add cert-pem configurable

2024-06-12 15:45:28 -03:00 · 2024-06-12 15:45:28 -03:00 · ad444b6c10
parent dceab6ce29
commit ad444b6c10
3 changed files with 12 additions and 1 deletions
--- a/esphome/components/http_request/init.py
+++ b/esphome/components/http_request/init.py
@ -37,6 +37,7 @@ CONF_HTTP_REQUEST_ID = "http_request_id"

 CONF_USERAGENT = "useragent"
 CONF_VERIFY_SSL = "verify_ssl"
+CONF_CERTIFICATE_PEM = "certificate_pem"
 CONF_FOLLOW_REDIRECTS = "follow_redirects"
 CONF_REDIRECT_LIMIT = "redirect_limit"
 CONF_WATCHDOG_TIMEOUT = "watchdog_timeout"
@ -105,6 +106,7 @@ CONFIG_SCHEMA = cv.All(
                cv.only_on_esp8266, cv.boolean
            ),
            cv.Optional(CONF_VERIFY_SSL, default=True): cv.boolean,
+            cv.Optional(CONF_CERTIFICATE_PEM): cv.string,
            cv.Optional(CONF_WATCHDOG_TIMEOUT): cv.All(
                cv.Any(cv.only_on_esp32, cv.only_on_rp2040),
                cv.positive_not_null_time_period,
@ -135,11 +137,14 @@ async def to_code(config):
    if timeout_ms := config.get(CONF_WATCHDOG_TIMEOUT):
        cg.add(var.set_watchdog_timeout(timeout_ms))

+    if certificate_pem := config.get(CONF_CERTIFICATE_PEM):
+        cg.add(var.set_certificate_pem(certificate_pem))
+
    if CORE.is_esp32:
        if CORE.using_esp_idf:
            esp32.add_idf_sdkconfig_option(
                "CONFIG_MBEDTLS_CERTIFICATE_BUNDLE",
-                config.get(CONF_VERIFY_SSL),
+                config.get(CONF_VERIFY_SSL) and CONF_CERTIFICATE_PEM not in config,
            )
            esp32.add_idf_sdkconfig_option(
                "CONFIG_ESP_TLS_INSECURE",
--- a/esphome/components/http_request/http_request_idf.cpp
+++ b/esphome/components/http_request/http_request_idf.cpp
@ -57,6 +57,7 @@ std::shared_ptr<HttpContainer> HttpRequestIDF::start(std::string url, std::strin
    config.crt_bundle_attach = esp_crt_bundle_attach;
  }
 #endif
+  config.cert_pem = this->cert_pem_;

  if (this->useragent_ != nullptr) {
    config.user_agent = this->useragent_;
--- a/esphome/components/http_request/http_request_idf.h
+++ b/esphome/components/http_request/http_request_idf.h
@ -26,6 +26,11 @@ class HttpRequestIDF : public HttpRequestComponent {
 public:
  std::shared_ptr<HttpContainer> start(std::string url, std::string method, std::string body,
                                       std::list<Header> headers) override;
+
+  void set_certificate_pem(const char *cert_pem) { this->cert_pem_ = cert_pem; }
+
+ protected:
+  const char *cert_pem_{nullptr};
 };

 }  // namespace http_request