From 34822f190d22946d5609cbdeca611676053e3361 Mon Sep 17 00:00:00 2001
From: Andy Green <andy@warmcat.com>
Date: Mon, 3 Apr 2017 14:09:37 +0800
Subject: [PATCH] esp32: enforce ssl nonblocking
---
Kconfig | 8 ++++++++
lib/lws-plat-esp32.c | 9 ++++++---
lib/server.c | 11 ++++++-----
lib/ssl.c | 19 +++++++++++++++----
4 files changed, 35 insertions(+), 12 deletions(-)
diff --git a/Kconfig b/Kconfig
index ec36ac1d..857c9571 100644
--- a/Kconfig
+++ b/Kconfig
@@ -4,19 +4,27 @@ config LWS_MODEL_NAME
string "Model name of device firmware is for"
default "lws"
+config LWS_IS_FACTORY_APPLICATION
+ bool "Is this application is designed for the FACTORY flash slot"
+ default "n"
+
config LWS_OTA_SERVER_FQDN
+ depends on LWS_IS_FACTORY_APPLICATION
string "Domain name of OTA update server, eg, warmcat.com"
default ""
config LWS_OTA_SERVER_BASE_URL
+ depends on LWS_IS_FACTORY_APPLICATION
string "Base URL on OTA update server, eg, /esp32-ota (model is added)"
default "/esp32-ota"
config LWS_OTA_SERVER_UPLOAD_USER
+ depends on LWS_IS_FACTORY_APPLICATION
string "User to scp to upload server with"
default "root"
config LWS_OTA_SERVER_UPLOAD_PATH
+ depends on LWS_IS_FACTORY_APPLICATION
string "Path served in upload server (eg, \"/var/www/libwebsockets.org\""
default "/var/www/libwebsockets.org"
diff --git a/lib/lws-plat-esp32.c b/lib/lws-plat-esp32.c
index 9261f8c9..82e39ce4 100644
--- a/lib/lws-plat-esp32.c
+++ b/lib/lws-plat-esp32.c
@@ -880,9 +880,11 @@ lws_esp_ota_get_boot_partition(void)
* factory partition right now.
*/
part = factory_part;
- } else
- if (LWS_IS_FACTORY_APPLICATION == 1 &&
- ota_eih.spi_mode != 0xff &&
+ }
+
+#ifdef CONFIG_LWS_IS_FACTORY_APPLICATION
+ else
+ if (ota_eih.spi_mode != 0xff &&
part->address != factory_part->address) {
uint8_t buf[4096];
uint32_t n;
@@ -919,6 +921,7 @@ lws_esp_ota_get_boot_partition(void)
retry:
esp_restart();
}
+#endif
return part;
}
diff --git a/lib/server.c b/lib/server.c
index d6baa597..2de0e6a4 100644
--- a/lib/server.c
+++ b/lib/server.c
@@ -350,8 +350,7 @@ lws_http_serve(struct lws *wsi, char *uri, const char *origin,
const struct lws_protocol_vhost_options *pvo = m->interpret;
struct lws_process_html_args args;
const char *mimetype;
-#if !defined(_WIN32_WCE) && !defined(LWS_WITH_ESP8266) && \
- !defined(LWS_WITH_ESP32)
+#if !defined(_WIN32_WCE) && !defined(LWS_WITH_ESP8266)
const struct lws_plat_file_ops *fops;
const char *vpath;
lws_fop_flags_t fflags = LWS_O_RDONLY;
@@ -368,8 +367,7 @@ lws_http_serve(struct lws *wsi, char *uri, const char *origin,
lws_snprintf(path, sizeof(path) - 1, "%s/%s", origin, uri);
-#if !defined(_WIN32_WCE) && !defined(LWS_WITH_ESP8266) && \
- !defined(LWS_WITH_ESP32)
+#if !defined(_WIN32_WCE) && !defined(LWS_WITH_ESP8266)
fflags |= lws_vfs_prepare_flags(wsi);
@@ -391,6 +389,9 @@ lws_http_serve(struct lws *wsi, char *uri, const char *origin,
/* if it can't be statted, don't try */
