Skip to content

bearSSL clientSecure initial heap usage #4952

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
5 tasks done
kapyaar opened this issue Jul 22, 2018 · 1 comment
Closed
5 tasks done

bearSSL clientSecure initial heap usage #4952

kapyaar opened this issue Jul 22, 2018 · 1 comment

Comments

@kapyaar
Copy link

kapyaar commented Jul 22, 2018
edited
Loading

Basic Infos

  • This issue complies with the issue POLICY doc.
  • I have read the documentation at readthedocs and the issue is not addressed there.
  • I have tested that the issue is present in current master branch (aka latest git).
  • I have searched the issue tracker for a similar issue.
  • I have filled out all fields below.

Platform

  • Hardware: [ESP-12]
  • Core Version: [latest git]
  • Development Env: [Arduino IDE]
  • Operating System: [Windows]

Settings in IDE

  • Module: [Nodemcu]
  • Flash Mode: [DOUT]
  • Flash Size: [4MB/1MB]
  • lwip Variant: [v2 Lower Memory]
  • Reset Method: [nodemcu]
  • Flash Frequency: [40Mhz]
  • CPU Frequency: [80Mhz]
  • Upload Using: [SERIAL]
  • Upload Speed: [921600)

Problem Description

When Using BearSSL secureClient, there is about 4k heap that gets taken up that does not get released. Is this normal?

I am using the latest git version, and I updated the bearSSL files based on #4900

When getting started, heap is 48504. This falls to some 43900 and it says there. I have a case where with a project, this 4k becomes significant as the ESP crashes due to low heap.

MCVE Sketch

// Example of the different modes of the X.509 validation options
// in the WiFiClientBearSSL object
//
// Mar 2018 by Earle F. Philhower, III
// Released to the public domain

#include <ESP8266WiFi.h>
#include <time.h>

const char *ssid = "myWiFiSSID";
const char *pass = "myWiFiPassword";

const char *   host = "api.github.com";
const uint16_t port = 443;
const char *   path = "/";


// Try and connect using a WiFiClientBearSSL to specified host:port and dump HTTP response
void fetchURL(BearSSL::WiFiClientSecure *client, const char *host, const uint16_t port, const char *path) {
  if (!path) {
    path = "/";
  }

  Serial.printf("Trying: %s:443...", host);
  client->connect(host, port);
  if (!client->connected()) {
    Serial.printf("*** Can't connect. ***\n-------\n");
    return;
  }
  Serial.printf("Connected!\n-------\n");
  client->write("GET ");
  client->write(path);
  client->write(" HTTP/1.0\r\nHost: ");
  client->write(host);
  client->write("\r\nUser-Agent: ESP8266\r\n");
  client->write("\r\n");
  uint32_t to = millis() + 5000;
  if (client->connected()) {
    do {
      char tmp[32];
      memset(tmp, 0, 32);
      int rlen = client->read((uint8_t*)tmp, sizeof(tmp) - 1);
      yield();
      if (rlen < 0) {
        break;
      }
      // Only print out first line up to \r, then abort connection
      char *nl = strchr(tmp, '\r');
      if (nl) {
        *nl = 0;
        Serial.print(tmp);
        break;
      }
      Serial.print(tmp);
    } while (millis() < to);
  }
  client->stop();
  Serial.printf("\n-------\n\n");
}



void fetchInsecure() {
  BearSSL::WiFiClientSecure client;
  client.setInsecure();
  fetchURL(&client, host, port, path);
}








void setup() {
  Serial.begin(115200);
  Serial.println();
  Serial.println();

  // We start by connecting to a WiFi network
  Serial.print("Connecting to ");
  Serial.println(ssid);
  WiFi.mode(WIFI_STA);
  WiFi.begin(ssid, pass);

  while (WiFi.status() != WL_CONNECTED) {
    delay(500);
    Serial.print(".");
  }
  Serial.println("");

  Serial.println("WiFi connected");
  Serial.println("IP address: ");
  Serial.println(WiFi.localIP());
}


void loop() {
  Serial.print( F("Heap Before: ") ); Serial.println(ESP.getFreeHeap());
  fetchInsecure();
  Serial.print( F("Heap After: ") ); Serial.println(ESP.getFreeHeap());
  delay(5000);
}

Debug Messages

SDK:3.0.0-dev(c0f7b44)/Core:win-2.5.0-dev/lwIP:2.0.3(STABLE-2_0_3_RELEASE/glue:arduino-2.4.1-13-g163bb82)/BearSSL:6d1cefc


Connecting to myWiFiSSID
bcn 0
del if1
usl
mode : sta(5c:cf:7f:aa:bd:06)
add if0
.....scandone
state: 0 -> 2 (b0)
.state: 2 -> 3 (0)
state: 3 -> 5 (10)
add 0
aid 1
cnt 

connected with myWiFiSSID, channel 1
sec 3ff error
dhcp client start...
.........ip:192.168.254.59,mask:255.255.255.0,gw:192.168.254.1
.
WiFi connected
IP address: 
192.168.254.59
**Heap Before: 48504**
Trying: api.github.com:443...Connected!
-------
HTTP/1.1 403 Forbidden
-------

Heap After: 43912
pm open,type:2 0
Heap Before: 43424
Trying: api.github.com:443...Connected!
-------
HTTP/1.1 403 Forbidden
-------

Heap After: 43424
Heap Before: 43424
Trying: api.github.com:443...Connected!
-------
HTTP/1.1 403 Forbidden
-------
@earlephilhower
Copy link
Collaborator

This is expected. BearSSL, when used, needs ~4.5KB of RAM as a private stack. It's allocated as soon as a BearSSL connection object is instantiated. Note, however, only a single 4.5K stack is needed no matter how many connections you use, so it's a 1-time payment.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@earlephilhower @kapyaar