feature/openssl: fixup the file and code style

examples/09_openssl_client/README.md

@@ -6,8 +6,8 @@ First you should config the project by "make menuconfig":
   Example Configuration ->
     1. Target Domain : the domain that you want to connect to, and default is "www.baidu.com".
     2. Target port number : the port number of the target domain, and default is 443.
-    3. WiFi SSID : you own wifi, which is connected to the Internet, and default is "myssid".
-    4. WiFi Password : wifi password, and default is "mypassword"
+    3. WIFI SSID : your own WIFI, which is connected to the Internet, and default is "myssid".
+    4. WIFI Password : WIFI password, and default is "mypassword"
 
 If you want to test the OpenSSL client demo:
   1. compile the code and load the firmware

examples/09_openssl_client/main/openssl_client.c

@@ -1,234 +1,230 @@
-// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#include "openssl_client.h"
-
-#include <string.h>
-
-#include "openssl/ssl.h"
-
-#include "freertos/FreeRTOS.h"
-#include "freertos/task.h"
-#include "freertos/event_groups.h"
-
-#include "esp_types.h"
-#include "esp_log.h"
-#include "esp_system.h"
-#include "esp_wifi.h"
-#include "esp_event_loop.h"
-#include "esp_log.h"
-
-#include "nvs_flash.h"
-#include "tcpip_adapter.h"
-
-#include "lwip/sockets.h"
-#include "lwip/netdb.h"
-
-static EventGroupHandle_t wifi_event_group;
-
-/* The event group allows multiple bits for each event,
-   but we only care about one event - are we connected
-   to the AP with an IP? */
-const static int CONNECTED_BIT = BIT0;
-
-const static char *TAG = "Openssl_demo";
-
-void openssl_demo_thread(void *p)
-{
-    int ret;
-    SSL_CTX *ctx;
-    SSL *ssl;
-    int socket;
-    struct sockaddr_in sock_addr;
-    struct hostent *hp;
-    struct ip4_addr *ip4_addr;
-    
-    int recv_bytes = 0;
-    char recv_buf[OPENSSL_DEMO_RECV_BUF_LEN];
-    
-    const char send_data[] = OPENSSL_DEMO_REQUEST;
-    const int send_bytes = sizeof(send_data);
-
-    ESP_LOGI(TAG, "OpenSSL demo thread start OK");
-
-    ESP_LOGI(TAG, "get target IP address");
-    hp = gethostbyname(OPENSSL_DEMO_TARGET_NAME);
-    if (!hp) {
-        ESP_LOGI(TAG, "failed");
-        goto failed1;
-    }
-    ESP_LOGI(TAG, "OK");
-
-    ip4_addr = (struct ip4_addr *)hp->h_addr;
-    ESP_LOGI(TAG, IPSTR, IP2STR(ip4_addr));
-
-    ESP_LOGI(TAG, "create SSL context ......");
-    ctx = SSL_CTX_new(TLSv1_1_client_method());
-    if (!ctx) {
-        ESP_LOGI(TAG, "failed");
-        goto failed1;
-    }
-    ESP_LOGI(TAG, "OK");
-
-    ESP_LOGI(TAG, "create socket ......");
-    socket = socket(AF_INET, SOCK_STREAM, 0);
-    if (socket < 0) {
-        ESP_LOGI(TAG, "failed");
-        goto failed2;
-    }
-    ESP_LOGI(TAG, "OK");
-
-    ESP_LOGI(TAG, "bind socket ......");
-    memset(&sock_addr, 0, sizeof(sock_addr));
-    sock_addr.sin_family = AF_INET;
-    sock_addr.sin_addr.s_addr = 0;
-    sock_addr.sin_port = htons(OPENSSL_DEMO_LOCAL_TCP_PORT);
-    ret = bind(socket, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
-    if (ret) {
-        ESP_LOGI(TAG, "failed");
-        goto failed3;
-    }
-    ESP_LOGI(TAG, "OK");
-
-    ESP_LOGI(TAG, "socket connect to remote %s ......", OPENSSL_DEMO_TARGET_NAME);
-    memset(&sock_addr, 0, sizeof(sock_addr));
-    sock_addr.sin_family = AF_INET;
-    sock_addr.sin_addr.s_addr = ip4_addr->addr;
-    sock_addr.sin_port = htons(OPENSSL_DEMO_TARGET_TCP_PORT);
-    ret = connect(socket, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
-    if (ret) {
