Problem:
1. In low-memory scenarios, the dynamic buffer feature can fail due to memory fragmentation.
2. It requires a contiguous 16KB heap chunk, but continuous allocation and deallocation of
the RX buffer can lead to fragmentation.
3. If another component allocates memory between these operations, it can break up the
available 16KB block, causing allocation failure.
Solution:
1. Introduce configurable strategy for using dynamic buffers in TLS connections.
2. For example, convert RX buffers to static after the TLS handshake.
3. Allow users to select the strategy via a new field in the esp_http_client_cfg_t structure.
4. The strategy can be controlled independently for each TLS session.
Added the option to define tls_handshake_timeout value
for the esp_tls_server_session_create API.
At the moment, the API gets stuck infinitely if
the handshake is blocked on recieving more data
and the peer connection has closed due to some issue.
Closes https://github.com/espressif/esp-idf/issues/14999
- ESP32-WROOM-32SE has been discontinued and marked as NRND
- This change removes all references to ESP32-WROOM-32SE from IDF
- The example has been migrated to esp-cryptoauthlib repository and it
can be used through the component manager
(https://components.espressif.com/components/espressif/esp-cryptoauthlib)
HTTPD_SSL_CONFIG_DEFAULT used to be a MACRO and hence used to return
a const pointer. With a recent change it started not returning a
const variable. This change reverts the function to its MACRO form.
Updated the https_server example to use static declration
Also added parameter checks if used from as a public API
and updated the `is_plein_tcp` description that it's possible to connect
directly using plain tcp transport with the new API.
Transport's error_handle is used to capture different types of errors
including esp_err_t from esp-tls and socket/system errors.
This change adds the following error codes for TCP transport:
* connection closed by a FIN flag (clean closure from server)
* DNS resolution problem
* connection timeout
These errors are already defined in esp-tls component and since this
component will be used in the future for both TCP and SSL transport, we
currently report these issues in transport::error_handle::esp_tls_last_error
of standard esp error type (esp_err_t)
Closes https://github.com/espressif/esp-mqtt/issues/182
* Replaced crypotoauthlib with esp-cryptoauthlib
* Added menuconfig option for esp-tls about using HSM
* Added error codes for HSM in esp-tls,
* Added support to select different type of ATECC608A chips
* Added README, updated docs
* tcp_transport: Added option to enable secure_element for ssl
Closes https://github.com/espressif/esp-idf/issues/4432
Return value `0` in actual is case of partial write and not error as per `mbedtls_ssl_write`
Modified documentation of `esp_tls_conn_write` accordingly.
Even `esp_wolfssl_write` API considers just negative returns as errors.
Signed-off-by: Vikram Dattu <vikram.dattu@espressif.com>
Adds the ESP certificate bundle feature that enables users to bundle a
root certificate bundle together with their application.
Default bundle includes all Mozilla root certificates
Closes IDF-296
