Mirrors/libwebsockets
1
0
Fork 0
mirror of https://github.com/warmcat/libwebsockets.git synced 2025-03-16 00:00:07 +01:00
Code Issues Releases Wiki Activity
libwebsockets/minimal-examples/embedded/esp32/esp-wrover-kit/main/static-policy.h
Andy Green 06662a64fa LE-root-cert-update 
warmcat.com and libwebsockets.org use Let's Encrypt certificates... LE
have changed their CA signing arrangements and after 2021-01-12 (the
point I renewed the LE server certs and received one signed using the
new arrangements) it's required to trust new root certs for the examples
to connect to warmcat.com and libwebsockets.org.

https://letsencrypt.org/2020/09/17/new-root-and-intermediates.html

This updates the in-tree CA copies, the remote policies on warmcat.com
have also been updated.

Just goes to show for real client infrastructure, you need to run your own
CA (that doesn't have to be trusted by anything outside the clients)
where you can control the CA lifetime.
2021-01-13 04:32:13 +00:00

228 lines
10 KiB
C
Raw Blame History

/*
* Autogenerated from the following JSON policy
*/
#if 0
{
"release": "01234567",
"product": "myproduct",
"schema-version": 1,
"retry": [
{"default": {
"backoff": [ 1000,
2000,
3000,
5000,
10000
],
"conceal": 25,
"jitterpc": 20,
"svalidping": 30,
"svalidhup": 35
}}
],
"certs": [
{"dst_root_x3": "MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMTDkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVowPzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQDEw5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4Orz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEqOLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9bxiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaDaeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqGSIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXrAvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZzR8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYoOb8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ"
}],
"trust_stores": [
{
"name": "le_via_dst",
"stack": [
"dst_root_x3"
]
}
],
"s": [
{"test_stream": {
"endpoint": "warmcat.com",
"port": 443,
"protocol": "h2",
"http_method": "GET",
"http_url": "index.html",
"tls": true,
"opportunistic": true,
"retry": "default",
"tls_trust_store": "le_via_dst"
}},{
"captive_portal_detect": {
"endpoint": "connectivitycheck.android.com",
"http_url": "generate_204",
"port": 80,
"protocol": "h1",
"http_method": "GET",
"opportunistic": true,
"http_expect": 204,
"http_fail_redirect": true
}}
]}
Original JSON size: 2211
#endif
static const uint32_t _rbo_bo_0[] = {