-        ESP_LOGI(TAG, "failed");
-        goto failed3;
-    }
-    ESP_LOGI(TAG, "OK");
-
-    ESP_LOGI(TAG, "create SSL ......");
-    ssl = SSL_new(ctx);
-    if (!ssl) {
-        ESP_LOGI(TAG, "failed");
-        goto failed3;
-    }
-    ESP_LOGI(TAG, "OK");
-
-    SSL_set_fd(ssl, socket);
-
-    ESP_LOGI(TAG, "SSL connected to %s port %d ......",
-        OPENSSL_DEMO_TARGET_NAME, OPENSSL_DEMO_TARGET_TCP_PORT);
-    ret = SSL_connect(ssl);
-    if (!ret) {
-        ESP_LOGI(TAG, "failed " );
-        goto failed4;
-    }
-    ESP_LOGI(TAG, "OK");
-
-    ESP_LOGI(TAG, "send https request to %s port %d ......",
-        OPENSSL_DEMO_TARGET_NAME, OPENSSL_DEMO_TARGET_TCP_PORT);
-    ret = SSL_write(ssl, send_data, send_bytes);
-    if (ret <= 0) {
-        ESP_LOGI(TAG, "failed");
-        goto failed5;
-    }
-    ESP_LOGI(TAG, "OK");
-
-    do {
-        ret = SSL_read(ssl, recv_buf, OPENSSL_DEMO_RECV_BUF_LEN - 1);
-        if (ret <= 0) {
-            break;
-        }
-        recv_bytes += ret;
-        ESP_LOGI(TAG, "%s", recv_buf);
-    } while (1);
-    
-    ESP_LOGI(TAG, "totaly read %d bytes data from %s ......", recv_bytes, OPENSSL_DEMO_TARGET_NAME);
-
-failed5:
-    SSL_shutdown(ssl);
-failed4:
-    SSL_free(ssl);
-    ssl = NULL;
-failed3:
-    close(socket);
-    socket = -1;
-failed2:
-    SSL_CTX_free(ctx);
-    ctx = NULL;
-failed1:
-    vTaskDelete(NULL);
-    return ;
-}
-
-static void openssl_client_init(void)
-{
-    int ret;
-    xTaskHandle openssl_handle;
-
-    ret = xTaskCreate(openssl_demo_thread,
-                      OPENSSL_DEMO_THREAD_NAME,
-                      OPENSSL_DEMO_THREAD_STACK_WORDS,
-                      NULL,
-                      OPENSSL_DEMO_THREAD_PRORIOTY,
-                      &openssl_handle); 
-
-    if (ret != pdPASS)  {
-        ESP_LOGI(TAG, "create thread %s failed", OPENSSL_DEMO_THREAD_NAME);
-    }
-}
-
-static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
-{
-    switch(event->event_id) {
-    case SYSTEM_EVENT_STA_START:
-        esp_wifi_connect();
-        break;
-    case SYSTEM_EVENT_STA_GOT_IP:
-        xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
-        openssl_client_init();
-        break;
-    case SYSTEM_EVENT_STA_DISCONNECTED:
-        /* This is a workaround as ESP32 WiFi libs don't currently
-           auto-reassociate. */
-        esp_wifi_connect();        
-        xEventGroupClearBits(wifi_event_group, CONNECTED_BIT);
-        break;
-    default:
-        break;
-    }
-    return ESP_OK;
-}
-
-static void wifi_conn_init(void)
-{
-    tcpip_adapter_init();
-    wifi_event_group = xEventGroupCreate();
-    ESP_ERROR_CHECK( esp_event_loop_init(wifi_event_handler, NULL) );
-    wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
-    ESP_ERROR_CHECK( esp_wifi_init(&cfg) );
-    ESP_ERROR_CHECK( esp_wifi_set_storage(WIFI_STORAGE_RAM) );
-    wifi_config_t wifi_config = {
-        .sta = {
-            .ssid = EXAMPLE_WIFI_SSID,
-            .password = EXAMPLE_WIFI_PASS,
-        },
-    };
-    ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) );
-    ESP_ERROR_CHECK( esp_wifi_set_config(WIFI_IF_STA, &wifi_config) );
-    ESP_LOGI(TAG, "start the WIFI SSID:[%s] password:[%s]\n", EXAMPLE_WIFI_SSID, EXAMPLE_WIFI_PASS);
-    ESP_ERROR_CHECK( esp_wifi_start() );
-}
-
-void app_main(void)
-{
-    nvs_flash_init();
-    wifi_conn_init();
-}
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "openssl_client.h"
+
+#include <string.h>
+
+#include "openssl/ssl.h"
+
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "freertos/event_groups.h"
+
+#include "esp_log.h"
+#include "esp_wifi.h"
+#include "esp_event_loop.h"
+
+#include "nvs_flash.h"
+
+#include "lwip/sockets.h"
+#include "lwip/netdb.h"
+
+static EventGroupHandle_t wifi_event_group;
+
+/* The event group allows multiple bits for each event,
+   but we only care about one event - are we connected
+   to the AP with an IP? */
+const static int CONNECTED_BIT = BIT0;
+
+const static char *TAG = "Openssl_demo";
+
+void openssl_demo_thread(void *p)
+{
+    int ret;
+    SSL_CTX *ctx;
+    SSL *ssl;
+    int socket;
+    struct sockaddr_in sock_addr;
+    struct hostent *hp;
+    struct ip4_addr *ip4_addr;
+    
+    int recv_bytes = 0;
+    char recv_buf[OPENSSL_DEMO_RECV_BUF_LEN];
+    
+    const char send_data[] = OPENSSL_DEMO_REQUEST;
+    const int send_bytes = sizeof(send_data);
+
+    ESP_LOGI(TAG, "OpenSSL demo thread start OK");
+
+    ESP_LOGI(TAG, "get target IP address");
+    hp = gethostbyname(OPENSSL_DEMO_TARGET_NAME);
+    if (!hp) {
+        ESP_LOGI(TAG, "failed");
+        goto failed1;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ip4_addr = (struct ip4_addr *)hp->h_addr;
+    ESP_LOGI(TAG, IPSTR, IP2STR(ip4_addr));
+
+    ESP_LOGI(TAG, "create SSL context ......");
+    ctx = SSL_CTX_new(TLSv1_1_client_method());
+    if (!ctx) {
+        ESP_LOGI(TAG, "failed");
+        goto failed1;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "create socket ......");
+    socket = socket(AF_INET, SOCK_STREAM, 0);
+    if (socket < 0) {
+        ESP_LOGI(TAG, "failed");
+        goto failed2;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "bind socket ......");
+    memset(&sock_addr, 0, sizeof(sock_addr));
+    sock_addr.sin_family = AF_INET;
+    sock_addr.sin_addr.s_addr = 0;
+    sock_addr.sin_port = htons(OPENSSL_DEMO_LOCAL_TCP_PORT);
+    ret = bind(socket, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
+    if (ret) {
+        ESP_LOGI(TAG, "failed");
+        goto failed3;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "socket connect to remote %s ......", OPENSSL_DEMO_TARGET_NAME);
+    memset(&sock_addr, 0, sizeof(sock_addr));
+    sock_addr.sin_family = AF_INET;
+    sock_addr.sin_addr.s_addr = ip4_addr->addr;
+    sock_addr.sin_port = htons(OPENSSL_DEMO_TARGET_TCP_PORT);
+    ret = connect(socket, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
+    if (ret) {
+        ESP_LOGI(TAG, "failed");
+        goto failed3;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "create SSL ......");
+    ssl = SSL_new(ctx);
+    if (!ssl) {
+        ESP_LOGI(TAG, "failed");
+        goto failed3;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    SSL_set_fd(ssl, socket);
+
+    ESP_LOGI(TAG, "SSL connected to %s port %d ......",
+        OPENSSL_DEMO_TARGET_NAME, OPENSSL_DEMO_TARGET_TCP_PORT);
+    ret = SSL_connect(ssl);
+    if (!ret) {
+        ESP_LOGI(TAG, "failed " );
+        goto failed4;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "send https request to %s port %d ......",
+        OPENSSL_DEMO_TARGET_NAME, OPENSSL_DEMO_TARGET_TCP_PORT);
+    ret = SSL_write(ssl, send_data, send_bytes);
+    if (ret <= 0) {
+        ESP_LOGI(TAG, "failed");
+        goto failed5;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    do {
+        ret = SSL_read(ssl, recv_buf, OPENSSL_DEMO_RECV_BUF_LEN - 1);
+        if (ret <= 0) {
+            break;
+        }
+        recv_bytes += ret;
+        ESP_LOGI(TAG, "%s", recv_buf);
+    } while (1);
+    
