diff --git a/examples/esp32/WebSocketClientSSLBundle/WebSocketClientSSLBundle.ino b/examples/esp32/WebSocketClientSSLBundle/WebSocketClientSSLBundle.ino index b9385a7..f64cc58 100644 --- a/examples/esp32/WebSocketClientSSLBundle/WebSocketClientSSLBundle.ino +++ b/examples/esp32/WebSocketClientSSLBundle/WebSocketClientSSLBundle.ino @@ -112,7 +112,13 @@ void setup() { // server address, port and URL. This server can be flakey. // Expected response: Request served by 0123456789abcdef // webSocket.beginSslWithBundle("echo.websocket.org", 443, "/", rootca_crt_bundle_start, ""); + // ESP32 3.0.4 or higher needs the size of the bundle + // webSocket.beginSslWithBundle("echo.websocket.org", 443, "/", rootca_crt_bundle_start, sizeof(rootca_crt_bundle_start), ""); +#if ESP_ARDUINO_VERSION >= ESP_ARDUINO_VERSION_VAL(3, 0, 4) + webSocket.beginSslWithBundle("echo.websocket.org", 443, "/", NULL, 0, ""); +#else webSocket.beginSslWithBundle("echo.websocket.org", 443, "/", NULL, ""); +#endif // event handler webSocket.onEvent(webSocketEvent); diff --git a/src/WebSocketsClient.cpp b/src/WebSocketsClient.cpp index 8578f4b..78512e3 100644 --- a/src/WebSocketsClient.cpp +++ b/src/WebSocketsClient.cpp @@ -50,6 +50,9 @@ void WebSocketsClient::begin(const char * host, uint16_t port, const char * url, _CA_cert = NULL; #ifdef ESP32 _CA_bundle = NULL; +#if ESP_ARDUINO_VERSION >= ESP_ARDUINO_VERSION_VAL(3, 0, 4) + _CA_bundle_size = 0; +#endif #endif #endif @@ -124,6 +127,17 @@ void WebSocketsClient::beginSslWithCA(const char * host, uint16_t port, const ch _CA_cert = CA_cert; _CA_bundle = NULL; } + +#if defined(ESP32) && ESP_ARDUINO_VERSION >= ESP_ARDUINO_VERSION_VAL(3, 0, 4) +void WebSocketsClient::beginSslWithBundle(const char * host, uint16_t port, const char * url, const uint8_t * CA_bundle, size_t CA_bundle_size, const char * protocol) { + begin(host, port, url, protocol); + _client.isSSL = true; + _fingerprint = SSL_FINGERPRINT_NULL; + _CA_cert = NULL; + _CA_bundle = CA_bundle; + _CA_bundle_size = CA_bundle_size; +} +#else void WebSocketsClient::beginSslWithBundle(const char * host, uint16_t port, const char * url, const uint8_t * CA_bundle, const char * protocol) { begin(host, port, url, protocol); _client.isSSL = true; @@ -131,6 +145,7 @@ void WebSocketsClient::beginSslWithBundle(const char * host, uint16_t port, cons _CA_cert = NULL; _CA_bundle = CA_bundle; } +#endif #else void WebSocketsClient::beginSSL(const char * host, uint16_t port, const char * url, const uint8_t * fingerprint, const char * protocol) { @@ -247,9 +262,11 @@ void WebSocketsClient::loop(void) { #if defined(ESP32) } else if(_CA_bundle) { DEBUG_WEBSOCKETS("[WS-Client] setting CA bundle"); +#if ESP_ARDUINO_VERSION >= ESP_ARDUINO_VERSION_VAL(3, 0, 4) + _client.ssl->setCACertBundle(_CA_bundle, _CA_bundle_size); +#else _client.ssl->setCACertBundle(_CA_bundle); #endif -#if defined(ESP32) } else if(!SSL_FINGERPRINT_IS_SET) { _client.ssl->setInsecure(); #elif defined(SSL_BARESSL) diff --git a/src/WebSocketsClient.h b/src/WebSocketsClient.h index 081e37e..c2a6b92 100644 --- a/src/WebSocketsClient.h +++ b/src/WebSocketsClient.h @@ -54,8 +54,12 @@ class WebSocketsClient : protected WebSockets { #endif void beginSslWithCA(const char * host, uint16_t port, const char * url = "/", const char * CA_cert = NULL, const char * protocol = "arduino"); #ifdef ESP32 +#if ESP_ARDUINO_VERSION >= ESP_ARDUINO_VERSION_VAL(3, 0, 4) + void beginSslWithBundle(const char * host, uint16_t port, const char * url = "/", const uint8_t * CA_bundle = NULL, size_t CA_bundle_size = 0, const char * protocol = "arduino"); +#else void beginSslWithBundle(const char * host, uint16_t port, const char * url = "/", const uint8_t * CA_bundle = NULL, const char * protocol = "arduino"); #endif +#endif #endif void beginSocketIO(const char * host, uint16_t port, const char * url = "/socket.io/?EIO=3", const char * protocol = "arduino"); @@ -116,6 +120,11 @@ class WebSocketsClient : protected WebSockets { String _fingerprint; const char * _CA_cert; const uint8_t * _CA_bundle; +#if defined(ESP32) +#if ESP_ARDUINO_VERSION >= ESP_ARDUINO_VERSION_VAL(3, 0, 4) + size_t _CA_bundle_size; +#endif +#endif #define SSL_FINGERPRINT_IS_SET (_fingerprint.length()) #define SSL_FINGERPRINT_NULL "" #else