Fixes failing https connections to HelloServerBearSSL when using the (#8206)

MMU option with 48K IRAM shared. This happended after changes that increased IRAM code size that caused free IRAM for Heap to fall below ~16K, then "new" would OOM out in WiFiClientSecureBearSSL. Added private function to try IRAM first then switch to DRAM on fail to WiFiClientSecureBearSSL for iobuff allocations.
2025-10-18 09:50:40 +03:00 · 2021-07-11 13:22:34 -07:00
parent 95c6fbb054
commit 40876dc6ba
2 changed files with 32 additions and 31 deletions
--- a/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h
+++ b/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h
@@ -189,6 +189,7 @@ class WiFiClientSecureCtx : public WiFiClient {
    size_t _recvapp_len;

    bool _clientConnected(); // Is the underlying socket alive?
+    std::shared_ptr<unsigned char> _alloc_iobuf(size_t sz);
    void _freeSSL();
    int _run_until(unsigned target, bool blocking = true);
    size_t _write(const uint8_t *buf, size_t size, bool pmem);
@@ -309,8 +310,8 @@ class WiFiClientSecure : public WiFiClient {

    // Limit the TLS versions BearSSL will connect with.  Default is
    // BR_TLS10...BR_TLS12. Allowed values are: BR_TLS10, BR_TLS11, BR_TLS12
-    bool setSSLVersion(uint32_t min = BR_TLS10, uint32_t max = BR_TLS12) { return _ctx->setSSLVersion(min, max); };    
-    
+    bool setSSLVersion(uint32_t min = BR_TLS10, uint32_t max = BR_TLS12) { return _ctx->setSSLVersion(min, max); };
+
    // Check for Maximum Fragment Length support for given len before connection (possibly insecure)
    static bool probeMaxFragmentLength(IPAddress ip, uint16_t port, uint16_t len);
    static bool probeMaxFragmentLength(const char *hostname, uint16_t port, uint16_t len);