+    ESP_LOGI(TAG, "totaly read %d bytes data from %s ......", recv_bytes, OPENSSL_DEMO_TARGET_NAME);
+
+failed5:
+    SSL_shutdown(ssl);
+failed4:
+    SSL_free(ssl);
+    ssl = NULL;
+failed3:
+    close(socket);
+    socket = -1;
+failed2:
+    SSL_CTX_free(ctx);
+    ctx = NULL;
+failed1:
+    vTaskDelete(NULL);
+    return ;
+}
+
+static void openssl_client_init(void)
+{
+    int ret;
+    xTaskHandle openssl_handle;
+
+    ret = xTaskCreate(openssl_demo_thread,
+                      OPENSSL_DEMO_THREAD_NAME,
+                      OPENSSL_DEMO_THREAD_STACK_WORDS,
+                      NULL,
+                      OPENSSL_DEMO_THREAD_PRORIOTY,
+                      &openssl_handle); 
+
+    if (ret != pdPASS)  {
+        ESP_LOGI(TAG, "create thread %s failed", OPENSSL_DEMO_THREAD_NAME);
+    }
+}
+
+static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
+{
+    switch(event->event_id) {
+    case SYSTEM_EVENT_STA_START:
+        esp_wifi_connect();
+        break;
+    case SYSTEM_EVENT_STA_GOT_IP:
+        xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
+        openssl_client_init();
+        break;
+    case SYSTEM_EVENT_STA_DISCONNECTED:
+        /* This is a workaround as ESP32 WiFi libs don't currently
+           auto-reassociate. */
+        esp_wifi_connect(); 
+        xEventGroupClearBits(wifi_event_group, CONNECTED_BIT);
+        break;
+    default:
+        break;
+    }
+    return ESP_OK;
+}
+
+static void wifi_conn_init(void)
+{
+    tcpip_adapter_init();
+    wifi_event_group = xEventGroupCreate();
+    ESP_ERROR_CHECK( esp_event_loop_init(wifi_event_handler, NULL) );
+    wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
+    ESP_ERROR_CHECK( esp_wifi_init(&cfg) );
+    ESP_ERROR_CHECK( esp_wifi_set_storage(WIFI_STORAGE_RAM) );
+    wifi_config_t wifi_config = {
+        .sta = {
+            .ssid = EXAMPLE_WIFI_SSID,
+            .password = EXAMPLE_WIFI_PASS,
+        },
+    };
+    ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) );
+    ESP_ERROR_CHECK( esp_wifi_set_config(WIFI_IF_STA, &wifi_config) );
+    ESP_LOGI(TAG, "start the WIFI SSID:[%s] password:[%s]\n", EXAMPLE_WIFI_SSID, EXAMPLE_WIFI_PASS);
+    ESP_ERROR_CHECK( esp_wifi_start() );
+}
+
+void app_main(void)
+{
+    nvs_flash_init();
+    wifi_conn_init();
+}

examples/10_openssl_server/README.md

@@ -4,8 +4,8 @@ The Example contains of OpenSSL server demo.
 
 First you should configure the project by "make menuconfig":
   Example Configuration -> 
-    1. WiFi SSID: WiFi network to which your PC is also connected to. 
-    1. WiFi Password: wifi password
+    1. WIFI SSID: WIFI network to which your PC is also connected to. 
+    1. WIFI Password: WIFI password
     
 IF you want to test the OpenSSL server demo: 
   1. compile the code and load the firmware 
@@ -15,6 +15,7 @@ IF you want to test the OpenSSL server demo:
   
 Note:
   The private key and certification at the example are not trusted by web browser, because they are not created by CA official, just by ourselves.
-  You can alse create your own private key and ceritification by "openssl at ubuntu or others".  
+  You can alse create your own private key and ceritification by "openssl at ubuntu or others". 
+  We have the document of "ESP8266_SDKSSL_User_Manual_EN_v1.4.pdf" at "http://www.espressif.com/en/support/download/documents". By it you can gernerate the private key and certification with the fomate of ".pem"
 
 See the README.md file in the upper level 'examples' directory for more information about examples.

