fixup! Serialize selected certificates to PEM string

iotivity · Jan 10, 2024 · 6cd2378 · 6cd2378
1 parent f30c40c
commit 6cd2378
Show file tree

Hide file tree

Showing 18 changed files with 89 additions and 115 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -99,14 +99,11 @@ jobs:
         run: |
           sudo apt install -y git wget flex bison gperf python3 python3-pip python3-setuptools python3-serial python3-click python3-cryptography python3-future python3-pyparsing python3-pyelftools cmake ninja-build ccache libffi-dev libssl-dev libusb-1.0-0
           cd ./port/esp32
-          # git clone --recursive -b release/v5.0 https://github.com/espressif/esp-idf.git
-          git clone -b release/v5.0 https://github.com/espressif/esp-idf.git
-          ( cd esp-idf && git checkout 335ca8a687d4f507b8ffe8a4ec3132ba4a4a4be3 )
-          ( cd esp-idf && git submodule update --init --recursive )
+          git clone --recursive -b release/v5.1 https://github.com/espressif/esp-idf.git
           ./esp-idf/install.sh
           . ./esp-idf/export.sh
           idf.py ${{ matrix.args }} set-target esp32
-          ( cd esp-idf/components/mbedtls/mbedtls && patch -p1 < ../../../../../../patches/mbedtls/3.1/01-ocf-x509san-anon-psk.patch)
-          ( cd esp-idf/components/mbedtls/mbedtls && patch -p1 < ../../../../patches/mbedtls/3.1/02-ocf-mbedtls-config.patch)
+          ( cd esp-idf/components/mbedtls/mbedtls && patch -p1 < ../../../../../../patches/mbedtls/3.5/01-ocf-anon-psk.patch )
+          ( cd esp-idf/components/mbedtls/mbedtls && patch -p1 < ../../../../patches/mbedtls/3.5/02-ocf-mbedtls-config.patch )
           ( cd esp-idf/components/lwip/lwip && find ../../../../patches/lwip/ -type f -name '*.patch' -exec patch -p1 -i {} \; )
           idf.py build
diff --git a/port/esp32/hawkbit/hawkbit.c b/port/esp32/hawkbit/hawkbit.c
@@ -50,6 +50,7 @@
 #include <esp_partition.h>
 #include <esp_system.h>
 
+#include <assert.h>
 #include <errno.h>
 #include <stdbool.h>
 #include <stddef.h>
@@ -75,6 +76,9 @@ hawkbit_fetch_by_http_get(const hawkbit_context_t *ctx, oc_string_view_t url)
   hawkbit_buffer_t output;
   if (!hawkbit_buffer_init(&output, HAWKBIT_HTTP_MAX_OUTPUT_BUFFER)) {
     APP_ERR("fetch by HTTP GET: failed to allocate output buffer");
+#if defined(OC_SECURITY) && defined(OC_PKI)
+    hawkbit_buffer_free(&hb);
+#endif /* OC_SECURITY && OC_PKI */
     return false;
   }
   int code = hawkbit_http_perform_get(url, pem, output.buffer,
@@ -173,10 +177,6 @@ hawkbit_get_url(const hawkbit_context_t *ctx, char *server_url,
                 size_t server_url_size, char *tenant, size_t tenant_size,
                 char *controller_id, size_t controller_id_size)
 {
-  assert(server_url != NULL);
-  assert(tenant != NULL);
-  assert(controller_id != NULL);
-
   const char *purl = hawkbit_get_package_url(ctx);
   if (purl == NULL) {
     return HAWKBIT_ERROR_PACKAGE_URL_NOT_SET;
@@ -326,9 +326,6 @@ hawkbit_error_t
 hawkbit_poll_base_resource(hawkbit_context_t *ctx, hawkbit_action_t *action,
                            hawkbit_configuration_t *cfg)
 {
-  assert(ctx != NULL);
-  assert(action != NULL);
-
   char url[256];
   int ret = hawkbit_base_resource_url(ctx, url, sizeof(url));
   if (ret < 0) {

diff --git a/port/esp32/hawkbit/hawkbit_action.c b/port/esp32/hawkbit/hawkbit_action.c
@@ -19,8 +19,6 @@
 
 #include "hawkbit_action.h"
 
