Store certs in certs/. Add mg_unpacked()

This commit is contained in:
cpq 2023-08-19 10:25:09 +01:00
parent 1e0d57a832
commit b32d1c15f0
11 changed files with 2512 additions and 2090 deletions

View File

@ -2,11 +2,11 @@ PROG ?= ./example # Program we are building
PACK ?= ./pack # Packing executable
DELETE = rm -rf # Command to remove files
OUT ?= -o $(PROG) # Compiler argument for output file
SOURCES = main.c mongoose.c net.c # Source code files
CFLAGS = -W -Wall -Wextra -g -I. # Build options
SOURCES = main.c mongoose.c net.c packed_fs.c # Source code files
CFLAGS = -W -Wall -Wextra -g -I. # Build options
# Mongoose build options. See https://mongoose.ws/documentation/#build-options
CFLAGS_MONGOOSE +=
CFLAGS_MONGOOSE += -DMG_ENABLE_PACKED_FS=1
ifeq ($(OS),Windows_NT) # Windows settings. Assume MinGW compiler. To use VC: make CC=cl CFLAGS=/MD OUT=/Feprog.exe
PROG = example.exe # Use .exe suffix for the binary
@ -33,9 +33,9 @@ web_root/main.css: web_root/index.html $(wildcard web_root/*.js)
npx tailwindcss -o $@ --minify
# Generate packed filesystem for serving Web UI
packed_fs.c: $(wildcard web_root/*) Makefile web_root/main.css web_root/bundle.js
packed_fs.c: $(wildcard web_root/*) $(wildcard certs/*) Makefile web_root/main.css web_root/bundle.js
$(CC) ../../test/pack.c -o $(PACK)
$(PACK) $(wildcard web_root/*) > $@
$(PACK) $(wildcard web_root/*) $(wildcard certs/*) > $@
mbedtls:
git clone --depth 1 -b v2.28.2 https://github.com/mbed-tls/mbedtls $@

View File

@ -1 +0,0 @@
../../test/data/ca.pem

View File

@ -0,0 +1,8 @@
-----BEGIN CERTIFICATE-----
MIIBCTCBsAIJAK9wbIDkHnAoMAoGCCqGSM49BAMCMA0xCzAJBgNVBAYTAklFMB4X
DTIzMDEyOTIxMjEzOFoXDTMzMDEyNjIxMjEzOFowDTELMAkGA1UEBhMCSUUwWTAT
BgcqhkjOPQIBBggqhkjOPQMBBwNCAARzSQS5OHd17lUeNI+6kp9WYu0cxuEIi/JT
jphbCmdJD1cUvhmzM9/phvJT9ka10Z9toZhgnBq0o0xfTQ4jC1vwMAoGCCqGSM49
BAMCA0gAMEUCIQCe0T2E0GOiVe9KwvIEPeX1J1J0T7TNacgR0Ya33HV9VgIgNvdn
aEWiBp1xshs4iz6WbpxrS1IHucrqkZuJLfNZGZI=
-----END CERTIFICATE-----

View File

@ -0,0 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEICBz3HOkQLPBDtdknqC7k1PNsWj6HfhyNB5MenfjmqiooAoGCCqGSM49
AwEHoUQDQgAEc0kEuTh3de5VHjSPupKfVmLtHMbhCIvyU46YWwpnSQ9XFL4ZszPf
6YbyU/ZGtdGfbaGYYJwatKNMX00OIwtb8A==
-----END EC PRIVATE KEY-----

