espressif/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2026-04-27 19:13:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
50,052 Commits 24 Branches 183 Tags
release/v6.0
Commit Graph

54 Commits

Author SHA1 Message Date
Ashish Sharma c8f1fa86a2 feat(esp_http_client): adds support to save response headers 
Closes https://github.com/espressif/esp-idf/issues/17695
 2026-02-03 14:40:08 +08:00
Ashish Sharma 1c74bf57dd fix(esp_http_client): fix incorrect digest calculation for SHA256 auth digest 
According to RFC 7616, nonce-prime and cnonce-prime is used for SHA-256-sess only and not for SHA-256.
This commit updates the check and uses nonce only for "-sess" algorithms.

Regression from 66995965e7
 2026-01-07 10:17:51 +08:00
Mahavir Jain 7da79a653c Merge branch 'feature/mbedtls_psa_migration_v6.0' into 'release/v6.0' 
feat(mbedtls): PSA Migration to release v6.0

See merge request espressif/esp-idf!43323
 2025-12-21 13:52:48 +05:30
Aditya Patwardhan 574a60289d feat(protocomm): Migrate to PSA api interface 2025-12-18 21:18:58 +08:00
Aditya Patwardhan eb5e92063f feat(mbedtls): Update the protocol components with PSA APis 2025-12-18 21:18:58 +08:00
Mahavir Jain ded6d96191 fix(esp_http_client): prevent out-of-bounds read in Digest auth 
Fixed vulnerability where malicious HTTP servers could trigger OOB reads
by sending empty or very short algorithm fields in WWW-Authenticate headers.

Changes:
- Replace unsafe memcmp() with strcasecmp() for algorithm comparison
- Add algorithm NULL validation at function entry point
- Fix duplicate md5-sess check, add missing SHA-256 check
 2025-12-01 18:24:15 +05:30
Aditya Patwardhan 646377c622 Merge branch 'fix/http_client_coverity_warnings' into 'master' 
fix(esp_http_client): address coverity generated warnings

Closes IDF-13867, IDF-13881, and IDF-13886

See merge request espressif/esp-idf!41411
 2025-08-25 17:02:07 +05:30
Mahavir Jain 70cb9d1a5c fix(esp_http_client): address coverity generated warnings 2025-08-22 19:13:24 +05:30
Ashish Sharma 414397c048 fix(esp_http_client): fix possible double memory free 2025-08-05 09:48:22 +08:00
Ashish Sharma 6b02906822 fix(security): improve memory allocation handling in multiple components 2025-07-28 10:05:50 +08:00
Ashish Sharma 801ea1fc4e fix(esp_http_client): fix memory leak in current_header_value buffer 
Fixed memory leak in esp_http_client_cleanup() where current_header_value
buffer was not being freed when ESP_ERR_HTTP_FETCH_HEADER is returned
during header parsing failures.
 2025-07-17 10:32:50 +08:00
nilesh.kale f638090179 fix(esp_http_client): Revert Deprecated Tag on Previously Marked Private API 
This commit removes depcriacted tag marked on priavte APIs'
http_utils_get_string_between() and http_utils_get_string_after().
As these are not publick API, necessary changes been applied on these
APIs' directly withput adding new similar one and marking them as depricated.
 2025-01-16 17:20:27 +05:30
Mahavir Jain dcb43e0eff fix(esp_common): move some DEBUG macros to http client component 
In commit a0bcffcc, some ESP_RETURN and ESP_GOTO debug macros were
introduced. But this caused a regression with CONFIG_COMPILER_OPTIMIZATION_CHECKS_SILENT
case. Its better to move this macros to HTTP client component itself, as
the debug log is still desired for the specific use-case.
 2025-01-16 10:27:54 +05:30
nilesh.kale a0bcffcce9 fix(esp_http_client): updated defination for macro mem_check 
This commit replace macro MEM_CHECK with return on failure and
updated usage of reespctive APIs' in IDF.
This also update th prototype of API esp_http_client_add_auth().

Closes https://github.com/espressif/esp-idf/issues/14463
 2024-12-10 15:41:36 +05:30
Harshit Malpani bc901c0a3a fix(esp_http_client): Fix http digest auth without qop 
Closes https://github.com/espressif/esp-idf/issues/12962
 2024-01-23 12:22:35 +05:30
Harshit Malpani 803ad150cf feat(esp_http_client): SHA256 support in digest auth 
Added support for using SHA256 algorithm while calculating
digest auth in HTTP client connection

Closes https://github.com/espressif/esp-idf/issues/12383
 2023-12-15 11:32:57 +05:30
KonstantinKondrashov e72061695e all: Removes unnecessary newline character in logs 
Closes https://github.com/espressif/esp-idf/issues/11465
 2023-06-09 03:31:21 +08:00
Harshit Malpani 3152fba654 esp_http_client: fix coverity issue. free auth_str before going out of scope 2023-01-11 16:57:04 +05:30
Harshit Malpani 68ded2c350 esp_http_client: fix -Werror-format compile errors for linux target 2023-01-04 11:17:28 +05:30
Harshit Malpani 1c77e13d35 esp_http_client: Update to support build for linux 2023-01-04 11:17:28 +05:30
Mahavir Jain a7b42be1bd esp_http_client: fix few coverity warnings 2022-10-10 15:22:23 +05:30
David Cermak 5c383d7b73 esp_netif/lwip: Fix deps cycles to "lwip -> esp_netif -> phy-drivers" 
Fix dependency tree so that lwip doesn't depend on any specific network
interface component.
Network interface drivers shall depend on esp_netif.
esp_netif shall depend on lwip (but not on any specific interface
driver) -- it optionally depends on vfs and esp_eth (need ethernet
header for L2/bridge mode)
 2022-07-20 14:59:07 +02:00
morris ef00bd59dc esp_rom: extract int matrix route and cpu ticks getter 2022-02-09 13:52:20 +08:00
Cao Sen Miao 599227a1b6 ESP8684: Add esp8684 target to other repo for passing build 2021-11-06 17:33:45 +08:00
Harshit Malpani 2085e4eb92 esp_http_client: apply generic error check macros 2021-10-20 14:40:32 +05:30
Alex Henrie 5242e048d4 Fix memory leak on error path in http_header_set_format 2021-07-23 17:48:45 +05:30
Alex Henrie b07ad7a08d Fix memory leak on error path in md5_printf 2021-07-23 17:48:45 +05:30
Jan Brudny 967e057906 esp-tls, esp_http_client and esp_http_server: update copyright notice 2021-05-31 20:06:09 +08:00
Jörg Henne 19024671ea esp_http_client: Make http_utils_get_string_between and http_utils_str_starts_with case insensitive 
Closes: https://github.com/espressif/esp-idf/pull/6841
Closes: https://github.com/espressif/esp-idf/issues/6840