examples/10_openssl_server/main/openssl_server.c

@@ -1,257 +1,253 @@
-// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#include "openssl_server.h"
-
-#include <string.h>
-
-#include "openssl/ssl.h"
-
-#include "freertos/FreeRTOS.h"
-#include "freertos/task.h"
-#include "freertos/event_groups.h"
-
-#include "esp_types.h"
-#include "esp_log.h"
-#include "esp_system.h"
-#include "esp_wifi.h"
-#include "esp_event_loop.h"
-#include "esp_log.h"
-
-#include "nvs_flash.h"
-#include "tcpip_adapter.h"
-
-#include "lwip/sockets.h"
-#include "lwip/netdb.h"
-
-static EventGroupHandle_t wifi_event_group;
-
-/* The event group allows multiple bits for each event,
-   but we only care about one event - are we connected
-   to the AP with an IP? */
-const static int CONNECTED_BIT = BIT0;
-
-const static char *TAG = "Openssl_demo";
-
-#define OPENSSL_DEMO_SERVER_ACK "HTTP/1.1 200 OK\r\n" \
-                                "Content-Type: text/html\r\n" \
-                                "Content-Length: 98\r\n" \
-                                "<html>\r\n" \
-                                "<head>\r\n" \
-                                "<title>OpenSSL demo</title></head><body>\r\n" \
-                                "OpenSSL server demo!\r\n" \
-                                "</body>\r\n" \
-                                "</html>\r\n"
-
-static void openssl_demo_thread(void *p)
-{
-    int ret;
-
-    SSL_CTX *ctx;
-    SSL *ssl;
-
-    int socket, new_socket;
-    socklen_t addr_len;
-    struct sockaddr_in sock_addr;
-
-    char recv_buf[OPENSSL_DEMO_RECV_BUF_LEN];
-
-    const char send_data[] = OPENSSL_DEMO_SERVER_ACK;
-    const int send_bytes = sizeof(send_data);
-
-    extern const unsigned char cacert_pem_start[] asm("_binary_cacert_pem_start");
-    extern const unsigned char cacert_pem_end[]   asm("_binary_cacert_pem_end");
-    const unsigned int cacert_pem_bytes = cacert_pem_end - cacert_pem_start;
-
-    extern const unsigned char prvtkey_pem_start[] asm("_binary_prvtkey_pem_start");
-    extern const unsigned char prvtkey_pem_end[]   asm("_binary_prvtkey_pem_end");
-    const unsigned int prvtkey_pem_bytes = prvtkey_pem_end - prvtkey_pem_start;   
-
-    ESP_LOGI(TAG, "SSL server context create ......");
-    ctx = SSL_CTX_new(SSLv3_server_method());
-    if (!ctx) {
-        ESP_LOGI(TAG, "failed");
-        goto failed1;
-    }
-    ESP_LOGI(TAG, "OK");
-
-    ESP_LOGI(TAG, "SSL server context set own certification......");
-    ret = SSL_CTX_use_certificate_ASN1(ctx, cacert_pem_bytes, cacert_pem_start);
-    if (!ret) {
-        ESP_LOGI(TAG, "failed");
-        goto failed2;
-    }
-    ESP_LOGI(TAG, "OK");
-
-    ESP_LOGI(TAG, "SSL server context set private key......");
-    ret = SSL_CTX_use_PrivateKey_ASN1(0, ctx, prvtkey_pem_start, prvtkey_pem_bytes);
-    if (!ret) {
-        ESP_LOGI(TAG, "failed");
-        goto failed2;
-    }
-    ESP_LOGI(TAG, "OK");
-
-    ESP_LOGI(TAG, "SSL server create socket ......");
-    socket = socket(AF_INET, SOCK_STREAM, 0);
-    if (socket < 0) {
-        ESP_LOGI(TAG, "failed");
-        goto failed2;
-    }
-    ESP_LOGI(TAG, "OK");
-
-    ESP_LOGI(TAG, "SSL server socket bind ......");
-    memset(&sock_addr, 0, sizeof(sock_addr));
-    sock_addr.sin_family = AF_INET;
-    sock_addr.sin_addr.s_addr = 0;
-    sock_addr.sin_port = htons(OPENSSL_DEMO_LOCAL_TCP_PORT);
-    ret = bind(socket, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
-    if (ret) {
-        ESP_LOGI(TAG, "failed");
-        goto failed3;
-    }
-    ESP_LOGI(TAG, "OK");
-
-    ESP_LOGI(TAG, "SSL server socket listen ......");
-    ret = listen(socket, 32);
-    if (ret) {
-        ESP_LOGI(TAG, "failed");
-        goto failed3;
-    }
-    ESP_LOGI(TAG, "OK");
-
-reconnect:
-    ESP_LOGI(TAG, "SSL server create ......");
-    ssl = SSL_new(ctx);
-    if (!ssl) {
-        ESP_LOGI(TAG, "failed");
-        goto failed3;
-    }
-    ESP_LOGI(TAG, "OK");
-
-    ESP_LOGI(TAG, "SSL server socket accept client ......");
-    new_socket = accept(socket, (struct sockaddr *)&sock_addr, &addr_len);
-    if (new_socket < 0) {
-        ESP_LOGI(TAG, "failed" );
-        goto failed4;
-    }
-    ESP_LOGI(TAG, "OK");
-
-    SSL_set_fd(ssl, new_socket);
-
-    ESP_LOGI(TAG, "SSL server accept client ......");
-    ret = SSL_accept(ssl);
-    if (!ret) {
-        ESP_LOGI(TAG, "failed");
-        goto failed5;
-    }
-    ESP_LOGI(TAG, "OK");
-
-    ESP_LOGI(TAG, "SSL server read message ......");
-    do {
-        memset(recv_buf, 0, OPENSSL_DEMO_RECV_BUF_LEN);
-        ret = SSL_read(ssl, recv_buf, OPENSSL_DEMO_RECV_BUF_LEN - 1);
-        if (ret <= 0) {
-            break;
-        }
-        if (strstr(recv_buf, "GET / HTTP/1.1")) {
-            SSL_write(ssl, send_data, send_bytes);
-            break;
-        }
-    } while (1);
-    
-    ESP_LOGI(TAG, "result %d", ret);
-
-    SSL_shutdown(ssl);
-failed5:
-    close(new_socket);
-    new_socket = -1;
-failed4:
-    SSL_free(ssl);
-    ssl = NULL;
-    goto reconnect;
-failed3:
-    close(socket);
-    socket = -1;
-failed2:
-    SSL_CTX_free(ctx);
-    ctx = NULL;
-failed1:
-    vTaskDelete(NULL);
-    return ;
-} 
-
-static void openssl_client_init(void)
-{
-    int ret;
-    xTaskHandle openssl_handle;
-
-    ret = xTaskCreate(openssl_demo_thread,
-                      OPENSSL_DEMO_THREAD_NAME,
-                      OPENSSL_DEMO_THREAD_STACK_WORDS,
-                      NULL,
-                      OPENSSL_DEMO_THREAD_PRORIOTY,
-                      &openssl_handle); 
-
-    if (ret != pdPASS)  {
-        ESP_LOGI(TAG, "create thread %s failed", OPENSSL_DEMO_THREAD_NAME);
-    }
-}
-
-static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
-{
-    switch(event->event_id) {
-    case SYSTEM_EVENT_STA_START:
-        esp_wifi_connect();
-        break;
-    case SYSTEM_EVENT_STA_GOT_IP:
-        xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
-        openssl_client_init();
-        break;
-    case SYSTEM_EVENT_STA_DISCONNECTED:
-        /* This is a workaround as ESP32 WiFi libs don't currently
-           auto-reassociate. */
-        esp_wifi_connect();        
-        xEventGroupClearBits(wifi_event_group, CONNECTED_BIT);
-        break;
-    default:
-        break;
-    }
-    return ESP_OK;
-}
-
-static void wifi_conn_init(void)
-{
-    tcpip_adapter_init();
-    wifi_event_group = xEventGroupCreate();
-    ESP_ERROR_CHECK( esp_event_loop_init(wifi_event_handler, NULL) );
-    wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
-    ESP_ERROR_CHECK( esp_wifi_init(&cfg) );
-    ESP_ERROR_CHECK( esp_wifi_set_storage(WIFI_STORAGE_RAM) );
-    wifi_config_t wifi_config = {
-        .sta = {
-            .ssid = EXAMPLE_WIFI_SSID,
-            .password = EXAMPLE_WIFI_PASS,
-        },
-    };
-    ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) );
-    ESP_ERROR_CHECK( esp_wifi_set_config(WIFI_IF_STA, &wifi_config) );
-    ESP_LOGI(TAG, "start the WIFI SSID:[%s] password:[%s]\n", EXAMPLE_WIFI_SSID, EXAMPLE_WIFI_PASS);
