Add setSSLVersion and setBufferSizes to setHTTPOptions to limit memory usage
se-fLa opened this issue · 2 comments
Proposal:
Add functions to set wifiClientSec->setSSLVersion() and wifiClientSec->setBufferSizes()
Would also like to be able to give a BearSSL::WiFiClientSecure so one can use multiple root certs
BearSSL::X509List trustedRoots_letsencrypt; // Holds our trusted root certs from Let's Encrypt
trustedRoots_letsencrypt.append(isrgrootx1);
trustedRoots_letsencrypt.append(isrg_root_x2);
xxx.setTrustAnchors(&trustedRoots_letsencrypt); // or set with HTTPOptions or in influxDbClient contructor as last argument
Current behavior:
Crashes with out of memory OOM on 8266 / ESP12 unless buffer set to 512,512
Desired behavior:
Possibility to configure bufferSizes for the BearSSL::WiFiClientSecure and also the SSL version.
I added as a test/quick fix in ESP8266_Influxdb/src/HTTPService.cpp::HTTPService constructor
36: wifiClientSec->setSSLVersion(BR_TLS12, BR_TLS12);
37: wifiClientSec->setBufferSizes(512, 512);
and that solved my crashes and also writePoint works (only validateConnection() work without this fix, not writePoint())
Alternatives considered:
Be able to provide own BearSSL::WiFiClientSecure object as HTTPOptions
Use case:
Crashes out of memory on ESP12.
@se-fLa, nice suggestion, thanks.
MFLN procedure sets buffer sizes to 1024, when confirmed. So, when I allow overriding the MFN result, e.g. set small buffers, in your case, will 1024 buffer size also work?
Or, as you wrote, only 512B works for you?