Skip to content

Commit

Permalink
Add experimental SSL to host emulator using axtls-8266 (#1852)
Browse files Browse the repository at this point in the history
* Move axtls-8266 into main Components, so we can adapt it for Host use
* Add axtls-8266 component into Host build

Don't need replacements/time.c for host build, select via component.mk

Update axtls-8266 patch file:

* vprintf -> m_vprintf
* putc -> m_putc and ensure `putc`macro is undefined
* Remove replacements/libc.c

* Remove `this` null check from SslSessionId - compiler considers `this` to be non-null.

Ensure code has separate null checks.

* Fix Basic_Ssl sample - cannot set response stream to Serial as it gets deleted by HttpRequest::reset()

If we wanted to do this sort of thing we'd either need an additional flag to indicate stream ownership,
use a shared_ptr, or some other mechanism.
  • Loading branch information
mikee47 authored and slaff committed Sep 29, 2019
1 parent 5bdff55 commit 588b4d0
Show file tree
Hide file tree
Showing 10 changed files with 95 additions and 63 deletions.
2 changes: 1 addition & 1 deletion .gitmodules
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@
url = https://github.com/StefanBruens/ESP8266_new_pwm.git
ignore = dirty
[submodule "ESP8266.axtls-8266"]
path = Sming/Arch/Esp8266/Components/axtls-8266/axtls-8266
path = Sming/Components/axtls-8266/axtls-8266
url = https://github.com/igrr/axtls-8266.git
ignore = dirty
[submodule "ESP8266.umm_malloc"]
Expand Down
5 changes: 5 additions & 0 deletions Sming/Arch/Host/Components/sming-arch/component.mk
Original file line number Diff line number Diff line change
Expand Up @@ -42,3 +42,8 @@ COMPONENT_DEPENDS := \
COMPONENT_VARS := \
ENABLE_WPS \
ENABLE_SMART_CONFIG

# => SSL
ifeq ($(ENABLE_SSL),1)
COMPONENT_DEPENDS += axtls-8266
endif
File renamed without changes.
Original file line number Diff line number Diff line change
@@ -1,35 +1,34 @@
diff -Nuar a/replacements/libc.c b/replacements/libc.c
--- a/replacements/libc.c 1970-01-01 01:00:00.000000000 +0100
+++ b/replacements/libc.c 2016-11-21 11:03:47.152184514 +0100
@@ -0,0 +1,28 @@
+/*
+ libc_replacements.c - replaces libc functions with functions
+ from Espressif SDK
+ Copyright (c) 2015 Ivan Grokhotkov. All rights reserved.
+ This file is part of the esp8266 core for Arduino environment.
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ Modified 03 April 2015 by Markus Sattler
+ */
+
+#include <c_types.h>
+#include <stdarg.h>
+
+extern int ets_putc(int);
+extern int ets_vprintf(int (*print_function)(int), const char * format, va_list arg);
+
+int vprintf(const char * format, va_list arg) {
+ return ets_vprintf(ets_putc, format, arg);
+}
diff --git a/crypto/crypto_misc.c b/crypto/crypto_misc.c
index dca7e5f..20a6741 100644
--- a/crypto/crypto_misc.c
+++ b/crypto/crypto_misc.c
@@ -44,7 +44,7 @@

#ifdef ESP8266
#define CONFIG_SSL_SKELETON_MODE 1
-uint32_t phy_get_rand();
+uint32_t os_random();
#endif

#if defined(CONFIG_USE_DEV_URANDOM)
@@ -171,7 +171,7 @@ EXP_FUNC int STDCALL get_random(int num_rand_bytes, uint8_t *rand_data)
CryptGenRandom(gCryptProv, num_rand_bytes, rand_data);
#elif defined(ESP8266)
for (size_t cb = 0; cb < num_rand_bytes; cb += 4) {
- uint32_t r = phy_get_rand();
+ uint32_t r = os_random();
size_t left = num_rand_bytes - cb;
left = (left < 4) ? left : 4;
memcpy(rand_data + cb, &r, left);
@@ -289,7 +289,7 @@ EXP_FUNC void STDCALL print_blob(const char *format,

