Page 1 of 1

Non-blocking SSL/TLS communication / incomplete(?) openssl

Posted: Sun Jul 16, 2017 9:12 am
by permal
Hi,

I've now successfully implemented non-blocking TCP sockets and also added SSL/TLS encryption using openssl that ships with ESP-IDF. All communication is handled by a single task and incoming and outgoing data are distributed via queues to other tasks. I'm using the latest version of the master branch directly from git.

This is working really well, but I've noticed that a call to SSL_connect() can block for quite a long time, which defeats the purpose of non-blocking sockets since all communication on all sockets stops during the call since it is all handled by a single task.

I therefor intended to use an alternative implementation using BIO's, as demonstrated here. Unfortunately the openssl implementation that ships with ESP-IDF seems incomplete because I'm getting linker errors for methods such as these:

Code: Select all

undefined reference to `SSL_get_rbio'
undefined reference to `SSL_get_wbio'
Are these supposed to be available? If not, what do you propose I do instead?

Re: Non-blocking SSL/TLS communication / incomplete(?) openssl

Posted: Thu Jul 20, 2017 10:25 am
by permal
Anyone with some insights? :)

Re: Non-blocking SSL/TLS communication / incomplete(?) openssl

Posted: Thu Jul 20, 2017 10:39 am
by WiFive
The openssl compatibility layer is just a shim/wrapper for mbedtls so you're going to have to look deeper

Re: Non-blocking SSL/TLS communication / incomplete(?) openssl

Posted: Thu Jul 20, 2017 10:45 am
by permal
Oh, ok. I hadn't realized that was the case. I'll look at mbedtls then. Thanks.