HTTPClient lib - add HTTPCLIENT_NOSECURE build flag

`HTTPCLIENT_NOSECURE` build flag disables TLS support in HTTPClient library by excluding `NetworkClientSecure.h` header. This allows linker to strip down mbedTLS lind and certificates bundle, which in turn reduces firmware image for about ~80kib.
espressif · Jun 19, 2024 · 81003a1 · 81003a1
1 parent 6b22339
commit 81003a1
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 8 deletions.
diff --git a/libraries/HTTPClient/src/HTTPClient.cpp b/libraries/HTTPClient/src/HTTPClient.cpp
@@ -28,15 +28,8 @@
 
 #include <Arduino.h>
 #include <esp32-hal-log.h>
-
-#ifdef HTTPCLIENT_1_1_COMPATIBLE
-#include <NetworkClient.h>
-#include <NetworkClientSecure.h>
-#endif
-
 #include <StreamString.h>
 #include <base64.h>
-
 #include "HTTPClient.h"
 
 /// Cookie jar support
@@ -56,6 +49,7 @@ class TransportTraits {
   }
 };
 
+#ifndef HTTPCLIENT_NOSECURE
 class TLSTraits : public TransportTraits {
 public:
   TLSTraits(const char *CAcert, const char *clicert = nullptr, const char *clikey = nullptr) : _cacert(CAcert), _clicert(clicert), _clikey(clikey) {}
@@ -81,6 +75,7 @@ class TLSTraits : public TransportTraits {
   const char *_clicert;
   const char *_clikey;
 };
+#endif  // HTTPCLIENT_NOSECURE
 #endif  // HTTPCLIENT_1_1_COMPATIBLE
 
 /**
@@ -145,7 +140,12 @@ bool HTTPClient::begin(NetworkClient &client, String url) {
 
   _port = (protocol == "https" ? 443 : 80);
   _secure = (protocol == "https");
+
+#ifdef HTTPCLIENT_NOSECURE
+  return _secure ? false : beginInternal(url, protocol.c_str());
+#else
   return beginInternal(url, protocol.c_str());
+#endif  // HTTPCLIENT_NOSECURE
 }
 
 /**
@@ -174,10 +174,16 @@ bool HTTPClient::begin(NetworkClient &client, String host, uint16_t port, String
   _uri = uri;
   _protocol = (https ? "https" : "http");
   _secure = https;
+
+#ifdef HTTPCLIENT_NOSECURE
+  return _secure ? false : true;
+#else
   return true;
+#endif  // HTTPCLIENT_NOSECURE
 }
 
 #ifdef HTTPCLIENT_1_1_COMPATIBLE
+#ifndef HTTPCLIENT_NOSECURE
 bool HTTPClient::begin(String url, const char *CAcert) {
   if (_client && !_tcpDeprecated) {
     log_d("mix up of new and deprecated api");
@@ -199,6 +205,7 @@ bool HTTPClient::begin(String url, const char *CAcert) {
 
   return true;
 }
+#endif  // HTTPCLIENT_NOSECURE
 
 /**
  * parsing the url for all needed parameters
@@ -214,7 +221,11 @@ bool HTTPClient::begin(String url) {
   clear();
   _port = 80;
   if (!beginInternal(url, "http")) {
+#ifdef HTTPCLIENT_NOSECURE
+    return false;
+#else
     return begin(url, (const char *)NULL);
+#endif  // HTTPCLIENT_NOSECURE
   }
   _transportTraits = TransportTraitsPtr(new TransportTraits());
   if (!_transportTraits) {
@@ -299,6 +310,7 @@ bool HTTPClient::begin(String host, uint16_t port, String uri) {
   return true;
 }
 
+#ifndef HTTPCLIENT_NOSECURE
 bool HTTPClient::begin(String host, uint16_t port, String uri, const char *CAcert) {
   if (_client && !_tcpDeprecated) {
     log_d("mix up of new and deprecated api");
@@ -338,6 +350,7 @@ bool HTTPClient::begin(String host, uint16_t port, String uri, const char *CAcer
   _transportTraits = TransportTraitsPtr(new TLSTraits(CAcert, cli_cert, cli_key));
   return true;
 }
+#endif  // HTTPCLIENT_NOSECURE
 #endif  // HTTPCLIENT_1_1_COMPATIBLE
 
 /**

diff --git a/libraries/HTTPClient/src/HTTPClient.h b/libraries/HTTPClient/src/HTTPClient.h
@@ -34,7 +34,9 @@
 #include <memory>
 #include <Arduino.h>
 #include <NetworkClient.h>
+#ifndef HTTPCLIENT_NOSECURE
 #include <NetworkClientSecure.h>
+#endif  // HTTPCLIENT_NOSECURE
 
 /// Cookie jar support
 #include <vector>
@@ -182,10 +184,17 @@ class HTTPClient {
 
 #ifdef HTTPCLIENT_1_1_COMPATIBLE
   bool begin(String url);
-  bool begin(String url, const char *CAcert);
   bool begin(String host, uint16_t port, String uri = "/");
+#ifndef HTTPCLIENT_NOSECURE
+  bool begin(String url, const char *CAcert);
   bool begin(String host, uint16_t port, String uri, const char *CAcert);
   bool begin(String host, uint16_t port, String uri, const char *CAcert, const char *cli_cert, const char *cli_key);
+#else
+  bool begin(String url, const char *CAcert){ return false; };
+  bool begin(String host, uint16_t port, String uri, const char *CAcert){ return false; };
+  bool begin(String host, uint16_t port, String uri, const char *CAcert, const char *cli_cert, const char *cli_key){ return false; };
+#endif  // HTTPCLIENT_NOSECURE
+
 #endif
 
   void end(void);