From 81003a13b545a55da0719941472e160610b8eaa4 Mon Sep 17 00:00:00 2001 From: Emil Muratov Date: Wed, 19 Jun 2024 00:36:41 +0900 Subject: [PATCH 1/3] HTTPClient lib - add HTTPCLIENT_NOSECURE build flag `HTTPCLIENT_NOSECURE` build flag disables TLS support in HTTPClient library by excluding `NetworkClientSecure.h` header. This allows linker to strip down mbedTLS lind and certificates bundle, which in turn reduces firmware image for about ~80kib. --- libraries/HTTPClient/src/HTTPClient.cpp | 27 ++++++++++++++++++------- libraries/HTTPClient/src/HTTPClient.h | 11 +++++++++- 2 files changed, 30 insertions(+), 8 deletions(-) diff --git a/libraries/HTTPClient/src/HTTPClient.cpp b/libraries/HTTPClient/src/HTTPClient.cpp index 64dfe3a7db0..ac2a55df05b 100644 --- a/libraries/HTTPClient/src/HTTPClient.cpp +++ b/libraries/HTTPClient/src/HTTPClient.cpp @@ -28,15 +28,8 @@ #include #include - -#ifdef HTTPCLIENT_1_1_COMPATIBLE -#include -#include -#endif - #include #include - #include "HTTPClient.h" /// Cookie jar support @@ -56,6 +49,7 @@ class TransportTraits { } }; +#ifndef HTTPCLIENT_NOSECURE class TLSTraits : public TransportTraits { public: TLSTraits(const char *CAcert, const char *clicert = nullptr, const char *clikey = nullptr) : _cacert(CAcert), _clicert(clicert), _clikey(clikey) {} @@ -81,6 +75,7 @@ class TLSTraits : public TransportTraits { const char *_clicert; const char *_clikey; }; +#endif // HTTPCLIENT_NOSECURE #endif // HTTPCLIENT_1_1_COMPATIBLE /** @@ -145,7 +140,12 @@ bool HTTPClient::begin(NetworkClient &client, String url) { _port = (protocol == "https" ? 443 : 80); _secure = (protocol == "https"); + +#ifdef HTTPCLIENT_NOSECURE + return _secure ? false : beginInternal(url, protocol.c_str()); +#else return beginInternal(url, protocol.c_str()); +#endif // HTTPCLIENT_NOSECURE } /** @@ -174,10 +174,16 @@ bool HTTPClient::begin(NetworkClient &client, String host, uint16_t port, String _uri = uri; _protocol = (https ? "https" : "http"); _secure = https; + +#ifdef HTTPCLIENT_NOSECURE + return _secure ? false : true; +#else return true; +#endif // HTTPCLIENT_NOSECURE } #ifdef HTTPCLIENT_1_1_COMPATIBLE +#ifndef HTTPCLIENT_NOSECURE bool HTTPClient::begin(String url, const char *CAcert) { if (_client && !_tcpDeprecated) { log_d("mix up of new and deprecated api"); @@ -199,6 +205,7 @@ bool HTTPClient::begin(String url, const char *CAcert) { return true; } +#endif // HTTPCLIENT_NOSECURE /** * parsing the url for all needed parameters @@ -214,7 +221,11 @@ bool HTTPClient::begin(String url) { clear(); _port = 80; if (!beginInternal(url, "http")) { +#ifdef HTTPCLIENT_NOSECURE + return false; +#else return begin(url, (const char *)NULL); +#endif // HTTPCLIENT_NOSECURE } _transportTraits = TransportTraitsPtr(new TransportTraits()); if (!_transportTraits) { @@ -299,6 +310,7 @@ bool HTTPClient::begin(String host, uint16_t port, String uri) { return true; } +#ifndef HTTPCLIENT_NOSECURE bool HTTPClient::begin(String host, uint16_t port, String uri, const char *CAcert) { if (_client && !_tcpDeprecated) { log_d("mix up of new and deprecated api"); @@ -338,6 +350,7 @@ bool HTTPClient::begin(String host, uint16_t port, String uri, const char *CAcer _transportTraits = TransportTraitsPtr(new TLSTraits(CAcert, cli_cert, cli_key)); return true; } +#endif // HTTPCLIENT_NOSECURE #endif // HTTPCLIENT_1_1_COMPATIBLE /** diff --git a/libraries/HTTPClient/src/HTTPClient.h b/libraries/HTTPClient/src/HTTPClient.h index edc050ab0dd..e523a9dd3c1 100644 --- a/libraries/HTTPClient/src/HTTPClient.h +++ b/libraries/HTTPClient/src/HTTPClient.h @@ -34,7 +34,9 @@ #include #include #include +#ifndef HTTPCLIENT_NOSECURE #include +#endif // HTTPCLIENT_NOSECURE /// Cookie jar support #include @@ -182,10 +184,17 @@ class HTTPClient { #ifdef HTTPCLIENT_1_1_COMPATIBLE bool begin(String url); - bool begin(String url, const char *CAcert); bool begin(String host, uint16_t port, String uri = "/"); +#ifndef HTTPCLIENT_NOSECURE + bool begin(String url, const char *CAcert); bool begin(String host, uint16_t port, String uri, const char *CAcert); bool begin(String host, uint16_t port, String uri, const char *CAcert, const char *cli_cert, const char *cli_key); +#else + bool begin(String url, const char *CAcert){ return false; }; + bool begin(String host, uint16_t port, String uri, const char *CAcert){ return false; }; + bool begin(String host, uint16_t port, String uri, const char *CAcert, const char *cli_cert, const char *cli_key){ return false; }; +#endif // HTTPCLIENT_NOSECURE + #endif void end(void); From 04cadbd22eee2b797cde3502e47400da08bd735c Mon Sep 17 00:00:00 2001 From: Me No Dev Date: Thu, 20 Jun 2024 13:44:37 +0300 Subject: [PATCH 2/3] Update HTTPClient.cpp --- libraries/HTTPClient/src/HTTPClient.cpp | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/libraries/HTTPClient/src/HTTPClient.cpp b/libraries/HTTPClient/src/HTTPClient.cpp index ac2a55df05b..d6b62888ece 100644 --- a/libraries/HTTPClient/src/HTTPClient.cpp +++ b/libraries/HTTPClient/src/HTTPClient.cpp @@ -142,10 +142,9 @@ bool HTTPClient::begin(NetworkClient &client, String url) { _secure = (protocol == "https"); #ifdef HTTPCLIENT_NOSECURE - return _secure ? false : beginInternal(url, protocol.c_str()); -#else - return beginInternal(url, protocol.c_str()); + if (_secure) return false; #endif // HTTPCLIENT_NOSECURE + return beginInternal(url, protocol.c_str()); } /** From 8532b18814fa4c31c94fab0bc087db2085f0448a Mon Sep 17 00:00:00 2001 From: "pre-commit-ci-lite[bot]" <117423508+pre-commit-ci-lite[bot]@users.noreply.github.com> Date: Thu, 20 Jun 2024 10:45:54 +0000 Subject: [PATCH 3/3] ci(pre-commit): Apply automatic fixes --- libraries/HTTPClient/src/HTTPClient.cpp | 4 +++- libraries/HTTPClient/src/HTTPClient.h | 12 +++++++++--- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/libraries/HTTPClient/src/HTTPClient.cpp b/libraries/HTTPClient/src/HTTPClient.cpp index d6b62888ece..3dc3b7156ca 100644 --- a/libraries/HTTPClient/src/HTTPClient.cpp +++ b/libraries/HTTPClient/src/HTTPClient.cpp @@ -142,7 +142,9 @@ bool HTTPClient::begin(NetworkClient &client, String url) { _secure = (protocol == "https"); #ifdef HTTPCLIENT_NOSECURE - if (_secure) return false; + if (_secure) { + return false; + } #endif // HTTPCLIENT_NOSECURE return beginInternal(url, protocol.c_str()); } diff --git a/libraries/HTTPClient/src/HTTPClient.h b/libraries/HTTPClient/src/HTTPClient.h index e523a9dd3c1..80f6da28599 100644 --- a/libraries/HTTPClient/src/HTTPClient.h +++ b/libraries/HTTPClient/src/HTTPClient.h @@ -190,9 +190,15 @@ class HTTPClient { bool begin(String host, uint16_t port, String uri, const char *CAcert); bool begin(String host, uint16_t port, String uri, const char *CAcert, const char *cli_cert, const char *cli_key); #else - bool begin(String url, const char *CAcert){ return false; }; - bool begin(String host, uint16_t port, String uri, const char *CAcert){ return false; }; - bool begin(String host, uint16_t port, String uri, const char *CAcert, const char *cli_cert, const char *cli_key){ return false; }; + bool begin(String url, const char *CAcert) { + return false; + }; + bool begin(String host, uint16_t port, String uri, const char *CAcert) { + return false; + }; + bool begin(String host, uint16_t port, String uri, const char *CAcert, const char *cli_cert, const char *cli_key) { + return false; + }; #endif // HTTPCLIENT_NOSECURE #endif