va_start(ap, size);
snprintf(tmp, sizeof(tmp), "SSL: %s\n", format);
- vprintf(tmp, ap);
+ m_vprintf(tmp, ap);
print_hex_init(size);
for (i = 0; i < size; i++)
{
diff --git a/replacements/time.c b/replacements/time.c
index 4972119..da75839 100644
--- a/replacements/time.c
Expand Down Expand Up @@ -155,23 +154,40 @@ index 4972119..da75839 100644
return 0;
}
diff --git a/ssl/os_port.h b/ssl/os_port.h
index e0b9e46..7d85ff1 100644
index e0b9e46..8c226ea 100644
--- a/ssl/os_port.h
+++ b/ssl/os_port.h
@@ -45,4 +45,5 @@ extern "C" {
@@ -43,7 +43,12 @@ extern "C" {

#include "os_int.h"
#include "config.h"
#include <stdio.h>
-#include <stdio.h>
+#include <FakePgmSpace.h>
+
+#undef WIN32
+#ifndef ESP8266
+#define ESP8266
+#endif

#ifdef WIN32
@@ -68,5 +69,5 @@ extern "C" {
#define STDCALL __stdcall
@@ -62,12 +67,11 @@ extern "C" {

#include "util/time.h"
#include <errno.h>
+#ifndef alloca
#define alloca(size) __builtin_alloca(size)
+#endif
#define TTY_FLUSH()
-#ifdef putc
#undef putc
#endif
-#endif
-#define putc(x, f) ets_putc(x)
+#define putc(x, f) m_putc(x)

#define SOCKET_READ(A,B,C) ax_port_read(A,B,C)
@@ -93,76 +94,30 @@ extern "C" {
#define SOCKET_WRITE(A,B,C) ax_port_write(A,B,C)
@@ -92,78 +96,23 @@ extern "C" {
#define be64toh(x) __bswap_constant_64(x)
#endif

-void ax_wdt_feed();
Expand Down Expand Up @@ -238,26 +254,17 @@ index e0b9e46..7d85ff1 100644
- return 0;
-}
+#ifdef AXTLS_BUILD
+
+#define printf(fmt, ...) \
+ do { \
+ static const char fstr[] PROGMEM = fmt; \
+ char rstr[sizeof(fmt)]; \
+ memcpy_P(rstr, fstr, sizeof(rstr)); \
+ m_printf(rstr, ##__VA_ARGS__); \
+ } while (0)

-#define printf(fmt, ...) do { static const char fstr[] PROGMEM = fmt; char rstr[sizeof(fmt)]; memcpy_P(rstr, fstr, sizeof(rstr)); ets_printf(rstr, ##__VA_ARGS__); } while (0)
-#define strcpy_P(dst, src) do { static const char fstr[] PROGMEM = src; memcpy_P(dst, fstr, sizeof(src)); } while (0)
+#define strcpy_P(dst, src) \
+ do { \
+ static const char fstr[] PROGMEM = src; \
+ memcpy_P(dst, fstr, sizeof(src)); \
+ } while (0)
+#define printf(fmt, ...) m_printf(_F(fmt), ##__VA_ARGS__)

-// Copied from ets_sys.h to avoid compile warnings
-extern int ets_printf(const char *format, ...) __attribute__ ((format (printf, 1, 2)));
-extern int ets_putc(int);
+#undef strcpy_P
+#define strcpy_P(a, str) strcpy(a, _F(str))
+
+#endif /* AXTLS_BUILD */

// The network interface in WiFiClientSecure
Expand All @@ -267,18 +274,24 @@ index e0b9e46..7d85ff1 100644
+extern int ax_port_write(int fd, uint8_t* buffer, uint16_t count);

// TODO: Why is this not being imported from <string.h>?
@@ -261,4 +216,5 @@ EXP_FUNC int STDCALL getdomainname(char *buf, int buf_size);
extern char *strdup(const char *orig);
@@ -260,6 +209,7 @@ EXP_FUNC int STDCALL getdomainname(char *buf, int buf_size);
#endif /* Not Win32 */