1000, 2000, 3000, 5000, 10000,
};
static const lws_retry_bo_t _rbo_0 = {
.retry_ms_table = _rbo_bo_0,
.retry_ms_table_count = 5,
.conceal_count = 25,
.secs_since_valid_ping = 30,
.secs_since_valid_hangup = 35,
.jitter_percent = 20,
};
static const uint8_t _ss_der_dst_root_x3[] = {
/* 0x 0 */ 0x30, 0x82, 0x03, 0x4A, 0x30, 0x82, 0x02, 0x32,
/* 0x 8 */ 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0x44,
/* 0x 10 */ 0xAF, 0xB0, 0x80, 0xD6, 0xA3, 0x27, 0xBA, 0x89,
/* 0x 18 */ 0x30, 0x39, 0x86, 0x2E, 0xF8, 0x40, 0x6B, 0x30,
/* 0x 20 */ 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
/* 0x 28 */ 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3F,
/* 0x 30 */ 0x31, 0x24, 0x30, 0x22, 0x06, 0x03, 0x55, 0x04,
/* 0x 38 */ 0x0A, 0x13, 0x1B, 0x44, 0x69, 0x67, 0x69, 0x74,
/* 0x 40 */ 0x61, 0x6C, 0x20, 0x53, 0x69, 0x67, 0x6E, 0x61,
/* 0x 48 */ 0x74, 0x75, 0x72, 0x65, 0x20, 0x54, 0x72, 0x75,
/* 0x 50 */ 0x73, 0x74, 0x20, 0x43, 0x6F, 0x2E, 0x31, 0x17,
/* 0x 58 */ 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
/* 0x 60 */ 0x0E, 0x44, 0x53, 0x54, 0x20, 0x52, 0x6F, 0x6F,
/* 0x 68 */ 0x74, 0x20, 0x43, 0x41, 0x20, 0x58, 0x33, 0x30,
/* 0x 70 */ 0x1E, 0x17, 0x0D, 0x30, 0x30, 0x30, 0x39, 0x33,
/* 0x 78 */ 0x30, 0x32, 0x31, 0x31, 0x32, 0x31, 0x39, 0x5A,
/* 0x 80 */ 0x17, 0x0D, 0x32, 0x31, 0x30, 0x39, 0x33, 0x30,
/* 0x 88 */ 0x31, 0x34, 0x30, 0x31, 0x31, 0x35, 0x5A, 0x30,
/* 0x 90 */ 0x3F, 0x31, 0x24, 0x30, 0x22, 0x06, 0x03, 0x55,
/* 0x 98 */ 0x04, 0x0A, 0x13, 0x1B, 0x44, 0x69, 0x67, 0x69,
/* 0x a0 */ 0x74, 0x61, 0x6C, 0x20, 0x53, 0x69, 0x67, 0x6E,
/* 0x a8 */ 0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x54, 0x72,
/* 0x b0 */ 0x75, 0x73, 0x74, 0x20, 0x43, 0x6F, 0x2E, 0x31,
/* 0x b8 */ 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x03,
/* 0x c0 */ 0x13, 0x0E, 0x44, 0x53, 0x54, 0x20, 0x52, 0x6F,
/* 0x c8 */ 0x6F, 0x74, 0x20, 0x43, 0x41, 0x20, 0x58, 0x33,
/* 0x d0 */ 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09,
/* 0x d8 */ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01,
/* 0x e0 */ 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00,
/* 0x e8 */ 0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01,
/* 0x f0 */ 0x00, 0xDF, 0xAF, 0xE9, 0x97, 0x50, 0x08, 0x83,
/* 0x f8 */ 0x57, 0xB4, 0xCC, 0x62, 0x65, 0xF6, 0x90, 0x82,
/* 0x100 */ 0xEC, 0xC7, 0xD3, 0x2C, 0x6B, 0x30, 0xCA, 0x5B,
/* 0x108 */ 0xEC, 0xD9, 0xC3, 0x7D, 0xC7, 0x40, 0xC1, 0x18,
/* 0x110 */ 0x14, 0x8B, 0xE0, 0xE8, 0x33, 0x76, 0x49, 0x2A,
/* 0x118 */ 0xE3, 0x3F, 0x21, 0x49, 0x93, 0xAC, 0x4E, 0x0E,
/* 0x120 */ 0xAF, 0x3E, 0x48, 0xCB, 0x65, 0xEE, 0xFC, 0xD3,
