Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Espressif Managed Component wolfSSL 5.7.4 post-release update #8251

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

gojimmypi
Copy link
Contributor

Description

This PR updates the Espressif examples and builds on the updates in #8076. Enclosed are changes essential for the wolfSSL Managed Component examples to work properly with the v5.7.4-stable release of wolfssl.

Primary changes are to CMakeLists.txt and sdkconfig.defaults. Only minor changes made to example code.

Note this PR is based on the bdd62314 release commit, and DOES NOT INCLUDE other wolfSSL post-release updates.

The result will be an as-published wolfSSL 5.7.4 with only the changes needed for Espressif example updates. See my pr-post-release-bdd62314-espressif branch.

In particular, this PR addresses the new esp-tls and Certificate Bundle Support features introduced in #7936 and the respective interaction with Managed Components.

As not all versions of the ESP-IDF support the new esp-tls integration with wolfSSL, all of the examples now have the settings disabled by default in the respective dkconfig.defaults files:

# CONFIG_ESP_TLS_USING_WOLFSSL=y
# CONFIG_TLS_STACK_WOLFSSL=y

See my ESP-IDF v5.3.1 work and the respective release for PlatformIO.

To use it with PlatformIO, adjust this line in the platformio.ini file:

platform_packages = framework-espidf @ https://github.com/gojimmypi/esp-idf/releases/download/v5.3.1.20240926c/esp-idf-v5.3.1.20240926c.zip

I have an example with my esp_http_client_example.

Other Changes

  • There are some corrections to cmake add_compile_definitions syntax.

  • Improved checks for Managed Component names (e.g. staging site user names & mywolfssl)

  • Adds new IS_GIT_REPO check to avoid attempts to glean attributes from non-git directories, such as those in Managed Component examples.

  • client-tls.c changed the NoPeerCheck != 0 to be information, not a warning.

  • TLS_SMP_CLIENT_TASK_BYTES bumped up to 10K default, rather than 8K.

  • sdk_init_meminfo(); is only disabled when available and DEBUG_WOLFSSL enabled.

  • The server example now gates out this_heap and stack_start variables not used as appropriate.

  • While testing and editing the cmake files, I also discovered instances of message("text") that were being sent to stderr.
    I replaced those with message(STATUS "text")

  • Various spelling corrections

  • Addresses zd# 18228

Testing

Much of the testing occurred with the staging instance under my user name.

At the moment, the staging site is giving me a "Bad Gateway" error.

See also the internal wolfSSL scripts. I've added additional diagnostics and automated testing.

Release

As of the date of this PR creation, the release wolfSSL Managed Component has NOT yet been published. I plan to publish preview releases soon.

Checklist

  • added tests
  • updated/added doxygen
  • updated appropriate READMEs
  • Updated manual and documentation

@gojimmypi gojimmypi self-assigned this Dec 4, 2024
Copy link
Contributor

@dgarske dgarske left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good otherwise.

.gitignore Outdated
# Autogenerated debug trace headers
wolfssl/debug-trace-error-codes.h
wolfssl/debug-untrace-error-codes.h
ctaocrypt/src/src/
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like you may have introduced CRLF into this file. Please resolve.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

During PR creation, there was no preview warning that there would be a merge conflict. There were petty changes needed so I tried to resolve them with the offered "edit in web" feature. That seems to have pulled in ALL of the changes from master in a new commit, which was specifically what I did not want.

I'm not sure how to proceed without adding a new commit to fix the CRLF from Visual Studio. I could close this one and start over? If I squash, all the specific changes will be lost and new changes included. Only my branch would then reflect the actual published code.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like you may have introduced CRLF into this file. Please resolve.

ok, @dgarske I'm getting better at recovering from git tangle.

I've fixed up this PR to exclude the problematic .gitignore, and two other petty files with only spell checks that were causing a merge conflict.

See additional PR comments, below.

@gojimmypi gojimmypi marked this pull request as draft December 4, 2024 18:20
@gojimmypi gojimmypi force-pushed the pr-post-release-bdd62314-espressif branch 3 times, most recently from 90b5d51 to 7cc156d Compare December 4, 2024 21:47
@gojimmypi gojimmypi force-pushed the pr-post-release-bdd62314-espressif branch from 7cc156d to 2b9cfac Compare December 4, 2024 21:54
@gojimmypi
Copy link
Contributor Author

The staging site is still giving me a Bad Gateway error:

https://components-staging.espressif.com/components/gojimmypi/mywolfssl/versions/5.7.2

I've published a 5.7.4-preview1a production release to:

https://components.espressif.com/components/wolfssl/wolfssl/versions/5.7.4-preview1a?language=en

I'll be doing some final checks and testing of those examples.

Awaiting this PR to be approved before publishing a final 5.7.4 Espressif Managed Component release.

@gojimmypi gojimmypi marked this pull request as ready for review December 4, 2024 23:51
@dgarske dgarske assigned wolfSSL-Bot and unassigned dgarske Dec 4, 2024
@gojimmypi gojimmypi marked this pull request as draft December 5, 2024 00:02
@gojimmypi
Copy link
Contributor Author

ugh. At least one of the examples is failing to compile despite numerous successful tests on the staging site.

