HTTPS with MbedTLS requires too much RAM #3008
-
|
Hello, I'm using the mongoose web server version 7.8 with an STM32H753 micro. I need to add HTTPS and to do this I am using the MbedTLS library version 2.16.2. I am using an EC secp256r1 certificate. Following the tutorial, I added the mg_tls_init() call to the MG_EV_ACCEPT event, but the client opens many connections, and for each connection the mbedTLS library tries to allocate 16 KB for input buffers and 16 KB for output buffers. After a few connections my device runs out of memory and then the web interface stops working. I saw that in mbedtls_config.h it is possible to decrease the amount of RAM required, but it is suggested to change only that for the output (MBEDTLS_SSL_OUT_CONTENT_LEN) and even then the RAM required remains too much. How can I fix it ? It cannot be used this way. Thank you for any suggestion |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 1 reply
-
|
Mongoose is version 7.16 |
Beta Was this translation helpful? Give feedback.
-
|
Hello,
I am trying to update from 7.8 to 7.16
I have two questions:
1) I see that mg_mkpipe() has been removed. I suppose mg_wakeup_init()
and mg_wakeup() must be used instead. mg_wakeup() uses alloca() that it
seems on my system (IAR environment for STM32H753, FreeRTOS + LWIP) is not
present. What is the best way to replace it ? Simply define a local buffer
extended_buf inside mg_wakeup() ? Why to use alloca() ?
2) I need to upload files and I am using chunk field of
struct mg_http_message and MG_EV_HTTP_CHUNK that have been removed
(also mg_http_delete_chunk() there is prototype in Mongoose.h, but not the
implementation). I suppose I have to use now mg_http_upload(). Or can I
simply keep my implementation and replace chunk.ptt and chunk.len
with body.buf and body.len and MG_EV_HTTP_CHUNK with MG_EV_HTTP_MSG ?
Thank you
Il giorno lun 13 gen 2025 alle ore 22:43 Sergio R. Caprile <
***@***.***> ha scritto:
… Mongoose is version 7.16
We do not support past versions unless you are a paying customer, in which
case you need to contact Support as per your contract
"Too much" is subjective. "It cannot be used" is subjective. If your
application does not fit in your hardware, then you did not assess your
requirements properly.
TLS has a record size of 16KB, so any library will likely require at least
that. In any case, that is an MbedTLS requirement, not related to Mongoose.
The way to configure MbedTLS is not a Mongoose issue. Here's what concerns
to Mongoose https://mongoose.ws/documentation/#best-practices with
regards to memory usage and connection limiting
You can try our built-in TLS in recent releases.
—
Reply to this email directly, view it on GitHub
<#3008 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AYWJFCVCGWJCCZK4BYNU2BL2KQXPPAVCNFSM6AAAAABVDQQRVCVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTCOBSGUYDOOA>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
|
Please see our documentation, and follow the guidelines in our tutorials.
|
Beta Was this translation helpful? Give feedback.
Mongoose is version 7.16
We do not support past versions unless you are a paying customer, in which case you need to contact Support as per your contract
"Too much" is subjective. "It cannot be used" is subjective. If your application does not fit in your hardware, then you did not assess your requirements properly.
TLS has a record size of 16KB, so any library will likely require at least that. In any case, that is an MbedTLS requirement, not related to Mongoose. The way to configure MbedTLS is not a Mongoose issue. Here's what concerns to Mongoose https://mongoose.ws/documentation/#best-practices with regards to memory usage and connection limiting
You can try our built-in TLS in recent…