TLS connections failing after move to latest IDF

[tschak909]

As has been mentioned before, I have a network adapter for 8-bit systems called #FujiNet (more info at fujinet.online), and with the latest IDF, it seems to fail with opening TLS connections, with the following:

Code: Select all

E (182914) esp-tls-mbedtls: mbedtls_ssl_setup returned -0x7f00
E (182914) esp-tls: create_ssl_handle failed
E (182914) esp-tls: Failed to open new connection
E (182914) TRANS_SSL: Failed to open a new connection
E (182924) HTTP_CLIENT: Connection failed, sock < 0
0002c5be _perform status = 0, length = 0, chunked = 0
sio_status_channel() - BW: 0 E: 136
->SIO write 4 bytes
COMPLETE!

I am not verifying the certificate, and am wondering if there is now an explicit behavior preventing this from working? Do I need to now explicitly embed internet root certs into the flash, or to tell mbedTLS to use them?

Any help is appreciated, as this is very unexpected.

-Thom

[WiFive]

https://github.com/ARMmbed/mbedtls/blob ... ssl.h#L107

Meaning you probably ran out of memory. What idf version are you migrating from? There are more menuconfig options in newer idf that affect memory and also mbedtls buffer size.

[tschak909]

Turns out, since we have oodles of SPIRAM, the fix was to tell mbedTLS to allocate from it, by setting the following in sdkconfig:

Code: Select all

CONFIG_MBEDTLS_EXTERNAL_MEM_ALLOC=y

...while disabling the other allocation options.

-Thom