mchapman/nina-fw
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

print return code and more verbose errors, move things around to correspond with their logical steps

Browse Source
This commit is contained in:
brentru
2019-10-01 14:44:49 -04:00
parent 0b558d2ea3
commit 4b30ab4284
1 changed files with 15 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
arduino/libraries/WiFi/src/WiFiSSLClient.cpp
View File

@@ -66,7 +66,6 @@ int WiFiSSLClient::connect(const char* host, uint16_t port)
mbedtls_ssl_config_init(&_sslConfig); mbedtls_ssl_config_init(&_sslConfig);
mbedtls_x509_crt_init(&_caCrt);
mbedtls_net_init(&_netContext); mbedtls_net_init(&_netContext);
ets_printf("*** connect inited\n"); ets_printf("*** connect inited\n");
@@ -84,54 +83,52 @@ int WiFiSSLClient::connect(const char* host, uint16_t port)
ets_printf("*** connect ssl hostname\n"); ets_printf("*** connect ssl hostname\n");
/* Hostname set here should match CN in server certificate */ /* Hostname set here should match CN in server certificate */
if(mbedtls_ssl_set_hostname(&_sslContext, host) != 0) if(mbedtls_ssl_set_hostname(&_sslContext, host) != 0) {
{
stop(); stop();
return 0; return 0;
} }
ets_printf("*** connect ssl config\n"); ets_printf("*** connect ssl config\n");
if (ret= mbedtls_ssl_config_defaults(&_sslConfig, MBEDTLS_SSL_IS_CLIENT,
if (mbedtls_ssl_config_defaults(&_sslConfig, MBEDTLS_SSL_IS_CLIENT, MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT) != 0) { MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT) != 0) {
stop(); stop();
ets_printf("Error Setting up SSL Config: %d", ret);
return 0; return 0;
} }
ets_printf("*** connect authmode\n"); ets_printf("*** connect authmode\n");
// we're always using the root CA cert from partition, so MBEDTLS_SSL_VERIFY_REQUIRED
ets_printf("*** Loading CA Cert...");
mbedtls_x509_crt_init(&_caCrt);
mbedtls_ssl_conf_authmode(&_sslConfig, MBEDTLS_SSL_VERIFY_REQUIRED); mbedtls_ssl_conf_authmode(&_sslConfig, MBEDTLS_SSL_VERIFY_REQUIRED);
// setting up CA certificates from partition
spi_flash_mmap_handle_t handle; spi_flash_mmap_handle_t handle;
const unsigned char* certs_data = {}; const unsigned char* certs_data = {};
ets_printf("*** connect part findfirst\n"); ets_printf("*** connect part findfirst\n");
const esp_partition_t* part = esp_partition_find_first(ESP_PARTITION_TYPE_DATA, ESP_PARTITION_SUBTYPE_ANY, "certs"); const esp_partition_t* part = esp_partition_find_first(ESP_PARTITION_TYPE_DATA, ESP_PARTITION_SUBTYPE_ANY, "certs");
if (part == NULL) if (part == NULL) {
{
return 0; return 0;
} }
ets_printf("*** connect part mmap\n"); ets_printf("*** connect part mmap\n");
int ret = esp_partition_mmap(part, 0, part->size, SPI_FLASH_MMAP_DATA, (const void**)&certs_data, &handle); int ret = esp_partition_mmap(part, 0, part->size, SPI_FLASH_MMAP_DATA, (const void**)&certs_data, &handle);
if (ret != ESP_OK) if (ret != ESP_OK) {
{ ets_printf("*** Error partition mmap %d\n", ret);
return 0; return 0;
} }
ets_printf("*** connect crt parse\n"); ets_printf("*** connect crt parse\n");
ret = mbedtls_x509_crt_parse(&_caCrt, certs_data, strlen((char*)certs_data) + 1); ret = mbedtls_x509_crt_parse(&_caCrt, certs_data, strlen((char*)certs_data) + 1);
ets_printf("*** connect conf ca chain\n");
mbedtls_ssl_conf_ca_chain(&_sslConfig, &_caCrt, NULL);
if (ret < 0) { if (ret < 0) {
stop(); stop();
return 0; return 0;
} }
ets_printf("*** connect conf ca chain\n"); // TODO: Check for _cert and _private_key
mbedtls_ssl_conf_ca_chain(&_sslConfig, &_caCrt, NULL);
ets_printf("*** connect conf RNG\n"); ets_printf("*** connect conf RNG\n");