-    ESP_ERROR_CHECK( esp_wifi_start() );
-}
-
-void app_main(void)
-{
-    nvs_flash_init();
-    wifi_conn_init();
-}
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "openssl_server.h"
+
+#include <string.h>
+
+#include "openssl/ssl.h"
+
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "freertos/event_groups.h"
+
+#include "esp_log.h"
+#include "esp_wifi.h"
+#include "esp_event_loop.h"
+
+#include "nvs_flash.h"
+
+#include "lwip/sockets.h"
+#include "lwip/netdb.h"
+
+static EventGroupHandle_t wifi_event_group;
+
+/* The event group allows multiple bits for each event,
+   but we only care about one event - are we connected
+   to the AP with an IP? */
+const static int CONNECTED_BIT = BIT0;
+
+const static char *TAG = "Openssl_demo";
+
+#define OPENSSL_DEMO_SERVER_ACK "HTTP/1.1 200 OK\r\n" \
+                                "Content-Type: text/html\r\n" \
+                                "Content-Length: 98\r\n" \
+                                "<html>\r\n" \
+                                "<head>\r\n" \
+                                "<title>OpenSSL demo</title></head><body>\r\n" \
+                                "OpenSSL server demo!\r\n" \
+                                "</body>\r\n" \
+                                "</html>\r\n"
+
+static void openssl_demo_thread(void *p)
+{
+    int ret;
+
+    SSL_CTX *ctx;
+    SSL *ssl;
+
+    int socket, new_socket;
+    socklen_t addr_len;
+    struct sockaddr_in sock_addr;
+
+    char recv_buf[OPENSSL_DEMO_RECV_BUF_LEN];
+
+    const char send_data[] = OPENSSL_DEMO_SERVER_ACK;
+    const int send_bytes = sizeof(send_data);
+
+    extern const unsigned char cacert_pem_start[] asm("_binary_cacert_pem_start");
+    extern const unsigned char cacert_pem_end[]   asm("_binary_cacert_pem_end");
+    const unsigned int cacert_pem_bytes = cacert_pem_end - cacert_pem_start;
+
+    extern const unsigned char prvtkey_pem_start[] asm("_binary_prvtkey_pem_start");
+    extern const unsigned char prvtkey_pem_end[]   asm("_binary_prvtkey_pem_end");
+    const unsigned int prvtkey_pem_bytes = prvtkey_pem_end - prvtkey_pem_start;   
+
+    ESP_LOGI(TAG, "SSL server context create ......");
+    ctx = SSL_CTX_new(SSLv3_server_method());
+    if (!ctx) {
+        ESP_LOGI(TAG, "failed");
+        goto failed1;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "SSL server context set own certification......");
+    ret = SSL_CTX_use_certificate_ASN1(ctx, cacert_pem_bytes, cacert_pem_start);
+    if (!ret) {
+        ESP_LOGI(TAG, "failed");
+        goto failed2;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "SSL server context set private key......");
+    ret = SSL_CTX_use_PrivateKey_ASN1(0, ctx, prvtkey_pem_start, prvtkey_pem_bytes);
+    if (!ret) {
+        ESP_LOGI(TAG, "failed");
+        goto failed2;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "SSL server create socket ......");
+    socket = socket(AF_INET, SOCK_STREAM, 0);
+    if (socket < 0) {
+        ESP_LOGI(TAG, "failed");
+        goto failed2;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "SSL server socket bind ......");
+    memset(&sock_addr, 0, sizeof(sock_addr));
+    sock_addr.sin_family = AF_INET;
+    sock_addr.sin_addr.s_addr = 0;
+    sock_addr.sin_port = htons(OPENSSL_DEMO_LOCAL_TCP_PORT);
+    ret = bind(socket, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
+    if (ret) {
+        ESP_LOGI(TAG, "failed");
+        goto failed3;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "SSL server socket listen ......");
+    ret = listen(socket, 32);
+    if (ret) {
+        ESP_LOGI(TAG, "failed");
+        goto failed3;
+    }
+    ESP_LOGI(TAG, "OK");
+
+reconnect:
+    ESP_LOGI(TAG, "SSL server create ......");
+    ssl = SSL_new(ctx);
+    if (!ssl) {
+        ESP_LOGI(TAG, "failed");
+        goto failed3;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "SSL server socket accept client ......");
+    new_socket = accept(socket, (struct sockaddr *)&sock_addr, &addr_len);
+    if (new_socket < 0) {
+        ESP_LOGI(TAG, "failed" );
+        goto failed4;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    SSL_set_fd(ssl, new_socket);
+
+    ESP_LOGI(TAG, "SSL server accept client ......");
+    ret = SSL_accept(ssl);
+    if (!ret) {
+        ESP_LOGI(TAG, "failed");
+        goto failed5;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "SSL server read message ......");
+    do {
+        memset(recv_buf, 0, OPENSSL_DEMO_RECV_BUF_LEN);
+        ret = SSL_read(ssl, recv_buf, OPENSSL_DEMO_RECV_BUF_LEN - 1);
+        if (ret <= 0) {
+            break;
+        }
+        if (strstr(recv_buf, "GET / HTTP/1.1")) {
+            SSL_write(ssl, send_data, send_bytes);
+            break;
+        }
+    } while (1);
+    
+    ESP_LOGI(TAG, "result %d", ret);
+
+    SSL_shutdown(ssl);
+failed5:
+    close(new_socket);
+    new_socket = -1;
+failed4:
+    SSL_free(ssl);
+    ssl = NULL;
+    goto reconnect;
+failed3:
+    close(socket);
+    socket = -1;
+failed2:
+    SSL_CTX_free(ctx);
+    ctx = NULL;
+failed1:
+    vTaskDelete(NULL);
+    return ;
+} 
+
+static void openssl_client_init(void)
+{
+    int ret;
+    xTaskHandle openssl_handle;
+
+    ret = xTaskCreate(openssl_demo_thread,
+                      OPENSSL_DEMO_THREAD_NAME,
+                      OPENSSL_DEMO_THREAD_STACK_WORDS,
+                      NULL,
+                      OPENSSL_DEMO_THREAD_PRORIOTY,
+                      &openssl_handle); 
+
+    if (ret != pdPASS)  {
+        ESP_LOGI(TAG, "create thread %s failed", OPENSSL_DEMO_THREAD_NAME);
+    }
+}
+
+static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
+{
+    switch(event->event_id) {
+    case SYSTEM_EVENT_STA_START:
+        esp_wifi_connect();
+        break;
+    case SYSTEM_EVENT_STA_GOT_IP:
+        xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
+        openssl_client_init();
+        break;
+    case SYSTEM_EVENT_STA_DISCONNECTED:
+        /* This is a workaround as ESP32 WiFi libs don't currently
+           auto-reassociate. */
+        esp_wifi_connect(); 
+        xEventGroupClearBits(wifi_event_group, CONNECTED_BIT);
+        break;
+    default:
+        break;
+    }
+    return ESP_OK;
+}
+
+static void wifi_conn_init(void)
+{
+    tcpip_adapter_init();
+    wifi_event_group = xEventGroupCreate();
+    ESP_ERROR_CHECK( esp_event_loop_init(wifi_event_handler, NULL) );
+    wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
+    ESP_ERROR_CHECK( esp_wifi_init(&cfg) );
+    ESP_ERROR_CHECK( esp_wifi_set_storage(WIFI_STORAGE_RAM) );
+    wifi_config_t wifi_config = {
+        .sta = {
+            .ssid = EXAMPLE_WIFI_SSID,
+            .password = EXAMPLE_WIFI_PASS,
+        },
+    };
+    ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) );
+    ESP_ERROR_CHECK( esp_wifi_set_config(WIFI_IF_STA, &wifi_config) );
+    ESP_LOGI(TAG, "start the WIFI SSID:[%s] password:[%s]\n", EXAMPLE_WIFI_SSID, EXAMPLE_WIFI_PASS);
+    ESP_ERROR_CHECK( esp_wifi_start() );
+}
+
+void app_main(void)
+{
+    nvs_flash_init();
+    wifi_conn_init();
+}