diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt index c55c61985..f9553fd8c 100644 --- a/lib/CMakeLists.txt +++ b/lib/CMakeLists.txt @@ -38,7 +38,8 @@ set(LWS_LIB_INCLUDES "") if (LWS_PLAT_FREERTOS) add_subdir_include_dirs(plat/freertos) if (ESP_PLATFORM) - include_directories($ENV{IDF_PATH}/components/freertos/include + list(APPEND LWS_ESP_IDF_DIRS + $ENV{IDF_PATH}/components/freertos/include $ENV{IDF_PATH}/components/esp_hw_support/include/soc/ $ENV{IDF_PATH}/components/esp_common/include $ENV{IDF_PATH}/components/esp_timer/include @@ -71,7 +72,12 @@ if (LWS_PLAT_FREERTOS) $ENV{IDF_PATH}/components/lwip/lwip/src/include $ENV{IDF_PATH}/components/lwip/lwip/src/include/lwip $ENV{IDF_PATH}/components/newlib/platform_include ) + + include_directories(${LWS_ESP_IDF_DIRS}) + + list(APPEND CMAKE_REQUIRED_INCLUDES ${LWS_ESP_IDF_DIRS}) endif() + else() if (LWS_PLAT_OPTEE) diff --git a/lib/core-net/adopt.c b/lib/core-net/adopt.c index e41194510..579f4bfe1 100644 --- a/lib/core-net/adopt.c +++ b/lib/core-net/adopt.c @@ -847,12 +847,16 @@ lws_create_adopt_udp(struct lws_vhost *vhost, const char *ads, int port, lws_snprintf(buf, sizeof(buf), "%u", port); n = getaddrinfo(ads, buf, &h, &r); if (n) { + +#if (_LWS_ENABLED_LOGS & LLL_INFO) #if !defined(LWS_PLAT_FREERTOS) lwsl_info("%s: getaddrinfo error: %s\n", __func__, gai_strerror(n)); #else + lwsl_info("%s: getaddrinfo error: %s\n", __func__, strerror(n)); +#endif #endif //freeaddrinfo(r); goto bail1; diff --git a/lib/roles/h2/http2.c b/lib/roles/h2/http2.c index a09b97fc0..58e7c107d 100644 --- a/lib/roles/h2/http2.c +++ b/lib/roles/h2/http2.c @@ -431,6 +431,12 @@ lws_pps_schedule(struct lws *wsi, struct lws_h2_protocol_send *pps) struct lws *nwsi = lws_get_network_wsi(wsi); struct lws_h2_netconn *h2n = nwsi->h2.h2n; + if (!h2n) { + lwsl_warn("%s: null h2n\n", __func__); + lws_free(pps); + return; + } + pps->next = h2n->pps; h2n->pps = pps; lws_rx_flow_control(wsi, LWS_RXFLOW_REASON_APPLIES_DISABLE | diff --git a/lib/tls/CMakeLists.txt b/lib/tls/CMakeLists.txt index fd3c27fab..a161879f1 100644 --- a/lib/tls/CMakeLists.txt +++ b/lib/tls/CMakeLists.txt @@ -375,22 +375,39 @@ if (LWS_WITH_MBEDTLS) # not supported in esp-idf openssl wrapper yet, but is in our version set(LWS_HAVE_X509_VERIFY_PARAM_set1_host 1 PARENT_SCOPE) endif() - set(CMAKE_REQUIRED_LIBRARIES ${MBEDTLS_LIBRARY} ${MBEDX509_LIBRARY} ${MBEDCRYPTO_LIBRARY}) + set(CMAKE_REQUIRED_LIBRARIES ${MBEDTLS_LIBRARY} ${MBEDX509_LIBRARY} ${MBEDCRYPTO_LIBRARY}) set(CMAKE_REQUIRED_INCLUDES ${CMAKE_REQUIRED_INCLUDES} ${MBEDTLS_INCLUDE_DIRS}) - CHECK_C_SOURCE_COMPILES("#include \nint main(void) { struct mbedtls_x509_crt c; c.authority_key_id.keyIdentifier.tag = MBEDTLS_ASN1_OCTET_STRING; return c.authority_key_id.keyIdentifier.tag; }\n" LWS_HAVE_MBEDTLS_AUTH_KEY_ID) - CHECK_C_SOURCE_COMPILES("#include \nint main(void) { void *v = (void *)mbedtls_ssl_set_verify; return !!v; }\n" LWS_HAVE_mbedtls_ssl_set_verify) - CHECK_FUNCTION_EXISTS(mbedtls_ssl_conf_alpn_protocols LWS_HAVE_mbedtls_ssl_conf_alpn_protocols PARENT_SCOPE) - CHECK_FUNCTION_EXISTS(mbedtls_ssl_get_alpn_protocol LWS_HAVE_mbedtls_ssl_get_alpn_protocol PARENT_SCOPE) - CHECK_FUNCTION_EXISTS(mbedtls_ssl_conf_sni LWS_HAVE_mbedtls_ssl_conf_sni PARENT_SCOPE) - CHECK_FUNCTION_EXISTS(mbedtls_ssl_set_hs_ca_chain LWS_HAVE_mbedtls_ssl_set_hs_ca_chain PARENT_SCOPE) - CHECK_FUNCTION_EXISTS(mbedtls_ssl_set_hs_own_cert LWS_HAVE_mbedtls_ssl_set_hs_own_cert PARENT_SCOPE) - CHECK_FUNCTION_EXISTS(mbedtls_ssl_set_hs_authmode LWS_HAVE_mbedtls_ssl_set_hs_authmode PARENT_SCOPE) - CHECK_FUNCTION_EXISTS(mbedtls_net_init LWS_HAVE_mbedtls_net_init PARENT_SCOPE) - CHECK_FUNCTION_EXISTS(mbedtls_x509_crt_parse_file LWS_HAVE_mbedtls_x509_crt_parse_file PARENT_SCOPE) # some embedded may lack filesystem - CHECK_FUNCTION_EXISTS(mbedtls_md_setup LWS_HAVE_mbedtls_md_setup PARENT_SCOPE) # not on xenial 2.2 - CHECK_FUNCTION_EXISTS(mbedtls_rsa_complete LWS_HAVE_mbedtls_rsa_complete PARENT_SCOPE) # not on xenial 2.2 - CHECK_FUNCTION_EXISTS(mbedtls_internal_aes_encrypt LWS_HAVE_mbedtls_internal_aes_encrypt PARENT_SCOPE) # not on xenial 2.2 + + if (ESP_PLATFORM) + # we know we should have things + set(LWS_HAVE_MBEDTLS_AUTH_KEY_ID 1 CACHE BOOL x) + set(LWS_HAVE_mbedtls_ssl_conf_alpn_protocols 1 CACHE BOOL x) + set(LWS_HAVE_mbedtls_ssl_get_alpn_protocol 1 CACHE BOOL x) + set(LWS_HAVE_mbedtls_ssl_conf_sni 1 CACHE BOOL x) + set(LWS_HAVE_mbedtls_ssl_set_hs_ca_chain 1 CACHE BOOL x) + set(LWS_HAVE_mbedtls_ssl_set_hs_own_cert 1 CACHE BOOL x) + set(LWS_HAVE_mbedtls_ssl_set_hs_authmode 1 CACHE BOOL x) + set(LWS_HAVE_mbedtls_net_init 1 CACHE BOOL x) + set(LWS_HAVE_mbedtls_x509_crt_parse_file 1 CACHE BOOL x) # some embedded may lack filesystem + set(LWS_HAVE_mbedtls_md_setup 1 CACHE BOOL x) # not on xenial 2.2 + set(LWS_HAVE_mbedtls_rsa_complete 1 CACHE BOOL x) # not on xenial 2.2 + set(LWS_HAVE_mbedtls_internal_aes_encrypt 1 CACHE BOOL x) # not on xenial 2.2 + else() + CHECK_C_SOURCE_COMPILES("#include \nint main(void) { struct mbedtls_x509_crt c; c.authority_key_id.keyIdentifier.tag = MBEDTLS_ASN1_OCTET_STRING; return c.authority_key_id.keyIdentifier.tag; }\n" LWS_HAVE_MBEDTLS_AUTH_KEY_ID) + CHECK_C_SOURCE_COMPILES("#include \nint main(void) { void *v = (void *)mbedtls_ssl_set_verify; return !!v; }\n" LWS_HAVE_mbedtls_ssl_set_verify) + CHECK_SYMBOL_EXISTS(mbedtls_ssl_conf_alpn_protocols LWS_HAVE_mbedtls_ssl_conf_alpn_protocols