Unable to test again on staging site today, perhaps I missed a change. This is what I see for the production preview:

WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.2
cd $WRK_IDF_PATH
. ./export.sh
cd /mnt/c/test
idf.py create-project-from-example "wolfssl/wolfssl^5.7.4-preview1a:wolfssl_client"
cd wolfssl_client
idf.py menuconfig
idf.py -p /dev/ttyS19 -b 115200 build flash monitor

results in

wolfssl_client/main/include/client-tls.h:27:10: fatal error: wolfssl/wolfcrypt/settings.h: No such file or directory
   27 | #include <wolfssl/wolfcrypt/settings.h>
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.

@dgarske I've reverted to draft, investigating....

@gojimmypi
Copy link
Contributor Author

ok, this does not seem to be a problem with with publish. It's not just a settings.h that cannot be found, the entire example managed_components directory is empty from the above example, with no wolfssl component.

image

The entire wolfSSL component source is however present in the dist\wolfssl_5.7.4-preview1a.tgz file that was assembled and uploaded:

image

This command should have populated the entire directory with both the example and the wolfssl component:

idf.py create-project-from-example "wolfssl/wolfssl^5.7.4-preview1a:wolfssl_client"

I suspect there's a component web site problem, particularly with the "gateway error" on the staging site. I'll reach out to Espressif for help. It may possibly be some other issue.

For reference, here's the idf_component.yml, the same as staging site, other than version ID string:

description: wolfSSL Embedded SSL/TLS Library
discussion: https://www.wolfssl.com/forums
documentation: https://www.wolfssl.com/documentation/manuals/wolfssl/index.html
files:
  exclude:
  - '**/*'
  - INSTALL.md
  - '*.py'
  - '**/*.list'
  - '**/.vs/**/*'
  - '**/build/**/*'
  - '**/dist/**/*'
  - '**/dist.bak/**/*'
  - '**/out/**/*'
  - '*.sh'
  - '*.bak'
  - sdkconfig
  - README_DIST.md
  - README_REGISTRY_PREPEND.md
  - README_STAGING_PREPEND.md
  - README_STAGING.md
  - ./src/sp_arm64.c
  - ./src/sp_armthumb.c
  - ./src/sp_x86_64.c
  - ./src/sp_arm32.c
  - ./src/sp_c32.c
  - ./src/sp_cortexm.c
  include:
  - ./README.md
  - ./LICENSE.txt
  - ./idf_component.yml
  - ./CMakeLists.txt
  - ./Kconfig
  - ./install_log.txt
  - ./src/**/*
  - ./include/**/*
  - ./wolfssl/**/*
  - ./wolfcrypt/**/*
  - ./examples/**/*
issues: https://github.com/wolfSSL/wolfssl/issues
repository: https://github.com/wolfSSL/wolfssl.git
url: https://www.wolfssl.com
version: 5.7.4-Preview1a

found here:

image

I will leave this PR in draft mode until fully resolved.

@gojimmypi
Copy link
Contributor Author

Additional information:

idf.py create-project-from-example "wolfssl/wolfssl^5.7.4-preview1a:wolfssl_client"
cd wolfssl_client

# NO managed_component directory exists

idf.py menuconfig

# managed_component directory exists

idf.py build

# managed_component directory is removed early in the build process

And sure enough, from the build log - note last lines:

Executing action: all (aliases: build)
Running ninja in directory /mnt/c/test/libtest/wolfssl_client/build
Executing "ninja all"...
[0/1] Re-running CMake...
-- Begin project wolfssl_client
-- Detected UNIX
-- Detected WSL
-- Detected Linux
-- Found PROTOCOL_EXAMPLES_DIR=/mnt/c/SysGCC/esp32/esp-idf/v5.2/examples/common_components/protocol_examples_common
-- USERNAME =
-- THIS_USER = gojimmypi
-- Checking for wolfSSL as Managed Component or not... /mnt/c/test/libtest/wolfssl_client
-- No conflicting wolfSSL components found as a Managed Component.
-- EXTRA_COMPONENT_DIRS WOLFSSL_PATH: /mnt/c/test/libtest/wolfssl_client/managed_components/wolfssl__wolfssl
-- git rev-parse returned 'fatal: not a git repository (or any parent up to mount point /mnt)
Stopping at filesystem boundary (GIT_DISCOVERY_ACROSS_FILESYSTEM not set).'
-- Could not use 'git describe' to determine PROJECT_VER.
-- Building ESP-IDF components for target esp32
Manifest files have changed, solving dependencies.
Using component placed at /mnt/c/test/libtest/wolfssl_client/managed_components/wolfssl__wolfssl for dependency wolfssl/wolfssl(^5.7.4-Preview1a), specified in /mnt/c/test/libtest/wolfssl_client/main/idf_component.yml
..Updating lock file at /mnt/c/test/libtest/wolfssl_client/dependencies.lock
Deleting 1 unused components
 wolfssl__wolfssl

None of the published wolfSSL cmake ever files remove the wolfSSL component.

This is what is in /mnt/c/test/libtest/wolfssl_client/main/idf_component.yml:

dependencies:
  idf:
    version: '>=4.1.0'
  wolfssl/wolfssl: ^5.7.4-Preview1a

This did not happen with the staging-components. I believe the prior production work fine. However, this does not seem to be limited to the new preview. The latest 5.7.2 Managed Component is exhibiting this behavior as well. I suspect it is in the ESP-IDF, and not the published component. Investigation continues....

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants