We have ported an app which was using OpenSSL to mbel TLS. The one issue with mbel TLS is the documentation which is far from complete and leaves details to assumption or exploration and risk of how things will change in future versions.
While we already ported, we still not clear on which initialization functions to be invoked one time and which initialization functions to be performed for every connections. Based on sample application, we are invoking following initialization functions for every connection.
mbedtls_ctr_drbg_init( &ctr_drbg );
mbedtls_net_init( &server_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_x509_crt_init( &ca );
mbedtls_entropy_init( &entropy );
Can someone comment if all these initialization functions to be invoked for every connection or some can be just one time only?
Thanks
If you follow the
ssl_pthread_serverexample, you will see that only thembedtls_ssl_contextshould be different per connection. The rest should be common for all connections, thus initiated once.Regards,
Mbed TLS Team member
Ron