New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SSL connection reboots #134
Comments
is https even supported, it doesn't have the ram/flash to handle the certificates surely? |
Well it seems so as per wiki, and I believe it's even compiled in by default. So far I have to proxy via local nginx which lowers the value of the node as independent sensor reporter. |
Disabled SSL_ENABLE switch, got compile-time error
Please, consider fixing |
A hackish fix here dvv@f4b2827 |
ssl support is just for the cloud update process, not for https clients i believe. i don't see the point of disabling it |
Memory. 25kB free with the above patch vs circa 18kB without. |
as with all esp8266 info, there's nothing documented about cloud upgrade. its part of the sdk, not nodemcu-specific. i see your point about saving memory. mqtt isn't the only module that uses ssl though:
they seem to be using |
latest build, replace the open-source ssl lib with lib/libssl.a(no source available since sdk 0.9.5). |
Hmmm. Closed source SSL. A bit paranoid, but how do we know it does what we mean it to do? |
yup, 0.9.5 has gone back to closed-source ip stack (lwip) and ssl for some reason. not really a nodemcu issue, but an sdk one, and a bit worrying. |
There still appears to be some issues with SSL.
Sample code can be found in this post. |
I confirm that I also still can't connect to a https:// server. |
I don't know if it's related, but I'm having problems with SSL connection... i configured my MQTT broker to accept any connections and i can connect to it with something like all fine without secure connection.
|
I just tried the fragment example: |
On 20150126 (not 27) the board doesn't reboot. I still can't connect to MQTT broker with SSL/TLS on, i get this error on the broker: |
20150126 is probably memory related turns out that openssl.org's response was quite large and it works if you specifiy the GET e.g "GET /images/page-corner-tr.gif". Same test in 20150127 results in disconnect. Second, is there a way to handle "large" responses on https requests without running out of heap. |
this is why i always doubted this chip can do ssl, the certificates are just too large. same with arduino's and spark cores. |
Well, this chip does have memory to store responses -- filesystem. Wonder if the most expensive portion of SSL -- handshake -- can be worked around by using filesystem to save response for analysing it later in memory chunk by chunk? |
I see lot of potential in this platform but using closed source blob to make IoT is not feasible. It's not just paranoid, a single vendor cannot guarantee same QA on code as open source community can, specially on cryptographic code. |
This reboots mcu even without entering connection handler
while non-SSL connection works just fine.
What can be the cause?
TIA
The text was updated successfully, but these errors were encountered: