained in:
A C SREEDHAR REDDY 2018-11-27 03:55:08 +05:30 committed by Me No Dev
parent 0640964879
commit 46257c03b3
4 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
libraries/WiFiClientSecure/src/WiFiClientSecure.cpp
View File

@ -35,7 +35,7 @@ WiFiClientSecure::WiFiClientSecure()
sslclient = new sslclient_context; sslclient = new sslclient_context;
ssl_init(sslclient); ssl_init(sslclient);
sslclient->socket = -1; sslclient->socket = -1;
sslclient->handshake_timeout = 120000;
_CA_cert = NULL; _CA_cert = NULL;
_cert = NULL; _cert = NULL;
_private_key = NULL; _private_key = NULL;
@ -50,6 +50,7 @@ WiFiClientSecure::WiFiClientSecure(int sock)
sslclient = new sslclient_context; sslclient = new sslclient_context;
ssl_init(sslclient); ssl_init(sslclient);
sslclient->socket = sock; sslclient->socket = sock;
sslclient->handshake_timeout = 120000;
if (sock >= 0) { if (sock >= 0) {
_connected = true; _connected = true;
@ -285,3 +286,8 @@ int WiFiClientSecure::lastError(char *buf, const size_t size)
snprintf(buf, size, "%s", error_buf); snprintf(buf, size, "%s", error_buf);
return _lastError; return _lastError;
} }
void WiFiClientSecure::setHandshakeTimeout(unsigned long handshake_timeout)
{
sslclient->handshake_timeout = handshake_timeout * 1000;
}

1
libraries/WiFiClientSecure/src/WiFiClientSecure.h
View File

@ -62,6 +62,7 @@ public:
bool loadCertificate(Stream& stream, size_t size); bool loadCertificate(Stream& stream, size_t size);
bool loadPrivateKey(Stream& stream, size_t size); bool loadPrivateKey(Stream& stream, size_t size);
bool verify(const char* fingerprint, const char* domain_name); bool verify(const char* fingerprint, const char* domain_name);
void setHandshakeTimeout(unsigned long handshake_timeout);
operator bool() operator bool()
{ {

4
libraries/WiFiClientSecure/src/ssl_client.cpp
View File

@ -158,11 +158,13 @@ int start_ssl_client(sslclient_context *ssl_client, const char *host, uint32_t p
mbedtls_ssl_set_bio(&ssl_client->ssl_ctx, &ssl_client->socket, mbedtls_net_send, mbedtls_net_recv, NULL ); mbedtls_ssl_set_bio(&ssl_client->ssl_ctx, &ssl_client->socket, mbedtls_net_send, mbedtls_net_recv, NULL );
log_v("Performing the SSL/TLS handshake..."); log_v("Performing the SSL/TLS handshake...");
unsigned long handshake_start_time=millis();
while ((ret = mbedtls_ssl_handshake(&ssl_client->ssl_ctx)) != 0) { while ((ret = mbedtls_ssl_handshake(&ssl_client->ssl_ctx)) != 0) {
if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
return handle_error(ret); return handle_error(ret);
} }
if((millis()-handshake_start_time)>ssl_client->handshake_timeout)
return -1;
vTaskDelay(10 / portTICK_PERIOD_MS); vTaskDelay(10 / portTICK_PERIOD_MS);
} }

2
libraries/WiFiClientSecure/src/ssl_client.h
View File

@ -23,6 +23,8 @@ typedef struct sslclient_context {
mbedtls_x509_crt ca_cert; mbedtls_x509_crt ca_cert;
mbedtls_x509_crt client_cert; mbedtls_x509_crt client_cert;
mbedtls_pk_context client_key; mbedtls_pk_context client_key;
unsigned long handshake_timeout;
} sslclient_context; } sslclient_context;