Jakob, The only reason for configuring WOLFCRYPT_ONLY was to save space. If the WolfSSL functionality would be useful, then we can change that. The makefile also explicitly controls the subset of source files to be compiled, so that would need to change. There is a new release of WolfSSH that incorporated the extensions I made, but with some changes, so I need to look at converting over to that new release. -- Steve On Mon, 16 Jul 2018, Jakob L?w wrote:
Hey,
I've been playing around a bit with implementing SSL/TLS support. For starters I wanted to implement an OvmsNetTlsConnection class which could then be used for https requests. At first I tried using wolfSSL but it turns out wolfSSL is compiled with WOLFCRYPT_ONLY. OpenSSL also didn't work as SSL_CTX_load_verify_locations is missing in ESP-IDF's OpenSSL. I didn't try mbedtls yet. Is there a reason why OVMS bundles three different SSL libraries? Also why is there a custom HTTP implementation when mongoose already has one? Speaking of mongoose, it seems to have an abstraction layer which allows to use one of the three SSL/TLS libraries. IMO the best way would be to rewrite ovms_net and ovms_http to use mongoose and configure mongoose to compile with SSL support (probably mbedtls as the other two don't work).
- Jakob