/* some functions to mutate the way these work */
+#ifndef ntohl
inline uint32_t htonl(uint32_t n){
return ((n & 0xff) << 24) |
@@ -269,4 +225,5 @@ inline uint32_t htonl(uint32_t n){
((n & 0xff00) << 8) |
@@ -268,6 +218,8 @@ inline uint32_t htonl(uint32_t n){
}

#define ntohl htonl
+#define LWIP_DONT_PROVIDE_BYTEORDER_FUNCTIONS
+#endif

EXP_FUNC int STDCALL ax_open(const char *pathname, int flags);

diff --git a/ssl/tls1.c b/ssl/tls1.c
index 10b592c..10fe9d5 100644
--- a/ssl/tls1.c
Expand Down Expand Up @@ -615,3 +628,16 @@ index 0916412..4bb7d07 100644
/**
* Define watchdog function to be called during CPU intensive operations.
*/
diff --git a/crypto/bigint.c b/crypto/bigint.c
index d90b093..f18fbd5 100644
--- a/crypto/bigint.c
+++ b/crypto/bigint.c
@@ -688,7 +688,7 @@ void bi_print(const char *label, bigint *x)
{
comp mask = 0x0f << (j*4);
comp num = (x->comps[i] & mask) >> (j*4);
- putc((num <= 9) ? (num + '0') : (num + 'A' - 10), stdout);
+ m_putc((num <= 9) ? (num + '0') : (num + 'A' - 10));
}
}

Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,16 @@ SSL_DEBUG ?= 0

COMPONENT_SUBMODULES := axtls-8266

COMPONENT_DEPENDS := esp8266

COMPONENT_SRCDIRS := \
axtls-8266/compat \
axtls-8266/replacements \
axtls-8266/crypto \
axtls-8266/ssl

ifneq ($(SMING_ARCH),Host)
COMPONENT_SRCDIRS += \
axtls-8266/replacements
endif

COMPONENT_INCDIRS := \
. \
axtls-8266 \
Expand Down
6 changes: 2 additions & 4 deletions Sming/Core/Network/Ssl/SslSessionId.h
Original file line number Diff line number Diff line change
Expand Up @@ -18,16 +18,14 @@
class SslSessionId
{
public:
/** @brief May be called even when object is null */
const uint8_t* getValue()
{
return this ? reinterpret_cast<const uint8_t*>(value.c_str()) : nullptr;
return reinterpret_cast<const uint8_t*>(value.c_str());
}

/** @brief May be called even when object is null */
unsigned getLength()
{
return this ? value.length() : 0;
return value.length();
}

bool isValid()
Expand Down
1 change: 1 addition & 0 deletions Sming/Core/Network/TcpConnection.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -453,6 +453,7 @@ err_t TcpConnection::internalOnConnected(err_t err)
}
}

assert(sslSessionId != nullptr);
debug_d("SSL: Session Id Length: %u", sslSessionId->getLength());
if(sslSessionId->isValid()) {
debug_d("-----BEGIN SSL SESSION PARAMETERS-----");
Expand Down
1 change: 1 addition & 0 deletions Sming/Wiring/FakePgmSpace.h
Original file line number Diff line number Diff line change
Expand Up @@ -154,6 +154,7 @@ char *strstr_P(char *haystack, const char *needle_P);
#define pgm_read_float(addr) (*(const float *)(addr))

#define memcpy_P(dest, src, num) memcpy((dest), (src), (num))
#define memcmp_P(a1, b1, len) memcmp(a1, b1, len)
#define strlen_P(a) strlen((a))
#define strcpy_P(dest, src) strcpy((dest), (src))
#define strncpy_P(dest, src, size) strncpy((dest), (src), (size))
Expand Down
1 change: 0 additions & 1 deletion samples/Basic_Ssl/app/application.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,6 @@ void gotIP(IpAddress ip, IpAddress netmask, IpAddress gateway)
request->pinCertificate(fingerprints);
request->onRequestComplete(onDownload);

request->setResponseStream(&Serial);
downloadClient.send(request);
}

Expand Down

0 comments on commit 588b4d0

Please sign in to comment.