/* 0x128 */ 0x21, 0x0F, 0x65, 0xD2, 0x2A, 0xD9, 0x32, 0x8F,
/* 0x130 */ 0x8C, 0xE5, 0xF7, 0x77, 0xB0, 0x12, 0x7B, 0xB5,
/* 0x138 */ 0x95, 0xC0, 0x89, 0xA3, 0xA9, 0xBA, 0xED, 0x73,
/* 0x140 */ 0x2E, 0x7A, 0x0C, 0x06, 0x32, 0x83, 0xA2, 0x7E,
/* 0x148 */ 0x8A, 0x14, 0x30, 0xCD, 0x11, 0xA0, 0xE1, 0x2A,
/* 0x150 */ 0x38, 0xB9, 0x79, 0x0A, 0x31, 0xFD, 0x50, 0xBD,
/* 0x158 */ 0x80, 0x65, 0xDF, 0xB7, 0x51, 0x63, 0x83, 0xC8,
/* 0x160 */ 0xE2, 0x88, 0x61, 0xEA, 0x4B, 0x61, 0x81, 0xEC,
/* 0x168 */ 0x52, 0x6B, 0xB9, 0xA2, 0xE2, 0x4B, 0x1A, 0x28,
/* 0x170 */ 0x9F, 0x48, 0xA3, 0x9E, 0x0C, 0xDA, 0x09, 0x8E,
/* 0x178 */ 0x3E, 0x17, 0x2E, 0x1E, 0xDD, 0x20, 0xDF, 0x5B,
/* 0x180 */ 0xC6, 0x2A, 0x8A, 0xAB, 0x2E, 0xBD, 0x70, 0xAD,
/* 0x188 */ 0xC5, 0x0B, 0x1A, 0x25, 0x90, 0x74, 0x72, 0xC5,
/* 0x190 */ 0x7B, 0x6A, 0xAB, 0x34, 0xD6, 0x30, 0x89, 0xFF,
/* 0x198 */ 0xE5, 0x68, 0x13, 0x7B, 0x54, 0x0B, 0xC8, 0xD6,
/* 0x1a0 */ 0xAE, 0xEC, 0x5A, 0x9C, 0x92, 0x1E, 0x3D, 0x64,
/* 0x1a8 */ 0xB3, 0x8C, 0xC6, 0xDF, 0xBF, 0xC9, 0x41, 0x70,
/* 0x1b0 */ 0xEC, 0x16, 0x72, 0xD5, 0x26, 0xEC, 0x38, 0x55,
/* 0x1b8 */ 0x39, 0x43, 0xD0, 0xFC, 0xFD, 0x18, 0x5C, 0x40,
/* 0x1c0 */ 0xF1, 0x97, 0xEB, 0xD5, 0x9A, 0x9B, 0x8D, 0x1D,
/* 0x1c8 */ 0xBA, 0xDA, 0x25, 0xB9, 0xC6, 0xD8, 0xDF, 0xC1,
/* 0x1d0 */ 0x15, 0x02, 0x3A, 0xAB, 0xDA, 0x6E, 0xF1, 0x3E,
/* 0x1d8 */ 0x2E, 0xF5, 0x5C, 0x08, 0x9C, 0x3C, 0xD6, 0x83,
/* 0x1e0 */ 0x69, 0xE4, 0x10, 0x9B, 0x19, 0x2A, 0xB6, 0x29,
/* 0x1e8 */ 0x57, 0xE3, 0xE5, 0x3D, 0x9B, 0x9F, 0xF0, 0x02,
/* 0x1f0 */ 0x5D, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x42,
/* 0x1f8 */ 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D,
/* 0x200 */ 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03,
/* 0x208 */ 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55,
/* 0x210 */ 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03,
/* 0x218 */ 0x02, 0x01, 0x06, 0x30, 0x1D, 0x06, 0x03, 0x55,
/* 0x220 */ 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xC4, 0xA7,
/* 0x228 */ 0xB1, 0xA4, 0x7B, 0x2C, 0x71, 0xFA, 0xDB, 0xE1,
/* 0x230 */ 0x4B, 0x90, 0x75, 0xFF, 0xC4, 0x15, 0x60, 0x85,
/* 0x238 */ 0x89, 0x10, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
/* 0x240 */ 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05,
/* 0x248 */ 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xA3, 0x1A,
/* 0x250 */ 0x2C, 0x9B, 0x17, 0x00, 0x5C, 0xA9, 0x1E, 0xEE,
/* 0x258 */ 0x28, 0x66, 0x37, 0x3A, 0xBF, 0x83, 0xC7, 0x3F,
/* 0x260 */ 0x4B, 0xC3, 0x09, 0xA0, 0x95, 0x20, 0x5D, 0xE3,
/* 0x268 */ 0xD9, 0x59, 0x44, 0xD2, 0x3E, 0x0D, 0x3E, 0xBD,
/* 0x270 */ 0x8A, 0x4B, 0xA0, 0x74, 0x1F, 0xCE, 0x10, 0x82,
