cc3200: Server side SSL socket requires both certfile and keyfile.
This commit is contained in:
parent
c6f1d47dcb
commit
4c5bfe2d10
|
@ -88,17 +88,20 @@ STATIC mp_obj_t mod_ssl_wrap_socket(mp_uint_t n_args, const mp_obj_t *pos_args,
|
||||||
|
|
||||||
// chech if ca validation is required
|
// chech if ca validation is required
|
||||||
if (args[4].u_int != SSL_CERT_NONE && args[5].u_obj == mp_const_none) {
|
if (args[4].u_int != SSL_CERT_NONE && args[5].u_obj == mp_const_none) {
|
||||||
nlr_raise(mp_obj_new_exception_msg(&mp_type_ValueError, mpexception_value_invalid_arguments));
|
goto arg_error;
|
||||||
}
|
}
|
||||||
|
|
||||||
// server side param is irrelevant for us (at least for the moment)
|
|
||||||
|
|
||||||
// retrieve the file paths (with an 6 byte offset because to strip the '/flash' prefix)
|
// retrieve the file paths (with an 6 byte offset because to strip the '/flash' prefix)
|
||||||
const char *keyfile = (args[1].u_obj == mp_const_none) ? NULL : &(mp_obj_str_get_str(args[1].u_obj)[6]);
|
const char *keyfile = (args[1].u_obj == mp_const_none) ? NULL : &(mp_obj_str_get_str(args[1].u_obj)[6]);
|
||||||
const char *certfile = (args[2].u_obj == mp_const_none) ? NULL : &(mp_obj_str_get_str(args[2].u_obj)[6]);
|
const char *certfile = (args[2].u_obj == mp_const_none) ? NULL : &(mp_obj_str_get_str(args[2].u_obj)[6]);
|
||||||
const char *cafile = (args[5].u_obj == mp_const_none || args[4].u_int != SSL_CERT_REQUIRED) ?
|
const char *cafile = (args[5].u_obj == mp_const_none || args[4].u_int != SSL_CERT_REQUIRED) ?
|
||||||
NULL : &(mp_obj_str_get_str(args[5].u_obj)[6]);
|
NULL : &(mp_obj_str_get_str(args[5].u_obj)[6]);
|
||||||
|
|
||||||
|
// server side requires both certfile and keyfile
|
||||||
|
if (mp_obj_is_true(args[3].u_obj) && (!keyfile || !certfile)) {
|
||||||
|
goto arg_error;
|
||||||
|
}
|
||||||
|
|
||||||
_i16 sd = ((mod_network_socket_obj_t *)args[0].u_obj)->sock_base.sd;
|
_i16 sd = ((mod_network_socket_obj_t *)args[0].u_obj)->sock_base.sd;
|
||||||
_i16 _errno;
|
_i16 _errno;
|
||||||
if (keyfile && (_errno = sl_SetSockOpt(sd, SL_SOL_SOCKET, SL_SO_SECURE_FILES_PRIVATE_KEY_FILE_NAME, keyfile, strlen(keyfile))) < 0) {
|
if (keyfile && (_errno = sl_SetSockOpt(sd, SL_SOL_SOCKET, SL_SO_SECURE_FILES_PRIVATE_KEY_FILE_NAME, keyfile, strlen(keyfile))) < 0) {
|
||||||
|
@ -123,6 +126,9 @@ STATIC mp_obj_t mod_ssl_wrap_socket(mp_uint_t n_args, const mp_obj_t *pos_args,
|
||||||
|
|
||||||
socket_error:
|
socket_error:
|
||||||
nlr_raise(mp_obj_new_exception_arg1(&mp_type_OSError, MP_OBJ_NEW_SMALL_INT(_errno)));
|
nlr_raise(mp_obj_new_exception_arg1(&mp_type_OSError, MP_OBJ_NEW_SMALL_INT(_errno)));
|
||||||
|
|
||||||
|
arg_error:
|
||||||
|
nlr_raise(mp_obj_new_exception_msg(&mp_type_ValueError, mpexception_value_invalid_arguments));
|
||||||
}
|
}
|
||||||
STATIC MP_DEFINE_CONST_FUN_OBJ_KW(mod_ssl_wrap_socket_obj, 1, mod_ssl_wrap_socket);
|
STATIC MP_DEFINE_CONST_FUN_OBJ_KW(mod_ssl_wrap_socket_obj, 1, mod_ssl_wrap_socket);
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue