From 31496c1b1bfdb06012c885d5dd2382e9eb66ee74 Mon Sep 17 00:00:00 2001
From: gojimmypi <jim@wolfssl.com>
Date: Wed, 1 Oct 2025 10:47:51 -0700
Subject: [PATCH] feat(esp-tls): Update esp_tls for improved wolfssl support

---
 components/esp-tls/esp_tls.c | 16 +++++++++++++---
 components/esp-tls/esp_tls.h |  7 ++++++-
 2 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/components/esp-tls/esp_tls.c b/components/esp-tls/esp_tls.c
index e228809b12ce..88cddfba1603 100644
--- a/components/esp-tls/esp_tls.c
+++ b/components/esp-tls/esp_tls.c
@@ -134,7 +134,7 @@ static ssize_t tcp_write(esp_tls_t *tls, const char *data, size_t datalen)
 
 ssize_t esp_tls_conn_read(esp_tls_t *tls, void  *data, size_t datalen)
 {
-    if (!tls) {
+    if (!tls || !data) {
         return -1;
     }
     return tls->read(tls, (char *)data, datalen);
@@ -461,7 +461,10 @@ static inline esp_err_t tcp_connect(const char *host, int hostlen, int port, con
 
 static int esp_tls_low_level_conn(const char *hostname, int hostlen, int port, const esp_tls_cfg_t *cfg, esp_tls_t *tls)
 {
-
+    if (!tls) {
+        ESP_LOGE(TAG, "empty esp_tls parameter");
+        return -1;
+    }
     esp_err_t esp_ret;
     /* These states are used to keep a tab on connection progress in case of non-blocking connect,
     and in case of blocking connect these cases will get executed one after the other */
@@ -516,6 +519,7 @@ static int esp_tls_low_level_conn(const char *hostname, int hostlen, int port, c
             }
         }
         /* By now, the connection has been established */
+        ESP_LOGD(TAG, "\ncreate_ssl_handle for host: %s:%d\n", hostname, port);
         esp_ret = create_ssl_handle(hostname, hostlen, cfg, tls);
         if (esp_ret != ESP_OK) {
             ESP_LOGE(TAG, "create_ssl_handle failed");
@@ -715,11 +719,17 @@ int esp_tls_server_session_create(esp_tls_cfg_server_t *cfg, int sockfd, esp_tls
 /**
  * @brief      Close the server side TLS/SSL connection and free any allocated resources.
  */
+#ifdef CONFIG_ESP_TLS_USING_WOLFSSL
+int esp_tls_server_session_delete(esp_tls_t *tls)
+    {
+        return _esp_tls_server_session_delete(tls);
+    }
+#else
 void esp_tls_server_session_delete(esp_tls_t *tls)
 {
     return _esp_tls_server_session_delete(tls);
 }
-
+#endif
 ssize_t esp_tls_get_bytes_avail(esp_tls_t *tls)
 {
     return _esp_tls_get_bytes_avail(tls);
diff --git a/components/esp-tls/esp_tls.h b/components/esp-tls/esp_tls.h
index 4d2674033e97..18f5b08983de 100644
--- a/components/esp-tls/esp_tls.h
+++ b/components/esp-tls/esp_tls.h
@@ -19,6 +19,8 @@
 #include "mbedtls/ctr_drbg.h"
 #endif
 #elif CONFIG_ESP_TLS_USING_WOLFSSL
+/* ESP_TLS_HAS_WOLFSSL defined only for versions properly supporting wolfSSL */
+#define  ESP_TLS_HAS_WOLFSSL
 #include "wolfssl/wolfcrypt/settings.h"
 #include "wolfssl/ssl.h"
 #endif
@@ -774,8 +776,11 @@ int esp_tls_server_session_create(esp_tls_cfg_server_t *cfg, int sockfd, esp_tls
  *
  * @param[in]  tls  pointer to esp_tls_t
  */
+#ifdef CONFIG_ESP_TLS_USING_WOLFSSL
+int esp_tls_server_session_delete(esp_tls_t *tls);
+#else
 void esp_tls_server_session_delete(esp_tls_t *tls);
-
+#endif
 /**
  * @brief Creates a plain TCP connection, returning a valid socket fd on success or an error handle
  *