samples: net: big_http_download: Update URL for TLS download
The old link has expired, the file is no longer avaiable to download. Update the download link, which now leads to a file in Ubuntu repositories for the recent LTS release, hopefully making the link valid for longer period. As the server ceritficate is signed by a different root CA, update the root CA as well. Finally, cleanup how the URL is handled in the sample - for TLS variant it'll always be provided with a Kconfig, hence no need to repeat it in the sample. Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
This commit is contained in:
Robert Lubos
Carles Cufí
parent
1c911904d5
commit
2a02f4f9a9
6 changed files with 40 additions and 18 deletions
|
|
@ -8,11 +8,3 @@ FILE(GLOB app_sources src/*.c)
|
|||
target_sources(app PRIVATE ${app_sources})
|
||||
|
||||
include(${ZEPHYR_BASE}/samples/net/common/common.cmake)
|
||||
|
||||
set(gen_dir ${ZEPHYR_BINARY_DIR}/include/generated/)
|
||||
|
||||
generate_inc_file_for_target(
|
||||
app
|
||||
src/lets-encrypt-r3.der
|
||||
${gen_dir}/lets-encrypt-r3.der.inc
|
||||
)
|
||||
|
|
|
|||
|
|
@ -7,7 +7,8 @@ CONFIG_MBEDTLS_BUILTIN=y
|
|||
CONFIG_MBEDTLS_ENABLE_HEAP=y
|
||||
CONFIG_MBEDTLS_HEAP_SIZE=60000
|
||||
CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN=16384
|
||||
CONFIG_MBEDTLS_PEM_CERTIFICATE_FORMAT=y
|
||||
|
||||
CONFIG_NET_SOCKETS_SOCKOPT_TLS=y
|
||||
|
||||
CONFIG_SAMPLE_BIG_HTTP_DL_URL="https://www.7-zip.org/a/7z1805.exe"
|
||||
CONFIG_SAMPLE_BIG_HTTP_DL_URL="https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/git/1:2.34.1-1ubuntu1/git_2.34.1.orig.tar.xz"
|
||||
|
|
|
|||
|
|
@ -48,11 +48,7 @@ static char download_url[MAX_URL_LENGTH] =
|
|||
#if defined(CONFIG_SAMPLE_BIG_HTTP_DL_URL)
|
||||
CONFIG_SAMPLE_BIG_HTTP_DL_URL;
|
||||
#else
|
||||
#if !defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)
|
||||
"http://archive.ubuntu.com/ubuntu/dists/xenial/main/installer-amd64/current/images/hd-media/vmlinuz";
|
||||
#else
|
||||
"https://www.7-zip.org/a/7z1805.exe";
|
||||
#endif /* !defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS) */
|
||||
#endif /* defined(CONFIG_SAMPLE_BIG_HTTP_DL_URL) */
|
||||
/* Quick testing. */
|
||||
/* "http://google.com/foo";*/
|
||||
|
|
@ -62,7 +58,8 @@ static uint8_t download_hash[32] =
|
|||
#if !defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)
|
||||
"\x33\x7c\x37\xd7\xec\x00\x34\x84\x14\x22\x4b\xaa\x6b\xdb\x2d\x43\xf2\xa3\x4e\xf5\x67\x6b\xaf\xcd\xca\xd9\x16\xf1\x48\xb5\xb3\x17";
|
||||
#else
|
||||
"\x64\x7a\x9a\x62\x11\x62\xcd\x7a\x50\x08\x93\x4a\x08\xe2\x3f\xf7\xc1\x13\x5d\x6f\x12\x61\x68\x9f\xd9\x54\xaa\x17\xd5\x0f\x97\x29";
|
||||
"\x3a\x07\x55\xdd\x1c\xfa\xb7\x1a\x24\xdd\x96\xdf\x34\x98\xc2\x9c"
|
||||
"\xd0\xac\xd1\x3b\x04\xf3\xd0\x8b\xf9\x33\xe8\x12\x86\xdb\x80\x2c";
|
||||
#endif /* !defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS) */
|
||||
|
||||
#define SSTRLEN(s) (sizeof(s) - 1)
|
||||
|
|
|
|||
|
|
@ -13,9 +13,10 @@
|
|||
* certificate in PEM format, you can enable support for it in Kconfig.
|
||||
*/
|
||||
|
||||
/* Let's Encrypt Authority X3 for https://www.7-zip.org */
|
||||
static const unsigned char ca_certificate[] = {
|
||||
#include "lets-encrypt-r3.der.inc"
|
||||
};
|
||||
/* ISRG Root X1 for https://launchpad.net/ubuntu */
|
||||
static const unsigned char ca_certificate[] =
|
||||
#include "isrgrootx1.pem"
|
||||
;
|
||||
|
||||
|
||||
#endif /* __CA_CERTIFICATE_H__ */
|
||||
|
|
|
|||
31
samples/net/sockets/big_http_download/src/isrgrootx1.pem
Normal file
31
samples/net/sockets/big_http_download/src/isrgrootx1.pem
Normal file
|
|
@ -0,0 +1,31 @@
|
|||
"-----BEGIN CERTIFICATE-----\n"
|
||||
"MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw\n"
|
||||
"TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\n"
|
||||
"cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4\n"
|
||||
"WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu\n"
|
||||
"ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY\n"
|
||||
"MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc\n"
|
||||
"h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+\n"
|
||||
"0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U\n"
|
||||
"A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW\n"
|
||||
"T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH\n"
|
||||
"B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC\n"
|
||||
"B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv\n"
|
||||
"KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn\n"
|
||||
"OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn\n"
|
||||
"jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw\n"
|
||||
"qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI\n"
|
||||
"rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV\n"
|
||||
"HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq\n"
|
||||
"hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL\n"
|
||||
"ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ\n"
|
||||
"3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK\n"
|
||||
"NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5\n"
|
||||
"ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur\n"
|
||||
"TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC\n"
|
||||
"jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc\n"
|
||||
"oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq\n"
|
||||
"4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA\n"
|
||||
"mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d\n"
|
||||
"emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=\n"
|
||||
"-----END CERTIFICATE-----\n"
|
||||
Binary file not shown.
Loading…
Add table
Add a link
Reference in a new issue