Skip to content

GitLab

A
arduino-esp32
Commit 46257c03 authored by A C SREEDHAR REDDY's avatar A C SREEDHAR REDDY Committed by Me No Dev
Browse files
Options

handshake in ssl_client.cpp (#2044) 

* issue #2041

* handshake timeout

* seconds to milliseconds
parent 06409648
Hide whitespace changes
Inline Side-by-side
Showing with 14 additions and 3 deletions
libraries/WiFiClientSecure/src/WiFiClientSecure.cpp
View file @ 46257c03
...@@ -35,7 +35,7 @@ WiFiClientSecure::WiFiClientSecure() ...@@ -35,7 +35,7 @@ WiFiClientSecure::WiFiClientSecure()
sslclient = new sslclient_context; sslclient = new sslclient_context;
ssl_init(sslclient); ssl_init(sslclient);
sslclient->socket = -1; sslclient->socket = -1;
sslclient->handshake_timeout = 120000;
_CA_cert = NULL; _CA_cert = NULL;
_cert = NULL; _cert = NULL;
_private_key = NULL; _private_key = NULL;
...@@ -50,6 +50,7 @@ WiFiClientSecure::WiFiClientSecure(int sock) ...@@ -50,6 +50,7 @@ WiFiClientSecure::WiFiClientSecure(int sock)
sslclient = new sslclient_context; sslclient = new sslclient_context;
ssl_init(sslclient); ssl_init(sslclient);
sslclient->socket = sock; sslclient->socket = sock;
sslclient->handshake_timeout = 120000;
if (sock >= 0) { if (sock >= 0) {
_connected = true; _connected = true;
...@@ -285,3 +286,8 @@ int WiFiClientSecure::lastError(char *buf, const size_t size) ...@@ -285,3 +286,8 @@ int WiFiClientSecure::lastError(char *buf, const size_t size)
snprintf(buf, size, "%s", error_buf); snprintf(buf, size, "%s", error_buf);
return _lastError; return _lastError;
} }
void WiFiClientSecure::setHandshakeTimeout(unsigned long handshake_timeout)
{
sslclient->handshake_timeout = handshake_timeout * 1000;
}
\ No newline at end of file
libraries/WiFiClientSecure/src/WiFiClientSecure.h
View file @ 46257c03
...@@ -62,6 +62,7 @@ public: ...@@ -62,6 +62,7 @@ public:
bool loadCertificate(Stream& stream, size_t size); bool loadCertificate(Stream& stream, size_t size);
bool loadPrivateKey(Stream& stream, size_t size); bool loadPrivateKey(Stream& stream, size_t size);
bool verify(const char* fingerprint, const char* domain_name); bool verify(const char* fingerprint, const char* domain_name);
void setHandshakeTimeout(unsigned long handshake_timeout);
operator bool() operator bool()
{ {
......
libraries/WiFiClientSecure/src/ssl_client.cpp
View file @ 46257c03
...@@ -158,12 +158,14 @@ int start_ssl_client(sslclient_context *ssl_client, const char *host, uint32_t p ...@@ -158,12 +158,14 @@ int start_ssl_client(sslclient_context *ssl_client, const char *host, uint32_t p
mbedtls_ssl_set_bio(&ssl_client->ssl_ctx, &ssl_client->socket, mbedtls_net_send, mbedtls_net_recv, NULL ); mbedtls_ssl_set_bio(&ssl_client->ssl_ctx, &ssl_client->socket, mbedtls_net_send, mbedtls_net_recv, NULL );
log_v("Performing the SSL/TLS handshake..."); log_v("Performing the SSL/TLS handshake...");
unsigned long handshake_start_time=millis();
while ((ret = mbedtls_ssl_handshake(&ssl_client->ssl_ctx)) != 0) { while ((ret = mbedtls_ssl_handshake(&ssl_client->ssl_ctx)) != 0) {
if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
return handle_error(ret); return handle_error(ret);
} }
vTaskDelay(10 / portTICK_PERIOD_MS); if((millis()-handshake_start_time)>ssl_client->handshake_timeout)
return -1;
vTaskDelay(10 / portTICK_PERIOD_MS);
} }
......
libraries/WiFiClientSecure/src/ssl_client.h
View file @ 46257c03
...@@ -23,6 +23,8 @@ typedef struct sslclient_context { ...@@ -23,6 +23,8 @@ typedef struct sslclient_context {
mbedtls_x509_crt ca_cert; mbedtls_x509_crt ca_cert;
mbedtls_x509_crt client_cert; mbedtls_x509_crt client_cert;
mbedtls_pk_context client_key; mbedtls_pk_context client_key;
unsigned long handshake_timeout;
} sslclient_context; } sslclient_context;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment