alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-13 05:47:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
45,819 Commits 21 Branches 167 Tags
master
Commit Graph

14 Commits

Author SHA1 Message Date
hrushikesh.bhosale
5928a87aa7 feat(mbedtls): Add configuration to control dynamic buffer strategy in mbedtls 
Problem:
1. In low-memory scenarios, the dynamic buffer feature can fail due to memory fragmentation.
2. It requires a contiguous 16KB heap chunk, but continuous allocation and deallocation of
the RX buffer can lead to fragmentation.
3. If another component allocates memory between these operations, it can break up the
available 16KB block, causing allocation failure.

Solution:
1. Introduce configurable strategy for using dynamic buffers in TLS connections.
2. For example, convert RX buffers to static after the TLS handshake.
3. Allow users to select the strategy via a new field in the esp_http_client_cfg_t structure.
4. The strategy can be controlled independently for each TLS session.
 2025-06-05 12:43:47 +05:30
harshal.patil
3957e59f1a feat(mbedtls/esp_crt_bundle): Move dummy cert to .rodata to save 408B from dram 
Co-authored-by: Hanno <h.binder@web.de>
 2024-10-16 16:21:28 +05:30
Laukik Hase
d7eb2c7b4e mbedtls: MBEDTLS_PRIVATE & MBEDTLS_ALLOW_PRIVATE_ACCESS-related cleanup 2022-09-29 10:13:14 +05:30
Laukik Hase
87d3296c37 mbedtls: Disable MBEDTLS_DYNAMIC_BUFFER when TLS 1.3 is enabled 
- Resulted in a crash in the handshake stage when
  used alongside TLS 1.3 (MBEDTLS_SSL_PROTO_TLS1_3)
- Fix build error when MBEDTLS_HARDWARE_SHA=n &&
  MBEDTLS_DYNAMIC_BUFFER=y
- Fix build error when TLS 1.3 is enabled with
  MBEDTLS_SSL_KEEP_PEER_CERTIFICATE=n
 2022-03-11 10:03:48 +05:30
Laukik Hase
3925365351 ci: Fix pre-check stage failing tests 
- Updated license headers
- Re-enabled public headers and static analysis checks
- Fix public header file check failure

Co-authored-by: Aditya Patwardhan <aditya.patwardhan@espressif.com>
 2022-03-03 01:37:10 +05:30
Aditya Patwardhan
60b167f2d6 mbedtls-3.1 update: Removed the MBEDTLS_PRIVATE from multiple files 
after they have been again made public in mbedtls-3.1

*Added `MBEDTLS_ALLOW_PRIVATE_ACCESS` in some files.
 2022-03-03 01:37:10 +05:30
Aditya Patwardhan
0483bfbbfe Initial Changes for updating mbedtls to v3.0 2022-03-03 01:37:09 +05:30
Laukik Hase
424c45df91 ci: Fix issues for build stage 
- Fixed logs expecting different format specifier
- Updated ignore list for check_public_header test
- Updated functions ported from mbedTLS
 2022-01-25 10:51:27 +05:30
Laukik Hase
befc93aa2d mbedtls: Added option MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 
- Removed code regarding MBEDTLS_DYNAMIC_FREE_PEER_CERT
  (config was kept for backward compatibility)
- Combined mbedTLS v2.28.x related options under a separate Kconfig menu
 2022-01-25 10:51:27 +05:30
Li Jingyi
981ef057c4 feat(mbedtls): modify __wrap_mbedtls_ssl_setup to decrease SSL peak heap cost 2021-12-01 17:15:25 +08:00
yuanjm
93604b1a11 mbedtls: Fix mbedtls_ssl_send_alert_message crash due to ssl->out_iv is NULL 2021-04-22 09:33:59 +00:00
Aditya Patwardhan
bf513b6f31 Fix esp_tls: Prevent freeing of global ca store after each connection 
when dynamic ssl buffers are enabled
 2021-02-25 00:26:13 +00:00
Dong Heng
1c9592efc4 fix(mbedtls): fix mbedtls dynamic resource memory leaks and RSA cert drop earlier 
RX process caches the session information in "ssl->in_ctr" not in "ssl->in_buf".
So when freeing the SSL, can't free the "ssl->in_ctr", because the "ssl->in_buf"
is empty.

Make the RX process like TX process, and cache the session information in
"ssl->in_buf", so that the cache buffer can be freed when freeing the SSL.

Closes https://github.com/espressif/esp-idf/issues/6104
 2020-11-19 07:31:50 +00:00
Dong Heng
3d57bf30a2 feat(mbedtls): add dynamic buffer and local resource managment to decrease SSL heap cost 2020-05-14 11:45:09 +00:00