/* 0x278 */ 0x9C, 0x74, 0x1A, 0x1D, 0x7E, 0x98, 0x1A, 0xDD,
/* 0x280 */ 0xCB, 0x13, 0x4B, 0xB3, 0x20, 0x44, 0xE4, 0x91,
/* 0x288 */ 0xE9, 0xCC, 0xFC, 0x7D, 0xA5, 0xDB, 0x6A, 0xE5,
/* 0x290 */ 0xFE, 0xE6, 0xFD, 0xE0, 0x4E, 0xDD, 0xB7, 0x00,
/* 0x298 */ 0x3A, 0xB5, 0x70, 0x49, 0xAF, 0xF2, 0xE5, 0xEB,
/* 0x2a0 */ 0x02, 0xF1, 0xD1, 0x02, 0x8B, 0x19, 0xCB, 0x94,
/* 0x2a8 */ 0x3A, 0x5E, 0x48, 0xC4, 0x18, 0x1E, 0x58, 0x19,
/* 0x2b0 */ 0x5F, 0x1E, 0x02, 0x5A, 0xF0, 0x0C, 0xF1, 0xB1,
/* 0x2b8 */ 0xAD, 0xA9, 0xDC, 0x59, 0x86, 0x8B, 0x6E, 0xE9,
/* 0x2c0 */ 0x91, 0xF5, 0x86, 0xCA, 0xFA, 0xB9, 0x66, 0x33,
/* 0x2c8 */ 0xAA, 0x59, 0x5B, 0xCE, 0xE2, 0xA7, 0x16, 0x73,
/* 0x2d0 */ 0x47, 0xCB, 0x2B, 0xCC, 0x99, 0xB0, 0x37, 0x48,
/* 0x2d8 */ 0xCF, 0xE3, 0x56, 0x4B, 0xF5, 0xCF, 0x0F, 0x0C,
/* 0x2e0 */ 0x72, 0x32, 0x87, 0xC6, 0xF0, 0x44, 0xBB, 0x53,
/* 0x2e8 */ 0x72, 0x6D, 0x43, 0xF5, 0x26, 0x48, 0x9A, 0x52,
/* 0x2f0 */ 0x67, 0xB7, 0x58, 0xAB, 0xFE, 0x67, 0x76, 0x71,
/* 0x2f8 */ 0x78, 0xDB, 0x0D, 0xA2, 0x56, 0x14, 0x13, 0x39,
/* 0x300 */ 0x24, 0x31, 0x85, 0xA2, 0xA8, 0x02, 0x5A, 0x30,
/* 0x308 */ 0x47, 0xE1, 0xDD, 0x50, 0x07, 0xBC, 0x02, 0x09,
/* 0x310 */ 0x90, 0x00, 0xEB, 0x64, 0x63, 0x60, 0x9B, 0x16,
/* 0x318 */ 0xBC, 0x88, 0xC9, 0x12, 0xE6, 0xD2, 0x7D, 0x91,
/* 0x320 */ 0x8B, 0xF9, 0x3D, 0x32, 0x8D, 0x65, 0xB4, 0xE9,
/* 0x328 */ 0x7C, 0xB1, 0x57, 0x76, 0xEA, 0xC5, 0xB6, 0x28,
/* 0x330 */ 0x39, 0xBF, 0x15, 0x65, 0x1C, 0xC8, 0xF6, 0x77,
/* 0x338 */ 0x96, 0x6A, 0x0A, 0x8D, 0x77, 0x0B, 0xD8, 0x91,
/* 0x340 */ 0x0B, 0x04, 0x8E, 0x07, 0xDB, 0x29, 0xB6, 0x0A,
/* 0x348 */ 0xEE, 0x9D, 0x82, 0x35, 0x35, 0x10,
};
static const lws_ss_x509_t _ss_x509_dst_root_x3 = {
.vhost_name = "dst_root_x3",
.ca_der = _ss_der_dst_root_x3,
.ca_der_len = 846,
};
static const lws_ss_trust_store_t _ss_ts_le_via_dst = {
.name = "le_via_dst",
.ssx509 = {
&_ss_x509_dst_root_x3,
}
};
static const lws_ss_policy_t _ssp_captive_portal_detect = {
.streamtype = "captive_portal_detect",
.endpoint = "connectivitycheck.android.com",
.u = {
.http = {
.method = "GET",
.url = "generate_204",
.resp_expect = 204,
.fail_redirect = 1,
}
},
.flags = 0x1,
.port = 80,
.protocol = 0,
},
_ssp_test_stream = {
.next = (void *)&_ssp_captive_portal_detect,
.streamtype = "test_stream",
.endpoint = "warmcat.com",
.u = {
.http = {
.method = "GET",
.url = "index.html",
}
},
.retry_bo = &_rbo_0,
.flags = 0x11,
.port = 443,
.protocol = 1,
.trust = {.store = &_ss_ts_le_via_dst},
};
#define _ss_static_policy_entry _ssp_test_stream
/* estimated footprint 1482 (when sizeof void * = 8) */
Reference in a new issue View git blame Copy permalink