Steve, Am 16.03.21 um 21:34 schrieb Stephen Casner:
I haven't gotten any traction on my request for people to test the updated mongoose-wolfssl branch, so I thought it might help to rebase to the current master.
Sorry, been busy. Git didn't pull the updated branch now without a conflict, so I simply reset my local branch to your latest version.
I now have an updated mongoose-wolfssl branch ready to be tested. The reason for the 90-second lockup mentioned in the previous post is a whole lot of math for a prime-number validation that's part of the Diffie-Hellman step. It was actually 87 seconds for Mark's server and 28 seconds for Michael's due to differences in certificates. That prime-number validation is required for FIPS compliance, which WolfSSL supports, but we don't need it. I spent quite a while digging into this to find where the process was getting stuck. Finally I got help from WolfSSL support suggesting a configuration option that avoids this extra check.
So now I have an implementation using mongoose with wolfssl that connects successfully to both servers with a 3-4 second delay. (I don't recall what the delay was for the MBEDTLS-based implementation.) I think the memory usage looks OK. I still have not taken any steps to reduce any resources used by the MBEDTLS code as accessed for other purposes.
My first impression is, everything looks good. Moreover, TLS connections are established much faster than before. The ssh login is done in 3 seconds now (down from ~5 seconds before). A server V2 login took 3.8 seconds on average before, now takes 1.54 seconds on average. The speed improvement on HTTP.request() is even more impressive. Test script: (function(){ var i = 0, t0, t1; function doTest(){ t0 = performance.now(); print("start request " + (++i)); HTTP.request({ url: "https://dexters-web.de/f/test.json", done: function() { t1 = performance.now(); print(this.response.statusText + " length=" + this.response.body.length + " time=" + (t1-t0).toFixed(0) + "ms"); if (i < 5) doTest(); } }); }; doTest(); })(); The file "test.json" is just 13 bytes, so this essentially tests the connection establishment. Results: ---------------------------------------------------------------------------------------------------- master (mbedtls) ---------------------------------------------------------------------------------------------------- I (109665) script: [eval:10:] OK length=13 time=5097ms I (115135) script: [eval:10:] OK length=13 time=5464ms I (121745) script: [eval:10:] OK length=13 time=6608ms I (126455) script: [eval:10:] OK length=13 time=4704ms I (130815) script: [eval:10:] OK length=13 time=4357ms ---------------------------------------------------------------------------------------------------- mongoose-wolfssl ---------------------------------------------------------------------------------------------------- I (1782504) script: [eval:10:] OK length=13 time=1597ms I (1784124) script: [eval:10:] OK length=13 time=1611ms I (1785734) script: [eval:10:] OK length=13 time=1604ms I (1787374) script: [eval:10:] OK length=13 time=1639ms I (1789004) script: [eval:10:] OK length=13 time=1624ms These speed improvements are consistent through multiple runs with two different modules. I haven't found any issues yet. Memory usage is perfectly OK. Awesome work, Steve! I suggest taking this into edge as soon as possible. Regards, Michael -- Michael Balzer * Helkenberger Weg 9 * D-58256 Ennepetal Fon 02333 / 833 5735 * Handy 0176 / 206 989 26