SSL support

[lypanov]

I was wondering if any progress had been made yet on SSL support? Namely I just tried getting the nim_imap library working but getting horribly deep stack traces due to it's usage of wrapsocket -> nim's net lib -> openssl (ends up calling into dynlib to load up openssl dynamically I assume).

Any clue how I could fix this? I imagine I need to somehow replace the openssl wrapper? Would love to help!

[elcritch]

I haven't tried the Nim SSL wrappers. As you mention, they dynamically load openssl which isn't supported on the ESP32's. However, ESP32's do provide SSL in the ESP-IDF directly in ESP-TLS.

The most pragmatic approach would be to use the ESP32's native TLS library since it's specialized for embedded usage. You can use it directly by making a Nim wrapper of the C api. To use it with Nim's standard library you'd need to get the socket file descriptor created by the ESP-TLS library. It'd take a bit more work but would be much more usable.

To try and tie it into Nim's sockets, you'd need to use esp-tls to create a new TLS connection, then get the socket file descriptor. Looks like there's this esp-tls function:

 esp_err_t esp_tls_get_conn_sockfd(esp_tls_t *tls, int *sockfd)

Then figure out how to create a Nim Socket type using the file descriptor. Nim wraps socket file descriptors as the SocketHandle type. It looks like there's a proc in net to create a Nim socket wrapper. From that the rest should work with a bit of fiddling of the socket parameters.