Skip to content

mbed TLS client support #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 39 commits into
base: master
Choose a base branch
from
Open

mbed TLS client support #1

wants to merge 39 commits into from

Conversation

rob-deutsch
Copy link

@rob-deutsch rob-deutsch commented Nov 12, 2020
edited
Loading

@tve has created a branch of AsyncTCP which supports client-side TLS. This is useful for ESPHome if you want to use MQTT over TLS.

I would like to suggest that it be added to ESPHome's AsyncTCP to enable ESPHome experimental support for TLS which will need to be explicitly enabled by a user in the YAML.

I have been using ESPHome with this branch of AsyncTCP for a while now and I haven't observed any problems.

There is a discussion about this branch here: me-no-dev#48

fremouw and others added 30 commits September 26, 2018 10:00
@fremouw
- very early version with mbed TLS support.
a251e59
@fremouw
improved TLS support, removed some not needed debug statements.
d4257e6
@fremouw
removed some more logging.
eeff609
@fremouw
getting there, seems to start working, there are still some issues wi…
f2127a0 
…th the handshake failing.
@fremouw
add fix for reading larger amounts of data.
3c9fbd9
@fremouw
some code clean-up
d501a90
@fremouw
more code clean-up.
c9dd608
@fremouw
revert IDF changes, so it works with the latest stable IDF.
52e550b
@fremouw
Not a fan of defines, but to keep things in line with the esp8266 ver…
001ae06 
…sion added all SSL stuff between defines. In order to enable SSL add -DASYNC_TCP_SSL_ENABLED to your build flags.
@fremouw
clean-up
9f7a918
@fremouw
merge origin/idf-update into mbed-tls, as it's now part of the latest…
5187673 
… released version of arduino-esp32...
@fremouw
Merge branch 'master' into mbed-tls
373c334
@fremouw
add some dummy functions so we can compile when the ESP Async WebServ…
d631d7d 
…er library is also used.
@fremouw
allow setting a root CA.
78f952e
@fremouw
oops, set debug disabled as default again.
0879ba2
@fremouw
add ASYNC_TCP_SSL_ENABLED around setRootCa call.
ef50357
@fremouw
Update README.md
3fa9abf
@tve
add support for pre-shared key TLS cipher suites
5e06389
@tve
update mbed-tls implementation to account for restructing
5e511de
@tve
don't assign _hostname unless necessary
8e55be4
@tve
fix indentation; make SSL timeout a #define
9cba86e
@tve
make SSL timeout a #define, 2nd try
f34df7f
@tve
Merge remote-tracking branch 'upstream/master' into mbed-tls-try2
7bca0f4
@tve
fix while loop in _recv; fix calls into LwIP; add some comments
8ef604b
@tve
fix c/c++ linking from tcp_ssl to tcp code
b7ee312
@tve
TLS fixes: pbuf free bug when reading; add debug printfs; useless ext…
73480f3 
…ra copy in read
@tve
add minor comment
8b52f6c
@tve
merge upstream into mbed-tls
1e8da66
@tve
fix Codacy issues
8e77fe7
@tve
Merge remote-tracking branch 'upstream/master' into mbed-tls-try2
b0b2bac
tve and others added 9 commits September 25, 2019 21:10
@tve
fix issues with closed_slots
3cc7048
@Bmooij @me-no-dev
Fix assertion errors (me-no-dev#72)
d27a12a 
* Fix assertion errors

* Add state check

* replace tabs with spaces
@matt123p @me-no-dev
Make sure the closed slot is always freed (me-no-dev#68)
cacac8f 
* Tidy up and fix some edge cases.

* Make sure we always release a closed_slot.
@me-no-dev
Merge branch 'master' into mbed-tls-try2
abdd496
@Bmooij @me-no-dev
Fix LoadProhibited (me-no-dev#73)
ca8ac5f
@robert-alfaro @tve
mbed-tls-try2 updates (#3)
44b3d6b 
* Fix LoadProhibited (me-no-dev#73)
* Use sizeof instead of strlen for const char[]
* Add Kconfig option to control ASYNC_TCP_SSL_ENABLED
* Optionally include ssl header files
* Add null check for psk_ident and pskey
* Do not default to PSK when root_ca is not explcitly set. tcp_ssl_new_client() has a case to handle this.
* Move psk null checks to top of function, remove unneeded include, syntax cleanup.

Authored-by: Bob <[email protected]>
@tve
fix codacity strlen issues
540bf7d
@tve
Merge branch 'master' into mbed-tls-try2
3d67ffe
@r3no1t @tve
add client certificate authentication
59f83d8
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

8 participants

@rob-deutsch @fremouw @tve @Bmooij @matt123p @me-no-dev @robert-alfaro @r3no1t