View File

@ -28,26 +28,6 @@ static const char *s_json_header =
"Cache-Control: no-cache\r\n";
static uint64_t s_boot_timestamp = 0; // Updated by SNTP
// Certificate generation procedure:
// openssl ecparam -name prime256v1 -genkey -noout -out key.pem
// openssl req -new -key key.pem -x509 -nodes -days 3650 -out cert.pem
static const char *s_tls_cert =
"-----BEGIN CERTIFICATE-----\n"
"MIIBCTCBsAIJAK9wbIDkHnAoMAoGCCqGSM49BAMCMA0xCzAJBgNVBAYTAklFMB4X\n"
"DTIzMDEyOTIxMjEzOFoXDTMzMDEyNjIxMjEzOFowDTELMAkGA1UEBhMCSUUwWTAT\n"
"BgcqhkjOPQIBBggqhkjOPQMBBwNCAARzSQS5OHd17lUeNI+6kp9WYu0cxuEIi/JT\n"
"jphbCmdJD1cUvhmzM9/phvJT9ka10Z9toZhgnBq0o0xfTQ4jC1vwMAoGCCqGSM49\n"
"BAMCA0gAMEUCIQCe0T2E0GOiVe9KwvIEPeX1J1J0T7TNacgR0Ya33HV9VgIgNvdn\n"
"aEWiBp1xshs4iz6WbpxrS1IHucrqkZuJLfNZGZI=\n"
"-----END CERTIFICATE-----\n";
static const char *s_tls_key =
"-----BEGIN EC PRIVATE KEY-----\n"
"MHcCAQEEICBz3HOkQLPBDtdknqC7k1PNsWj6HfhyNB5MenfjmqiooAoGCCqGSM49\n"
"AwEHoUQDQgAEc0kEuTh3de5VHjSPupKfVmLtHMbhCIvyU46YWwpnSQ9XFL4ZszPf\n"
"6YbyU/ZGtdGfbaGYYJwatKNMX00OIwtb8A==\n"
"-----END EC PRIVATE KEY-----\n";
// This is for newlib and TLS (mbedTLS)
uint64_t mg_now(void) {
return mg_millis() + s_boot_timestamp;
@ -243,11 +223,11 @@ static void fn(struct mg_connection *c, int ev, void *ev_data, void *fn_data) {
} else {
struct mg_http_serve_opts opts;
memset(&opts, 0, sizeof(opts));
#if MG_ENABLE_PACKED_FS
opts.root_dir = "/web_root";
opts.fs = &mg_fs_packed;
#if MG_ARCH == MG_ARCH_UNIX || MG_ARCH == MG_ARCH_WIN32
opts.root_dir = "web_root"; // On workstations, use filesystem
#else
opts.root_dir = "web_root";
opts.root_dir = "/web_root"; // On embedded, use packed files
opts.fs = &mg_fs_packed;
#endif
mg_http_serve_dir(c, ev_data, &opts);
}
@ -260,8 +240,8 @@ static void fn(struct mg_connection *c, int ev, void *ev_data, void *fn_data) {
void web_init(struct mg_mgr *mgr) {
struct mg_tls_opts opts = {0};
opts.server_cert = mg_str(s_tls_cert);
opts.server_key = mg_str(s_tls_key);
opts.server_cert = mg_unpacked("/certs/server_cert.pem");
opts.server_key = mg_unpacked("/certs/server_key.pem");
mg_tls_ctx_init(mgr, &opts);
s_settings.device_name = strdup("My Device");

File diff suppressed because it is too large Load Diff

View File

@ -855,13 +855,11 @@ struct packed_file {
size_t pos;
};
const char *mg_unpack(const char *path, size_t *size, time_t *mtime);
const char *mg_unlist(size_t no);
#if MG_ENABLE_PACKED_FS
#else
const char *mg_unpack(const char *path, size_t *size, time_t *mtime) {
(void) path, (void) size, (void) mtime;
*size = 0, *mtime = 0;
(void) path;
return NULL;
}
const char *mg_unlist(size_t no) {
@ -870,6 +868,12 @@ const char *mg_unlist(size_t no) {
}
#endif
struct mg_str mg_unpacked(const char *path) {
size_t len = 0;
const char *buf = mg_unpack(path, &len, NULL);
return mg_str_n(buf, len);
}
static int is_dir_prefix(const char *prefix, size_t n, const char *path) {
// MG_INFO(("[%.*s] [%s] %c", (int) n, prefix, path, path[n]));
return n < strlen(path) && strncmp(prefix, path, n) == 0 &&
@ -1533,7 +1537,7 @@ int mg_http_parse(const char *s, size_t len, struct mg_http_message *hm) {
hm->body.len = 0;
hm->message.len = (size_t) req_len;
}
if (hm->message.len < (size_t) req_len) return -1; // Overflow protection
if (hm->message.len < (size_t) req_len) return -1; // Overflow protection
return req_len;
}

