From c9fa02c1b876db77794a7598746827c79e525956 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christopher=20M=C3=A9ndez?= <49886387+mcmchris@users.noreply.github.com> Date: Sat, 15 Nov 2025 11:34:17 -0400 Subject: [PATCH 1/3] Update SSLClient.cpp Added the support to define the m_iobuf size in the constructor. --- src/SSLClient.cpp | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/src/SSLClient.cpp b/src/SSLClient.cpp index 812662e..c1a4ecd 100644 --- a/src/SSLClient.cpp +++ b/src/SSLClient.cpp @@ -26,10 +26,13 @@ SSLClient::SSLClient( Client& client, const size_t trust_anchors_num, const int analog_pin, const size_t max_sessions, + const size_t buffer_size, const DebugLevel debug) : m_client(client) , m_sessions() , m_max_sessions(max_sessions) + , m_iobuf(nullptr) + , m_iobuf_size(buffer_size) , m_analog_pin(analog_pin) , m_debug(debug) , m_is_connected(false) @@ -37,15 +40,25 @@ SSLClient::SSLClient( Client& client, , m_br_last_state(0) { setTimeout(30*1000); + // Allocate buffer dynamically + m_iobuf = new unsigned char[m_iobuf_size]; // zero the iobuf just in case it's still garbage - memset(m_iobuf, 0, sizeof m_iobuf); + memset(m_iobuf, 0, m_iobuf_size); // initlalize the various bearssl libraries so they're ready to go when we connect br_client_init_TLS12_only(&m_sslctx, &m_x509ctx, trust_anchors, trust_anchors_num); // comment the above line and uncomment the line below if you're having trouble connecting over SSL // br_ssl_client_init_full(&m_sslctx, &m_x509ctx, m_trust_anchors, m_trust_anchors_num); // check if the buffer size is half or full duplex - constexpr auto duplex = sizeof m_iobuf <= BR_SSL_BUFSIZE_MONO ? 0 : 1; - br_ssl_engine_set_buffer(&m_sslctx.eng, m_iobuf, sizeof m_iobuf, duplex); + const auto duplex = m_iobuf_size <= BR_SSL_BUFSIZE_MONO ? 0 : 1; + br_ssl_engine_set_buffer(&m_sslctx.eng, m_iobuf, m_iobuf_size, duplex); +} + +/** + * @brief Destructor + * Frees the dynamically allocated m_iobuf. + */ +SSLClient::~SSLClient() { + delete[] m_iobuf; // Added destructor body } /* see SSLClient.h*/ @@ -719,4 +732,4 @@ void SSLClient::m_print_br_state(const unsigned state, const DebugLevel level) c if (state & BR_SSL_SENDAPP) Serial.println(" SENDAPP"); if (state & BR_SSL_RECVAPP) Serial.println(" RECVAPP"); } -} \ No newline at end of file +} From 60a3d2fe0a8bc33963f4e3359fe63f30b18b3b2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christopher=20M=C3=A9ndez?= <49886387+mcmchris@users.noreply.github.com> Date: Sat, 15 Nov 2025 11:39:07 -0400 Subject: [PATCH 2/3] Refactor m_iobuf to use dynamic memory allocation Changed m_iobuf from a fixed-size array to a pointer and added m_iobuf_size for dynamic memory management. --- src/SSLClient.h | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/src/SSLClient.h b/src/SSLClient.h index c0570e7..b068c0a 100644 --- a/src/SSLClient.h +++ b/src/SSLClient.h @@ -98,8 +98,15 @@ class SSLClient : public Client { const size_t trust_anchors_num, const int analog_pin, const size_t max_sessions = 1, + const size_t buffer_size = 2048, const DebugLevel debug = SSL_WARN); + /** + * @brief Destructor + * Frees the dynamically allocated m_iobuf. + */ + ~SSLClient(); + //======================================== //= Functions implemented in SSLClient.cpp //======================================== @@ -466,7 +473,8 @@ class SSLClient : public Client { * As a rule of thumb SSLClient will fail if it does not have at least 8000 bytes when starting a * connection. */ - unsigned char m_iobuf[2048]; + unsigned char* m_iobuf; + size_t m_iobuf_size; // store the index of where we are writing in the buffer // so we can send our records all at once to prevent // weird timing issues @@ -475,4 +483,4 @@ class SSLClient : public Client { unsigned m_br_last_state; }; -#endif /** SSLClient_H_ */ \ No newline at end of file +#endif /** SSLClient_H_ */ From 0d6beb002ac591645a6b6dfa72c78b0cf0785164 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christopher=20M=C3=A9ndez?= <49886387+mcmchris@users.noreply.github.com> Date: Sat, 15 Nov 2025 11:49:47 -0400 Subject: [PATCH 3/3] Add buffer_size parameter to SSLClient constructor Added buffer_size parameter to SSLClient constructor for improved flexibility. --- src/SSLClient.h | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/src/SSLClient.h b/src/SSLClient.h index b068c0a..99fafe6 100644 --- a/src/SSLClient.h +++ b/src/SSLClient.h @@ -91,6 +91,7 @@ class SSLClient : public Client { * @param trust_anchors_num The number of objects in the trust_anchors array. * @param analog_pin An analog pin to pull random bytes from, used in seeding the RNG. * @param max_sessions The maximum number of SSL sessions to store connection information from. + * @param buffer_size The size of the buffer used for SSL communication. * @param debug The level of debug logging (use the ::DebugLevel enum). */ explicit SSLClient( Client& client, @@ -101,6 +102,24 @@ class SSLClient : public Client { const size_t buffer_size = 2048, const DebugLevel debug = SSL_WARN); + + /** + * @brief ORIGINAL (6-argument) Constructor for backward compatibility. + * This calls the new 7-argument constructor, passing a default buffer size of 2048. + */ + explicit SSLClient( Client& client, + const br_x509_trust_anchor *trust_anchors, + const size_t trust_anchors_num, + const int analog_pin, + const size_t max_sessions = 1, + const DebugLevel debug = SSL_WARN) + // This is a "delegating constructor" + // It calls the main 7-argument constructor with the default buffer size + : SSLClient(client, trust_anchors, trust_anchors_num, analog_pin, max_sessions, 2048, debug) + { + // Body is empty, all work is done by the main constructor + } + /** * @brief Destructor * Frees the dynamically allocated m_iobuf.