1
0
Fork 0
mirror of https://github.com/warmcat/libwebsockets.git synced 2025-03-16 00:00:07 +01:00
Commit graph

60 commits

Author SHA1 Message Date
Andy Green
3e4a1f3b0e client: choose right vh client ssl_ctx 2018-04-06 10:38:03 +08:00
Andy Green
aae2c24678 lws_snprintf 2018-03-12 09:28:42 +08:00
Andy Green
1b43ed1cba mbedtls wrapper: check for malloc.h before using
https://github.com/warmcat/libwebsockets/issues/1163
2018-01-26 07:22:35 +08:00
Andy Green
d58d749b30 acme: adaptations through plat for esp32 2017-12-11 13:30:12 +08:00
Andy Green
c5f6d180dd mbedtls: handle NET_SEND_FAILED
Under the condition the associated client went away (turn off WLAN at the
client), we can spin forever mistaking NET_SEND_FAILED for WANT_WRITE,
which was also true.  This makes sure we understand that was fatal
immediately.
2017-12-01 11:37:35 +08:00
Andy Green
b06665b851 mbedtls: improve SNI for client certs 2017-12-01 11:37:35 +08:00
Andy Green
0c254aba87 tls: add csr generation 2017-12-01 11:37:35 +08:00
Andy Green
00ffebfd24 tls: add x509 query api
This adds a single api on lws that allows querying elements from the
peer certificate on a connection.

The api works the same regardless of the TLS backend.
2017-11-26 19:16:17 +08:00
Andy Green
6bc92f7592 wrapper: untrash partial sends before WANT
1) The original wrapper logic for accounting for partial
sends on mbedtls is broken... adapt it

2) mbedtls has an additional restriction you MUST come
back to retry with EXACTLY the unsent part that you
originally asked for, or it loses coherency in the TLS
tunnel.

3) the wrapper is inconsistent between read WANT state
dynamically reported from mbedtls apis and the
SSL_want() api results.  Check both on read.
2017-11-10 10:59:58 +08:00
Andy Green
89cb55ea58 tls: split out common, openssl and mbedtls code
- introduce lib/tls/mbedtls lib/tls/openssl
 - move wrapper into lib/tls/mbedtls/wrapper
 - introduce private helpers to hide backend

This patch doesn't replace or remove the wrapper, it moves it
to lib/tls/mbedtls/wrapper.

But it should be now that the ONLY functions directly consuming
wrapper apis are isolated in

  - lib/tls/mbedtls/client.c (180 lines)
  - lib/tls/mbedtls/server.c (317 lines)
  - lib/tls/mbedtls/ssl.c    (325 lines)

In particular there are no uses of openssl or mbedtls-related
constants outside of ./lib/tls any more.
2017-10-25 07:17:29 +08:00