View File

@ -999,6 +999,11 @@ char *mg_file_read(struct mg_fs *fs, const char *path, size_t *size);
bool mg_file_write(struct mg_fs *fs, const char *path, const void *, size_t);
bool mg_file_printf(struct mg_fs *fs, const char *path, const char *fmt, ...);
// Packed API
const char *mg_unpack(const char *path, size_t *size, time_t *mtime);
const char *mg_unlist(size_t no); // Get no'th packed filename
struct mg_str mg_unpacked(const char *path); // Packed file as mg_str

View File

@ -40,3 +40,8 @@ void mg_fs_close(struct mg_fd *fd);
char *mg_file_read(struct mg_fs *fs, const char *path, size_t *size);
bool mg_file_write(struct mg_fs *fs, const char *path, const void *, size_t);
bool mg_file_printf(struct mg_fs *fs, const char *path, const char *fmt, ...);
// Packed API
const char *mg_unpack(const char *path, size_t *size, time_t *mtime);
const char *mg_unlist(size_t no); // Get no'th packed filename
struct mg_str mg_unpacked(const char *path); // Packed file as mg_str

View File

@ -8,13 +8,11 @@ struct packed_file {
size_t pos;
};
const char *mg_unpack(const char *path, size_t *size, time_t *mtime);
const char *mg_unlist(size_t no);
#if MG_ENABLE_PACKED_FS
#else
const char *mg_unpack(const char *path, size_t *size, time_t *mtime) {
(void) path, (void) size, (void) mtime;
*size = 0, *mtime = 0;
(void) path;
return NULL;
}
const char *mg_unlist(size_t no) {
@ -23,6 +21,12 @@ const char *mg_unlist(size_t no) {
}
#endif
struct mg_str mg_unpacked(const char *path) {
size_t len = 0;
const char *buf = mg_unpack(path, &len, NULL);
return mg_str_n(buf, len);
}
static int is_dir_prefix(const char *prefix, size_t n, const char *path) {
// MG_INFO(("[%.*s] [%s] %c", (int) n, prefix, path, path[n]));
return n < strlen(path) && strncmp(prefix, path, n) == 0 &&

View File

@ -29,11 +29,9 @@ static const char *code =
" while (*a && (*a == *b)) a++, b++;\n"
" return *(const unsigned char *) a - *(const unsigned char *) b;\n"
"}\n"
"const char *mg_unlist(size_t no);\n"
"const char *mg_unlist(size_t no) {\n"
" return packed_files[no].name;\n"
"}\n"
"const char *mg_unpack(const char *path, size_t *size, time_t *mtime);\n"
"const char *mg_unpack(const char *name, size_t *size, time_t *mtime) {\n"
" const struct packed_file *p;\n"
" for (p = packed_files; p->name != NULL; p++) {\n"
@ -53,6 +51,10 @@ int main(int argc, char *argv[]) {
printf("%s", "#include <string.h>\n");
printf("%s", "#include <time.h>\n");
printf("%s", "\n");
printf("%s", "#if defined(__cplusplus)\nextern \"C\" {\n#endif\n");
printf("%s", "const char *mg_unlist(size_t no);\n");
printf("%s", "const char *mg_unpack(const char *, size_t *, time_t *);\n");
printf("%s", "#if defined(__cplusplus)\n}\n#endif\n\n");
for (i = 1; i < argc; i++) {
if (strcmp(argv[i], "-s") == 0) {