if (fflags & LWS_FOP_FLAG_VIRTUAL)
break;
+#if defined(LWS_WITH_ESP32)
+ break;
+#endif
#if !defined(WIN32)
if (fstat(wsi->u.http.fop_fd->fd, &st)) {
lwsl_info("unable to stat %s\n", path);
@@ -407,7 +408,7 @@ lws_http_serve(struct lws *wsi, char *uri, const char *origin,
fflags |= LWS_FOP_FLAG_MOD_TIME_VALID;
lwsl_debug(" %s mode %d\n", path, S_IFMT & st.st_mode);
-#if !defined(WIN32) && LWS_POSIX
+#if !defined(WIN32) && LWS_POSIX && !defined(LWS_WITH_ESP32)
if ((S_IFMT & st.st_mode) == S_IFLNK) {
len = readlink(path, sym, sizeof(sym) - 1);
if (len) {
diff --git a/lib/ssl.c b/lib/ssl.c
index d161e5fc..03e6d768 100644
--- a/lib/ssl.c
+++ b/lib/ssl.c
@@ -1,7 +1,7 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
- * Copyright (C) 2010-2016 Andy Green <andy@warmcat.com>
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@@ -329,11 +329,18 @@ lws_ssl_capable_read(struct lws *wsi, unsigned char *buf, int len)
if (n < 0) {
n = lws_ssl_get_error(wsi, n);
- if (n == SSL_ERROR_WANT_READ || n == SSL_ERROR_WANT_WRITE) {
+ if (n == SSL_ERROR_WANT_READ || SSL_want_read(wsi->ssl)) {
+ lwsl_debug("%s: WANT_READ\n", __func__);
+ lwsl_debug("%p: LWS_SSL_CAPABLE_MORE_SERVICE\n", wsi);
+ return LWS_SSL_CAPABLE_MORE_SERVICE;
+ }
+ if (n == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->ssl)) {
+ lwsl_debug("%s: WANT_WRITE\n", __func__);
lwsl_debug("%p: LWS_SSL_CAPABLE_MORE_SERVICE\n", wsi);
return LWS_SSL_CAPABLE_MORE_SERVICE;
}
+
lwsl_err("%s failed2: %s\n",__func__,
ERR_error_string(lws_ssl_get_error(wsi, 0), NULL));
lws_ssl_elaborate_error();
@@ -410,6 +417,7 @@ lws_ssl_capable_write(struct lws *wsi, unsigned char *buf, int len)
n = lws_ssl_get_error(wsi, n);
if (n == SSL_ERROR_WANT_READ || n == SSL_ERROR_WANT_WRITE) {
if (n == SSL_ERROR_WANT_WRITE) {
+ lwsl_debug("%s: WANT_WRITE\n", __func__);
lws_set_blocking_send(wsi);
}
return LWS_SSL_CAPABLE_MORE_SERVICE;
@@ -532,6 +540,7 @@ lws_server_socket_service_ssl(struct lws *wsi, lws_sockfd_type accept_fd)
#endif
#else
#if defined(LWS_WITH_ESP32)
+ lws_plat_set_socket_options(wsi->vhost, accept_fd);
#else
SSL_set_mode(wsi->ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
bio = SSL_get_rbio(wsi->ssl);
@@ -648,7 +657,7 @@ lws_server_socket_service_ssl(struct lws *wsi, lws_sockfd_type accept_fd)
#endif
go_again:
- if (m == SSL_ERROR_WANT_READ) {
+ if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->ssl)) {
if (lws_change_pollfd(wsi, 0, LWS_POLLIN)) {
lwsl_err("%s: WANT_READ change_pollfd failed\n", __func__);
goto fail;
@@ -657,7 +666,9 @@ go_again:
lwsl_info("SSL_ERROR_WANT_READ\n");
break;
}
- if (m == SSL_ERROR_WANT_WRITE) {
+ if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->ssl)) {
+ lwsl_debug("%s: WANT_WRITE\n", __func__);
+
if (lws_change_pollfd(wsi, 0, LWS_POLLOUT)) {
lwsl_err("%s: WANT_WRITE change_pollfd failed\n", __func__);
goto fail;
--
GitLab