-#include <assert.h>
-
 #define HAWKBIT_ACTION_NONE_STR "no action"
 #define HAWKBIT_ACTION_CONFIGURE_STR "configure"
 #define HAWKBIT_ACTION_DEPLOY_STR "deploy"
@@ -56,7 +54,6 @@ hawkbit_action_none()
 hawkbit_action_t
 hawkbit_action_cancel(const char *id)
 {
-  assert(id != NULL);
   hawkbit_action_t action = {
     .type = HAWKBIT_ACTION_CANCEL,
   };
@@ -67,7 +64,6 @@ hawkbit_action_cancel(const char *id)
 hawkbit_action_t
 hawkbit_action_configure(const char *url)
 {
-  assert(url != NULL);
   hawkbit_action_t action = {
     .type = HAWKBIT_ACTION_CONFIGURE,
   };
@@ -85,14 +81,13 @@ hawkbit_action_deploy(hawkbit_deployment_t deployment)
   return action;
 }
 
-/**
- * @brief Deallocate data for given action type
- *
- * @param action action to clear (cannot be NULL)
- */
 void
 hawkbit_action_free(hawkbit_action_t *action)
 {
+  if (action == NULL) {
+    return;
+  }
+
   if (action->type == HAWKBIT_ACTION_CANCEL) {
     oc_free_string(&action->data.cancel.id);
     return;

diff --git a/port/esp32/hawkbit/hawkbit_action.h b/port/esp32/hawkbit/hawkbit_action.h
@@ -22,6 +22,7 @@
 
 #include "hawkbit_deployment.h"
 #include "oc_helpers.h"
+#include "util/oc_compiler.h"
 
 #ifdef __cplusplus
 extern "C" {
@@ -68,18 +69,18 @@ const char *hawkbit_action_type_to_string(hawkbit_action_type_t action);
 hawkbit_action_t hawkbit_action_none();
 
 /** Create cancel action */
-hawkbit_action_t hawkbit_action_cancel(const char *id);
+hawkbit_action_t hawkbit_action_cancel(const char *id) OC_NONNULL();
 
 /** Create configure action */
-hawkbit_action_t hawkbit_action_configure(const char *url);
+hawkbit_action_t hawkbit_action_configure(const char *url) OC_NONNULL();
 
 /** Create deploy action */
 hawkbit_action_t hawkbit_action_deploy(hawkbit_deployment_t deployment);
 
 /**
  * @brief Deallocate data for given action type
  *
- * @param action action to free (cannot be NULL)
+ * @param action action to free
  */
 void hawkbit_action_free(hawkbit_action_t *action);
 

diff --git a/port/esp32/hawkbit/hawkbit_buffer.c b/port/esp32/hawkbit/hawkbit_buffer.c
@@ -43,10 +43,11 @@ hawkbit_buffer_init(hawkbit_buffer_t *hb, size_t size)
 void
 hawkbit_buffer_free(hawkbit_buffer_t *hb)
 {
+  if (hb == NULL) {
+    return;
+  }
 #ifdef OC_DYNAMIC_ALLOCATION
   free(hb->buffer);
-#else  /* !OC_DYNAMIC_ALLOCATION */
-  (void)hb;
 #endif /* OC_DYNAMIC_ALLOCATION */
 }
 

diff --git a/port/esp32/hawkbit/hawkbit_buffer.h b/port/esp32/hawkbit/hawkbit_buffer.h
@@ -49,7 +49,7 @@ typedef struct
 bool hawkbit_buffer_init(hawkbit_buffer_t *hb, size_t size) OC_NONNULL();
 
 /** Deallocate buffer */
-void hawkbit_buffer_free(hawkbit_buffer_t *hb) OC_NONNULL();
+void hawkbit_buffer_free(hawkbit_buffer_t *hb);
 
