Non-blocking SSL/TLS communication / incomplete(?) openssl

permal
Posts: 384
Joined: Sun May 14, 2017 5:36 pm

Non-blocking SSL/TLS communication / incomplete(?) openssl

Postby permal » Sun Jul 16, 2017 9:12 am

Hi,

I've now successfully implemented non-blocking TCP sockets and also added SSL/TLS encryption using openssl that ships with ESP-IDF. All communication is handled by a single task and incoming and outgoing data are distributed via queues to other tasks. I'm using the latest version of the master branch directly from git.

This is working really well, but I've noticed that a call to SSL_connect() can block for quite a long time, which defeats the purpose of non-blocking sockets since all communication on all sockets stops during the call since it is all handled by a single task.

I therefor intended to use an alternative implementation using BIO's, as demonstrated here. Unfortunately the openssl implementation that ships with ESP-IDF seems incomplete because I'm getting linker errors for methods such as these:

Code: Select all

undefined reference to `SSL_get_rbio'
undefined reference to `SSL_get_wbio'
Are these supposed to be available? If not, what do you propose I do instead?

permal
Posts: 384
Joined: Sun May 14, 2017 5:36 pm

Re: Non-blocking SSL/TLS communication / incomplete(?) openssl

Postby permal » Thu Jul 20, 2017 10:25 am

Anyone with some insights? :)

WiFive
Posts: 3529
Joined: Tue Dec 01, 2015 7:35 am

Re: Non-blocking SSL/TLS communication / incomplete(?) openssl

Postby WiFive » Thu Jul 20, 2017 10:39 am

The openssl compatibility layer is just a shim/wrapper for mbedtls so you're going to have to look deeper

permal
Posts: 384
Joined: Sun May 14, 2017 5:36 pm

Re: Non-blocking SSL/TLS communication / incomplete(?) openssl

Postby permal » Thu Jul 20, 2017 10:45 am

Oh, ok. I hadn't realized that was the case. I'll look at mbedtls then. Thanks.

Who is online

Users browsing this forum: Majestic-12 [Bot], sshwarts, twompark and 102 guests