From eee27b06b41462aa0125e6df7b553576296213ff Mon Sep 17 00:00:00 2001
From: Andrea Gilardoni <a.gilardoni@arduino.cc>
Date: Tue, 10 Jun 2025 16:24:40 +0200
Subject: [PATCH 1/2] Splitting the definition of client into 2 interfaces

- ClientConnect provides the abstraction required to address connection
  methods for TCP like sessions.
- Client provides the same Features as before, but it is specialized to
  handle connections that are then handled like a stream, like a
  classical TCP connection

This distinction will be used to differentiate stream like communication
protocols, i.e. websocket, tcp, http streaming, from discrete sized
packets communication, like MQTT.
---
 api/Client.h | 31 ++++++++++++++++++-------------
 1 file changed, 18 insertions(+), 13 deletions(-)

diff --git a/api/Client.h b/api/Client.h
index 5a1d99fe..4513e6bf 100644
--- a/api/Client.h
+++ b/api/Client.h
@@ -24,23 +24,28 @@
 
 namespace arduino {
 
-class Client : public Stream {
+// The objective of this interface is to split the definition of a Client that
+// works with streams and one that works with discrete sized messages
+class ClientConnect {
+public:
+  virtual ~ClientConnect() = default;
+
+  virtual int connect(IPAddress ip, uint16_t port) = 0;
+  virtual int connect(const char *host, uint16_t port) = 0;
+  virtual void disconnect() = 0;
+
+  virtual uint8_t connected() = 0;
+  virtual operator bool() = 0;
+};
 
+class Client : public Stream, ClientConnect {
 public:
-  virtual int connect(IPAddress ip, uint16_t port) =0;
-  virtual int connect(const char *host, uint16_t port) =0;
-  virtual size_t write(uint8_t) =0;
-  virtual size_t write(const uint8_t *buf, size_t size) =0;
-  virtual int available() = 0;
-  virtual int read() = 0;
+  virtual size_t write(uint8_t) = 0;
+  virtual size_t write(const uint8_t *buf, size_t size) = 0;
   virtual int read(uint8_t *buf, size_t size) = 0;
-  virtual int peek() = 0;
-  virtual void flush() = 0;
   virtual void stop() = 0;
-  virtual uint8_t connected() = 0;
-  virtual operator bool() = 0;
 protected:
-  uint8_t* rawIPAddress(IPAddress& addr) { return addr.raw_address(); };
+  uint8_t* rawIPAddress(IPAddress& addr) { return addr.raw_address(); }; // FIXME this is a utility function
 };
 
-}
\ No newline at end of file
+}

From 47eb8631ef45adf24c969d0c38e8053d3da28349 Mon Sep 17 00:00:00 2001
From: Andrea Gilardoni <a.gilardoni@arduino.cc>
Date: Tue, 10 Jun 2025 16:32:24 +0200
Subject: [PATCH 2/2] Introducing Tls apis in Arduino Core api

Added Interfaces to handle Tls api standardization in arduino core api.
---
 api/Tls.h | 46 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)
 create mode 100644 api/Tls.h

diff --git a/api/Tls.h b/api/Tls.h
new file mode 100644
index 00000000..3c9a9a98
--- /dev/null
+++ b/api/Tls.h
@@ -0,0 +1,46 @@
+#pragma once
+
+#include "Client.h"
+
+
+namespace arduino {
+
+// Tls CertificatesKeys are strings
+using CertificateKey = const char[];
+
+enum class CertificateFormat {
+    Der,
+    Pem,
+}
+
+class Tls: public ClientConnect {
+public:
+    virtual ~Tls() = default;
+
+    enum IdentityVerification {
+        MTls,       // both ends identity needs to be verified
+        Tls,        // The server side end is verified against CA
+        Insecure,   // no check against server side identity
+    };
+
+    virtual void setIdentityVerification(IdentityVerification mode) { _mode = mode; };
+    virtual void setCA(CertificateKey ca, CertificateFormat f=CertificateFormat::Pem) = 0;
+    virtual void setCertificate(CertificateKey public, CertificateKey private, CertificateFormat f=CertificateFormat::Pem) = 0;
+
+
+    // Tls protocol enables Server Name Indication usage, for which a client provides
+    // the hostname it is trying to connect to. This hostname may be required to be verified
+    // against the server provided one
+    virtual void sniVerification(bool) = 0;
+
+    // manually provide an hostname that will be used together with sni
+    // if connect is called with hostname as parameter this will be automatically called
+    virtual void setHostname(const char hostname[]) = 0;
+protected:
+    IdentityVerification _mode;
+};
+
+class TlsClient: public Client, Tls {
+
+};
+}

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://patch-diff.githubusercontent.com/raw/arduino/ArduinoCore-API/pull/252.patch" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://patch-diff.githubusercontent.com/raw/arduino/ArduinoCore-API/pull/252.patch" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://patch-diff.githubusercontent.com/raw/arduino/ArduinoCore-API/pull/252.patch" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://patch-diff.githubusercontent.com/raw/arduino/ArduinoCore-API/pull/252.patch" target="_blank">pFad v4 Proxy</a></p></body>
</html>