From 23eb8d5bce2a178ebcfb574e1bc0ffbd70acda19 Mon Sep 17 00:00:00 2001 From: Eggert Jung Date: Thu, 7 Dec 2023 04:05:33 +0100 Subject: [PATCH] add https from example --- main/https.c | 108 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ main/https.h | 1 + 2 files changed, 109 insertions(+) create mode 100644 main/https.c create mode 100644 main/https.h diff --git a/main/https.c b/main/https.c new file mode 100644 index 0000000..0288827 --- /dev/null +++ b/main/https.c @@ -0,0 +1,108 @@ +#include "esp_tls.h" +#include "esp_log.h" +#include +#include "freertos/FreeRTOS.h" + +#include "esp_crt_bundle.h" + +static const char *TAG = "https"; + +static void https_get_request(esp_tls_cfg_t cfg, const char *WEB_SERVER_URL, const char *REQUEST) +{ + char buf[512]; + int ret, len; + + esp_tls_t *tls = esp_tls_init(); + if (!tls) { + ESP_LOGE(TAG, "Failed to allocate esp_tls handle!"); + goto exit; + } + + if (esp_tls_conn_http_new_sync(WEB_SERVER_URL, &cfg, tls) == 1) { + ESP_LOGI(TAG, "Connection established..."); + } else { + ESP_LOGE(TAG, "Connection failed..."); + int esp_tls_code = 0, esp_tls_flags = 0; + esp_tls_error_handle_t tls_e = NULL; + esp_tls_get_error_handle(tls, &tls_e); + /* Try to get TLS stack level error and certificate failure flags, if any */ + ret = esp_tls_get_and_clear_last_error(tls_e, &esp_tls_code, &esp_tls_flags); + if (ret == ESP_OK) { + ESP_LOGE(TAG, "TLS error = -0x%x, TLS flags = -0x%x", esp_tls_code, esp_tls_flags); + } + goto cleanup; + } + +#ifdef CONFIG_EXAMPLE_CLIENT_SESSION_TICKETS + /* The TLS session is successfully established, now saving the session ctx for reuse */ + if (save_client_session) { + esp_tls_free_client_session(tls_client_session); + tls_client_session = esp_tls_get_client_session(tls); + } +#endif + + size_t written_bytes = 0; + do { + ret = esp_tls_conn_write(tls, + REQUEST + written_bytes, + strlen(REQUEST) - written_bytes); + if (ret >= 0) { + ESP_LOGI(TAG, "%d bytes written", ret); + written_bytes += ret; + } else if (ret != ESP_TLS_ERR_SSL_WANT_READ && ret != ESP_TLS_ERR_SSL_WANT_WRITE) { + ESP_LOGE(TAG, "esp_tls_conn_write returned: [0x%02X](%s)", ret, esp_err_to_name(ret)); + goto cleanup; + } + } while (written_bytes < strlen(REQUEST)); + + ESP_LOGI(TAG, "Reading HTTP response..."); + do { + len = sizeof(buf) - 1; + memset(buf, 0x00, sizeof(buf)); + ret = esp_tls_conn_read(tls, (char *)buf, len); + + if (ret == ESP_TLS_ERR_SSL_WANT_WRITE || ret == ESP_TLS_ERR_SSL_WANT_READ) { + continue; + } else if (ret < 0) { + ESP_LOGE(TAG, "esp_tls_conn_read returned [-0x%02X](%s)", -ret, esp_err_to_name(ret)); + break; + } else if (ret == 0) { + ESP_LOGI(TAG, "connection closed"); + break; + } + + len = ret; + ESP_LOGD(TAG, "%d bytes read", len); + /* Print response directly to stdout as it is read */ + for (int i = 0; i < len; i++) { + putchar(buf[i]); + } + putchar('\n'); // JSON output doesn't have a newline at end + } while (1); + +cleanup: + esp_tls_conn_destroy(tls); +exit: + for (int countdown = 10; countdown >= 0; countdown--) { + ESP_LOGI(TAG, "%d...", countdown); + vTaskDelay(1000 / portTICK_PERIOD_MS); + } +} + +#define WEB_SERVER "www.howsmyssl.com" +#define WEB_PORT "443" +#define WEB_URL "https://www.howsmyssl.com/a/check" + +static const char HOWSMYSSL_REQUEST[] = "GET " WEB_URL " HTTP/1.1\r\n" + "Host: "WEB_SERVER"\r\n" + "User-Agent: esp-idf/1.0 esp32\r\n" + "\r\n"; + +void https_get_request_using_crt_bundle(void) +{ + ESP_LOGI(TAG, "https_request using crt bundle"); + esp_tls_cfg_t cfg = { + .crt_bundle_attach = esp_crt_bundle_attach, + }; + https_get_request(cfg, WEB_URL, HOWSMYSSL_REQUEST); +} diff --git a/main/https.h b/main/https.h new file mode 100644 index 0000000..0fe1a4c --- /dev/null +++ b/main/https.h @@ -0,0 +1 @@ +void https_get_request_using_crt_bundle(void);