Problem:
1. In low-memory scenarios, the dynamic buffer feature can fail due to memory fragmentation.
2. It requires a contiguous 16KB heap chunk, but continuous allocation and deallocation of
the RX buffer can lead to fragmentation.
3. If another component allocates memory between these operations, it can break up the
available 16KB block, causing allocation failure.
Solution:
1. Introduce configurable strategy for using dynamic buffers in TLS connections.
2. For example, convert RX buffers to static after the TLS handshake.
3. Allow users to select the strategy via a new field in the esp_http_client_cfg_t structure.
4. The strategy can be controlled independently for each TLS session.
In some applications, ESP_TLS_ERR_SSL_WANT_READ and
ESP_TLS_ERR_SSL_TIMEOUT are common results which
need handled at the next layer. Downgrade these
to debug.
Add new API esp_transport_ssl_set_ciphersuites_list() to allow configuring custom
TLS cipher suites in SSL transport layer. This enables users to:
- Set specific cipher suites for SSL/TLS connections
When both readset/writeset and errset are set for a single socket,
the HTTP client incorrectly handled the condition, causing premature termination.
Added a check to ensure readset/writeset is prioritized before errset.
Closes https://github.com/espressif/esp-idf/issues/14673
- Made tcp_transport_errors codes public to indicate
TCP connection issues not covered in socket's errno
- Added API to translate tcp_transport_error codes
to esp_err_t codes for TCP Transport
Co-authored-by: Shubham Kulkarni <shubham.kulkarni@espressif.com>
Also added parameter checks if used from as a public API
and updated the `is_plein_tcp` description that it's possible to connect
directly using plain tcp transport with the new API.
Add missing NULL test for esp_transport_init() call.
Otherwise, it will hit NULL pointer dereference when assign t->_get_socket.
Signed-off-by: Axel Lin <axel.lin@gmail.com>
For compatibility reasons, support also transports separately if the transport is used
before attaching to parent list. In this case we create an internal context which is
independent on the foundation transport and used preferably
Transport's error_handle is used to capture different types of errors
including esp_err_t from esp-tls and socket/system errors.
This change adds the following error codes for TCP transport:
* connection closed by a FIN flag (clean closure from server)
* DNS resolution problem
* connection timeout
These errors are already defined in esp-tls component and since this
component will be used in the future for both TCP and SSL transport, we
currently report these issues in transport::error_handle::esp_tls_last_error
of standard esp error type (esp_err_t)
Closes https://github.com/espressif/esp-mqtt/issues/182
Internal tcp_transport functions could now use custom socket operations.
This is used for WebSocket transport, when we typically wait for clean
connection closure, i.e. selecting for read/error with expected errno or
recv size=0 while socket readable (=connection terminated by FIN flag)
* Replaced crypotoauthlib with esp-cryptoauthlib
* Added menuconfig option for esp-tls about using HSM
* Added error codes for HSM in esp-tls,
* Added support to select different type of ATECC608A chips
* Added README, updated docs
* tcp_transport: Added option to enable secure_element for ssl
Closes https://github.com/espressif/esp-idf/issues/4432
For url redirection cases (HTTP status 301/302), internal
transport ssl connection state must be reinitialized for
successful (new) connection on updated url.
Closes https://github.com/espressif/esp-idf/issues/4598
Alexey Lapshin
nilesh.kale
hrushikesh.bhosale
Rocha Euripedes
Richard Allen
dhb
Xu Si Yu
harshal.patil
David Cermak
Harshit Malpani
Aditya Patwardhan
AndriiFilippov
Laukik Hase
Mahavir Jain
Dániel Buga
Axel Lin
liuhan
yuanjm
aditi_lonkar
Angus Gratton
xutao