PARENT_SCOPE) + CHECK_FUNCTION_EXISTS(mbedtls_ssl_get_alpn_protocol LWS_HAVE_mbedtls_ssl_get_alpn_protocol PARENT_SCOPE) + CHECK_FUNCTION_EXISTS(mbedtls_ssl_conf_sni LWS_HAVE_mbedtls_ssl_conf_sni PARENT_SCOPE) + CHECK_FUNCTION_EXISTS(mbedtls_ssl_set_hs_ca_chain LWS_HAVE_mbedtls_ssl_set_hs_ca_chain PARENT_SCOPE) + CHECK_FUNCTION_EXISTS(mbedtls_ssl_set_hs_own_cert LWS_HAVE_mbedtls_ssl_set_hs_own_cert PARENT_SCOPE) + CHECK_FUNCTION_EXISTS(mbedtls_ssl_set_hs_authmode LWS_HAVE_mbedtls_ssl_set_hs_authmode PARENT_SCOPE) + CHECK_FUNCTION_EXISTS(mbedtls_net_init LWS_HAVE_mbedtls_net_init PARENT_SCOPE) + CHECK_FUNCTION_EXISTS(mbedtls_x509_crt_parse_file LWS_HAVE_mbedtls_x509_crt_parse_file PARENT_SCOPE) # some embedded may lack filesystem + CHECK_FUNCTION_EXISTS(mbedtls_md_setup LWS_HAVE_mbedtls_md_setup PARENT_SCOPE) # not on xenial 2.2 + CHECK_FUNCTION_EXISTS(mbedtls_rsa_complete LWS_HAVE_mbedtls_rsa_complete PARENT_SCOPE) # not on xenial 2.2 + CHECK_FUNCTION_EXISTS(mbedtls_internal_aes_encrypt LWS_HAVE_mbedtls_internal_aes_encrypt PARENT_SCOPE) # not on xenial 2.2 + endif() else() CHECK_FUNCTION_EXISTS(${VARIA}TLS_client_method LWS_HAVE_TLS_CLIENT_METHOD PARENT_SCOPE) CHECK_FUNCTION_EXISTS(${VARIA}TLSv1_2_client_method LWS_HAVE_TLSV1_2_CLIENT_METHOD PARENT_SCOPE) diff --git a/lib/tls/mbedtls/mbedtls-client.c b/lib/tls/mbedtls/mbedtls-client.c index c12bbd506..bc7644ae8 100644 --- a/lib/tls/mbedtls/mbedtls-client.c +++ b/lib/tls/mbedtls/mbedtls-client.c @@ -137,12 +137,12 @@ lws_ssl_client_bio_create(struct lws *wsi) alpn_comma = hostname; } - lwsl_info("%s: %s: client conn sending ALPN list '%s'\n", - __func__, lws_wsi_tag(wsi), alpn_comma); - protos.len = (uint8_t)lws_alpn_comma_to_openssl(alpn_comma, protos.data, sizeof(protos.data) - 1); + lwsl_info("%s: %s: client conn sending ALPN list '%s' (protos.len %d)\n", + __func__, lws_wsi_tag(wsi), alpn_comma, protos.len); + /* with mbedtls, protos is not pointed to after exit from this call */ SSL_set_alpn_select_cb(wsi->tls.ssl, &protos); diff --git a/lib/tls/mbedtls/wrapper/platform/ssl_pm.c b/lib/tls/mbedtls/wrapper/platform/ssl_pm.c index 04354f6b4..df38334fa 100755 --- a/lib/tls/mbedtls/wrapper/platform/ssl_pm.c +++ b/lib/tls/mbedtls/wrapper/platform/ssl_pm.c @@ -874,6 +874,8 @@ void _ssl_set_alpn_list(const SSL *ssl) return; if (mbedtls_ssl_conf_alpn_protocols(&((struct ssl_pm *)(ssl->ssl_pm))->conf, ssl->ctx->alpn_protos)) fprintf(stderr, "mbedtls_ssl_conf_alpn_protocols failed\n"); +#else + fprintf(stderr, "mbedtls_ssl_conf_alpn_protocols absent\n"); #endif } @@ -889,6 +891,7 @@ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, else *len = 0; #else + fprintf(stderr, "mbedtls_ssl_conf_alpn_protocols absent\n"); *len = 0; #endif }