search

tobiasschuerg / InfluxDB-Client-for-Arduino

Simple library for sending measurements to an InfluxDB with a single network request. Supports ESP8266 and ESP32.
MIT License
380 stars 94 forks source link

Add setSSLVersion and setBufferSizes to setHTTPOptions to limit memory usage #230

Open se-fLa opened 6 months ago

se-fLa commented 6 months ago

Proposal: Add functions to set wifiClientSec->setSSLVersion() and wifiClientSec->setBufferSizes()

Would also like to be able to give a BearSSL::WiFiClientSecure so one can use multiple root certs

BearSSL::X509List trustedRoots_letsencrypt; // Holds our trusted root certs from Let's Encrypt
trustedRoots_letsencrypt.append(isrgrootx1);
trustedRoots_letsencrypt.append(isrg_root_x2);
xxx.setTrustAnchors(&trustedRoots_letsencrypt); // or set with HTTPOptions or in influxDbClient contructor as last argument

Current behavior: Crashes with out of memory OOM on 8266 / ESP12 unless buffer set to 512,512

Desired behavior: Possibility to configure bufferSizes for the BearSSL::WiFiClientSecure and also the SSL version. I added as a test/quick fix in ESP8266_Influxdb/src/HTTPService.cpp::HTTPService constructor

   36: wifiClientSec->setSSLVersion(BR_TLS12, BR_TLS12);
   37: wifiClientSec->setBufferSizes(512, 512);

and that solved my crashes and also writePoint works (only validateConnection() work without this fix, not writePoint())

Alternatives considered: Be able to provide own BearSSL::WiFiClientSecure object as HTTPOptions

Use case: Crashes out of memory on ESP12.

vlastahajek commented 5 months ago

@se-fLa, nice suggestion, thanks. MFLN procedure sets buffer sizes to 1024, when confirmed. So, when I allow overriding the MFN result, e.g. set small buffers, in your case, will 1024 buffer size also work? Or, as you wrote, only 512B works for you?