Signed-off-by: Shubham Kulkarni <shubham.kulkarni@espressif.com>
 2021-04-09 06:03:02 +00:00
yuanjm e309a0ea6f esp_http_client: Optimize code structure 2021-02-23 14:09:40 +08:00
Clickau 308c31e2f1 esp_http_client: fix truncated headers 
Signed-off-by: yuanjm <yuanjianmin@espressif.com>

Merges https://github.com/espressif/esp-idf/pull/6370
 2021-02-23 09:59:23 +08:00
aditi_lonkar 89bf9404a5 esp_http_client: Fix some memory leak issues by coverity static analyzer. 2021-01-25 03:37:47 +00:00
morris 753a929525 global: fix sign-compare warnings 2021-01-12 14:05:08 +08:00
Shubham Kulkarni aceb38c326 http_auth.c: Fix crash when opaque field is not present in challenge string 
Closes: https://github.com/espressif/esp-idf/issues/5888
 2020-11-19 14:43:14 +05:30
Aditya Patwardhan fa42beac97 esp32/esp-tls: remove dependancy of esp_https_client and tcp_transport on mbedtls 2020-10-23 05:16:06 +00:00
Shubham Kulkarni bb8981903e esp_http_client: Fix issue when response headers have empty value 
Closes: https://github.com/espressif/esp-idf/issues/5553
 2020-09-11 11:48:36 +05:30
Chen Yi Qun caaf62bdad driver, http_client, web_socket, tcp_transport: remove __FILE__ from log messages 
__FILE__ macro in the error messages adds full paths to the production binarys, remove __FILE__ from the ESP_LOGE.

Closes https://github.com/espressif/esp-idf/issues/5637
Merges https://github.com/espressif/esp-idf/pull/5638
 2020-08-03 15:21:36 +08:00
morris ab0537c079 esp_rom: extract common MD5 hash apis into esp_rom_md5.h 2020-07-21 17:01:28 +08:00
Shubham Kulkarni 471b40b0f0 http_header.c: Add error print in http_header_generate_string if buffer size is less than required size 
Closes: https://github.com/espressif/esp-idf/issues/5028
 2020-04-06 13:22:08 +05:30
David Cermak b834c99148 examples: modify other examples and tests to use esp_netif instead of tcpip_adapter 2019-11-13 12:36:25 +01:00
David Cermak 1d904fdd81 http_client: added comments to http header generation function 2019-11-05 09:53:29 +01:00
David Cermak 9c0844da3f http_client: possible buffer overflow fixed when determining last header item to be written 
closes IDF-694
 2019-11-05 09:44:06 +01:00
Anton Maklakov afbaf74007 tools: Mass fixing of empty prototypes (for -Wstrict-prototypes) 2019-08-01 16:28:56 +07:00
David Cermak 587739391c esp-tls: extending error handle to contain error descriptors with last mbedtls failure and latest certificate verification result flags, reworked tcp_transport to use this error handle 2019-07-04 20:55:10 +02:00
morris c159984264 separate rom from esp32 component to esp_rom 
1. separate rom include files and linkscript to esp_rom
2. modefiy "include rom/xxx.h" to "include esp32/rom/xxx.h"
3. Forward compatible
4. update mqtt
 2019-03-21 18:51:45 +08:00
David Cermak e02225cc07 tcp_transport: renamed possibly generic function names to be esp_ prefixed and not to colide with user namespace 2018-10-02 14:16:48 +02:00
David Cermak 40c6cbb3ab tcp_transport: renamed transport related header files to esp_ prefixed to avoid collisions 
tcp_transport component used public header files such as 'transport.h', etc. which are too generic and might collide with user or user libraries headers
This change closes #2417
 2018-10-02 14:15:00 +02:00
David Cermak 23345d2021 MQTT: Integrate esp-mqtt library into idf 
added docs and tests for mqtt library, small fixes (removed warnings, option for custom outbox, websocket bug fixed for longer transports). refactored to use common tcp_transport component, support for CMake build system.
Closes #2108
 2018-09-12 08:00:59 +02:00
Jitin George 4d6dcb71ce esp_http_client: Add esp-tls APIs in SSL transport of esp_http_client 
esp-tls APIs and SSL transport layer of esp_http_client try to
achieve similar things, so this is an effort to remove code redundancy.
 2018-08-21 09:07:07 +00:00
Tuan PM 9aec055ac2 esp_http_client: Fixed exception on 401 without Www-Authenticate header 
Closes https://github.com/espressif/esp-idf/issues/2246
 2018-08-05 06:24:53 +00:00