Latest Core Breaks WiFiClientSecure Insecure HTTPS #4992
Description
Hardware:
Board: ESP32 Dev Module
Core Installation version: 1.0.6
IDE name: Platform.io
Flash Frequency: 40Mhz
PSRAM enabled: unsure
Upload Speed: PlatformIO default
Computer OS: Windows 10
Description:
WiFiClientSecure doesn't work when I upgrade to latest 1.0.6 Arduino Core (via PlatformIO Espressif32 3.2.0 Release). I'm not validating any certificates or thumbprints on the other end, just using it as insecure HTTPS. It works fine on 1.0.4 (via PlatformIO Espressif 3.0.0 Release), but breaks when upgrading to 1.0.6 (unsure if problem still exists in 1.0.5). I know that in 1.0.4 there is no .setInsecure() method, but that method has recently been added. I did try including that in my code, but that didn't make any recognizable difference.
I have so far traced it back to start_ssl_client() within ssl_client.cpp where it fails at the first check and returns -1, but haven't made it any further:
int start_ssl_client(sslclient_context *ssl_client, const char *host, uint32_t port, int timeout, const char *rootCABuff, const char *cli_cert, const char *cli_key, const char *pskIdent, const char *psKey, bool insecure)
{
char buf[512];
int ret, flags;
int enable = 1;
log_v("Free internal heap before TLS %u", ESP.getFreeHeap());
if (rootCABuff == NULL && pskIdent == NULL && psKey == NULL && !insecure) {
return -1; //***************It Fails Here**************************************
}
Sketch: (leave the backquotes for code formatting)
int httpCheck(char *domainName){
delay(5000);
WiFiClientSecure secureClient;
String requestString = "https://" + String(domainName) + "/";
secureClient.setTimeout(20000);
delay(0);
BWJ_DEBUG_PRINTLN_FLASH("Starting TCP Connect");
if(!secureClient.connect(domainName, uint16_t(443))){
delay(1000); //!!!!!!!!!!!! This is absolutely required. Works with only 100ms but put 1000ms for overkill. Lots of troubleshooting to find error in WiFiclientSecure that requires extra delay upon failed connection. Otherwise temporarily blocks interrupts or just Serial.println, or more. Unknown. 2-2-21
return -1;
}
delay(0);
HTTPClient http;
http.setTimeout(20000);
BWJ_DEBUG_PRINTLN_FLASH("Starting HTTP: Begin()");
http.begin(secureClient, requestString);
BWJ_DEBUG_PRINTLN_FLASH("Running GET()");
int httpResponseCode = http.GET();
if (httpResponseCode>0) {
BWJ_DEBUG_PRINT_FLASH("HTTP Response code: ");
BWJ_DEBUG_PRINTLN(httpResponseCode);
//String payload = http.getString();
}
else {
BWJ_DEBUG_PRINT_FLASH("Error code: ");
BWJ_DEBUG_PRINTLN(httpResponseCode);
}
http.end();
secureClient.stop();
return httpResponseCode;
}Debug Messages:
09:44:21.330 > [V][HTTPClient.cpp:245] beginInternal(): url: https://my.domain.name/stuff/moreStuff
09:44:21.464 > [D][HTTPClient.cpp:293] beginInternal(): protocol: https, host: my.domain.name port: 443 url: /stuff/moreStuff
09:44:23.667 > [D][HTTPClient.cpp:579] sendRequest(): request type: 'GET' redirCount: 0
09:44:23.737 >
09:44:23.737 > [V][ssl_client.cpp:59] start_ssl_client(): Free internal heap before TLS 259264
09:44:23.804 > [E][WiFiClientSecure.cpp:133] connect(): start_ssl_client: -1
09:44:23.867 > [V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection.
09:44:23.963 > [D][HTTPClient.cpp:1118] connect(): failed connect to my.domain.name:443
09:44:24.037 > [W][HTTPClient.cpp:1417] returnError(): error(-1): connection refused
09:44:24.130 > [E][HTTPUpdate.cpp:231] handleUpdate(): HTTP error: connection refused
09:44:24.204 >
09:44:24.204 > [D][HTTPClient.cpp:400] disconnect(): tcp is closed
09:44:24.267 >
09:44:24.267 > [V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection.
09:44:24.337 > [V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection.