From 1079f4c855b449d4b7c15a23f32033a9e5b7d181 Mon Sep 17 00:00:00 2001
From: vortigont <gpm@hotplug.ru>
Date: Thu, 20 Jun 2024 20:13:15 +0900
Subject: [PATCH] HTTPClient lib - add HTTPCLIENT_NOSECURE build flag (#9893)

* HTTPClient lib - add HTTPCLIENT_NOSECURE build flag

`HTTPCLIENT_NOSECURE` build flag disables TLS support in HTTPClient library by
excluding `NetworkClientSecure.h` header.
This allows linker to strip down mbedTLS lind and certificates bundle,
which in turn reduces firmware image for about ~80kib.

* Update HTTPClient.cpp

* ci(pre-commit): Apply automatic fixes

---------

Co-authored-by: Me No Dev <me-no-dev@users.noreply.github.com>
Co-authored-by: pre-commit-ci-lite[bot] <117423508+pre-commit-ci-lite[bot]@users.noreply.github.com>
---
 libraries/HTTPClient/src/HTTPClient.cpp | 28 ++++++++++++++++++-------
 libraries/HTTPClient/src/HTTPClient.h   | 17 ++++++++++++++-
 2 files changed, 37 insertions(+), 8 deletions(-)

diff --git a/libraries/HTTPClient/src/HTTPClient.cpp b/libraries/HTTPClient/src/HTTPClient.cpp
index 64dfe3a7d..3dc3b7156 100644
--- a/libraries/HTTPClient/src/HTTPClient.cpp
+++ b/libraries/HTTPClient/src/HTTPClient.cpp
@@ -28,15 +28,8 @@
 
 #include <Arduino.h>
 #include <esp32-hal-log.h>
-
-#ifdef HTTPCLIENT_1_1_COMPATIBLE
-#include <NetworkClient.h>
-#include <NetworkClientSecure.h>
-#endif
-
 #include <StreamString.h>
 #include <base64.h>
-
 #include "HTTPClient.h"
 
 /// Cookie jar support
@@ -56,6 +49,7 @@ public:
   }
 };
 
+#ifndef HTTPCLIENT_NOSECURE
 class TLSTraits : public TransportTraits {
 public:
   TLSTraits(const char *CAcert, const char *clicert = nullptr, const char *clikey = nullptr) : _cacert(CAcert), _clicert(clicert), _clikey(clikey) {}
@@ -81,6 +75,7 @@ protected:
   const char *_clicert;
   const char *_clikey;
 };
+#endif  // HTTPCLIENT_NOSECURE
 #endif  // HTTPCLIENT_1_1_COMPATIBLE
 
 /**
@@ -145,6 +140,12 @@ bool HTTPClient::begin(NetworkClient &client, String url) {
 
   _port = (protocol == "https" ? 443 : 80);
   _secure = (protocol == "https");
+
+#ifdef HTTPCLIENT_NOSECURE
+  if (_secure) {
+    return false;
+  }
+#endif  // HTTPCLIENT_NOSECURE
   return beginInternal(url, protocol.c_str());
 }
 
@@ -174,10 +175,16 @@ bool HTTPClient::begin(NetworkClient &client, String host, uint16_t port, String
   _uri = uri;
   _protocol = (https ? "https" : "http");
   _secure = https;
+
+#ifdef HTTPCLIENT_NOSECURE
+  return _secure ? false : true;
+#else
   return true;
+#endif  // HTTPCLIENT_NOSECURE
 }
 
 #ifdef HTTPCLIENT_1_1_COMPATIBLE
+#ifndef HTTPCLIENT_NOSECURE
 bool HTTPClient::begin(String url, const char *CAcert) {
   if (_client && !_tcpDeprecated) {
     log_d("mix up of new and deprecated api");
@@ -199,6 +206,7 @@ bool HTTPClient::begin(String url, const char *CAcert) {
 
   return true;
 }
+#endif  // HTTPCLIENT_NOSECURE
 
 /**
  * parsing the url for all needed parameters
@@ -214,7 +222,11 @@ bool HTTPClient::begin(String url) {
   clear();
   _port = 80;
   if (!beginInternal(url, "http")) {
+#ifdef HTTPCLIENT_NOSECURE
+    return false;
+#else
     return begin(url, (const char *)NULL);
+#endif  // HTTPCLIENT_NOSECURE
   }
   _transportTraits = TransportTraitsPtr(new TransportTraits());
   if (!_transportTraits) {
@@ -299,6 +311,7 @@ bool HTTPClient::begin(String host, uint16_t port, String uri) {
   return true;
 }
 
+#ifndef HTTPCLIENT_NOSECURE
 bool HTTPClient::begin(String host, uint16_t port, String uri, const char *CAcert) {
   if (_client && !_tcpDeprecated) {
     log_d("mix up of new and deprecated api");
@@ -338,6 +351,7 @@ bool HTTPClient::begin(String host, uint16_t port, String uri, const char *CAcer
   _transportTraits = TransportTraitsPtr(new TLSTraits(CAcert, cli_cert, cli_key));
   return true;
 }
+#endif  // HTTPCLIENT_NOSECURE
 #endif  // HTTPCLIENT_1_1_COMPATIBLE
 
 /**
diff --git a/libraries/HTTPClient/src/HTTPClient.h b/libraries/HTTPClient/src/HTTPClient.h
index edc050ab0..80f6da285 100644
--- a/libraries/HTTPClient/src/HTTPClient.h
+++ b/libraries/HTTPClient/src/HTTPClient.h
@@ -34,7 +34,9 @@
 #include <memory>
 #include <Arduino.h>
 #include <NetworkClient.h>
+#ifndef HTTPCLIENT_NOSECURE
 #include <NetworkClientSecure.h>
+#endif  // HTTPCLIENT_NOSECURE
 
 /// Cookie jar support
 #include <vector>
@@ -182,10 +184,23 @@ public:
 
 #ifdef HTTPCLIENT_1_1_COMPATIBLE
   bool begin(String url);
-  bool begin(String url, const char *CAcert);
   bool begin(String host, uint16_t port, String uri = "/");
+#ifndef HTTPCLIENT_NOSECURE
+  bool begin(String url, const char *CAcert);
   bool begin(String host, uint16_t port, String uri, const char *CAcert);
   bool begin(String host, uint16_t port, String uri, const char *CAcert, const char *cli_cert, const char *cli_key);
+#else
+  bool begin(String url, const char *CAcert) {
+    return false;
+  };
+  bool begin(String host, uint16_t port, String uri, const char *CAcert) {
+    return false;
+  };
+  bool begin(String host, uint16_t port, String uri, const char *CAcert, const char *cli_cert, const char *cli_key) {
+    return false;
+  };
+#endif  // HTTPCLIENT_NOSECURE
+
 #endif
 
   void end(void);