 /** Get size of the buffer */
 size_t hawkbit_buffer_size(const hawkbit_buffer_t *hb) OC_NONNULL();

diff --git a/port/esp32/hawkbit/hawkbit_certificate.h b/port/esp32/hawkbit/hawkbit_certificate.h
@@ -39,7 +39,6 @@ extern "C" {
  * @return -1 on failure
  * @return >=0 length of the written data (not including the nul-terminator)
  */
-
 long hawkbit_certificate_get_CA(size_t device, hawkbit_buffer_t *hb)
   OC_NONNULL();
 

diff --git a/port/esp32/hawkbit/hawkbit_context.c b/port/esp32/hawkbit/hawkbit_context.c
@@ -457,50 +457,43 @@ hawkbit_get_context(size_t device)
 size_t
 hawkbit_get_device(const hawkbit_context_t *ctx)
 {
-  assert(ctx != NULL);
   return ctx->device;
 }
 
 const char *
 hawkbit_get_package_url(const hawkbit_context_t *ctx)
 {
-  assert(ctx != NULL);
   return oc_string(oc_swupdate_get(ctx->device)->purl);
 }
 
 void
 hawkbit_set_version(hawkbit_context_t *ctx, const char *version, size_t length)
 {
-  assert(ctx != NULL);
   oc_set_string(&ctx->version, version, length);
 }
 
 const char *
 hawkbit_get_version(const hawkbit_context_t *ctx)
 {
-  assert(ctx != NULL);
   return oc_string(ctx->version);
 }
 
 void
 hawkbit_set_polling_interval(hawkbit_context_t *ctx, uint64_t pollingInterval)
 {
-  assert(ctx != NULL);
   assert(pollingInterval > 0);
   ctx->polling.interval = pollingInterval;
 };
 
 hawkbit_on_polling_action_cb_t
 hawkbit_get_polling_action_cb(const hawkbit_context_t *ctx)
 {
-  assert(ctx != NULL);
   return ctx->polling.action;
 }
 
 void
 hawkbit_set_download(hawkbit_context_t *ctx, hawkbit_deployment_t deployment)
 {
-  assert(ctx != NULL);
   if (ctx->download == NULL) {
     ctx->download = hawkbit_download_alloc();
   }
@@ -510,14 +503,12 @@ hawkbit_set_download(hawkbit_context_t *ctx, hawkbit_deployment_t deployment)
 const hawkbit_download_t *
 hawkbit_get_download(const hawkbit_context_t *ctx)
 {
-  assert(ctx != NULL);
   return ctx->download;
 }
 
 void
 hawkbit_clear_download(hawkbit_context_t *ctx)
 {
-  assert(ctx != NULL);
   hawkbit_download_free(ctx->download);
   ctx->download = NULL;
 }
@@ -526,14 +517,12 @@ void
 hawkbit_set_on_download_done_cb(
   hawkbit_context_t *ctx, hawkbit_on_download_done_cb_t on_download_done_cb)
 {
-  assert(ctx != NULL);
   ctx->downloadDoneAction = on_download_done_cb;
 }
 
 hawkbit_on_download_done_cb_t
 hawkbit_get_on_download_done_cb(const hawkbit_context_t *ctx)
 {
-  assert(ctx != NULL);
   return ctx->downloadDoneAction;
 }
 
@@ -543,7 +532,6 @@ hawkbit_set_update(hawkbit_context_t *ctx, oc_string_view_t deployment_id,
                    size_t sha256_size, const uint8_t *partition_sha256,
                    size_t partition_sha256_size)
 {
-  assert(ctx != NULL);
   hawkbit_update_free(&ctx->store.update);
   ctx->store.update =
     hawkbit_update_create(deployment_id, version, sha256, sha256_size,
@@ -553,7 +541,6 @@ hawkbit_set_update(hawkbit_context_t *ctx, oc_string_view_t deployment_id,
 const hawkbit_async_update_t *
 hawkbit_get_update(const hawkbit_context_t *ctx)
 {
-  assert(ctx != NULL);
   if (oc_string(ctx->store.update.version) == NULL) {
     return NULL;
   }
@@ -563,20 +550,17 @@ hawkbit_get_update(const hawkbit_context_t *ctx)
 void
 hawkbit_clear_update(hawkbit_context_t *ctx)
 {
-  assert(ctx != NULL);
   hawkbit_update_free(&ctx->store.update);
 }
 
 void
 hawkbit_set_execute_all_steps(hawkbit_context_t *ctx, bool execute_all_steps)
 {
-  assert(ctx != NULL);
   ctx->execute_all_steps = execute_all_steps;
 }
 
 bool
 hawkbit_execute_all_steps(const hawkbit_context_t *ctx)
 {
-  assert(ctx != NULL);
   return ctx->execute_all_steps;
 }