I'm trying to use WolfSSL on FREERTOS+TCP stack on STM32F4.

My secure socket test apllication (client side) running in single task now without problem. However, I will use two socket applications (with seperate TCP sockets) in different tasks at the same time. I think no problem about this.

Your documentation and sample applications are generally as follows:

- wolfSSL_Init()
- SSL_CTX_new(method)
- Load certificates
- connect TCP socket
- wolfSSL_set_fd (I'm using FREERTOS-TCP with #define USE_WOLFSSL_IO)
- wolfSSL_write() ....

when communication ends :
- wolfSSL_free(ssl);
- wolfSSL_CTX_free(ctx);
- wolfSSL_Cleanup();

Normally this flow is ok. But I don't want to run the first three procedures again whenever a connection is lost. (especially I don't want to reload the certificates, because my file system is running slowly and I don't want to keep it in memory as the memory is small)

My procedures as follows :

1. wolfSSL_Init()
2. SSL_CTX_new(method)
3. Load certificates

4. connect TCP socket
5. wolfSSL_set_fd (I'm using FREERTOS-TCP with #define USE_WOLFSSL_IO)
6. send/receive data

I check TCP connection in send/receive data state. if the TCP connection is broken, I close the existing TCP socket and jump to step 4. Also I return "WOLFSSL_CBIO_ERR_CONN_CLOSE" from EmbedSend() funtion to update error/link status to wolfSSL.

Normally this flow is ok. But if the TCP connection is broken while the ssl connection is active, things get complicated. I am having problems with the new tcp connection.

My logs is as follows:

DoHandShakeMsgType():0
DoHandShakeMsg():0
connect state: SECOND_REPLY_DONE
SSL_connect()
wolfSSL_negotiate:1
growing output buffer
BuildMessage
BuildMessage:0
FREERTOS send 39 bytes
Shrinking output buffer
SSL_write()
growing output buffer
BuildMessage
BuildMessage:0

//tcp connection break this point. Test SSL server closed TCP session here.
FREERTOS send error -128 socket:200269f8
SSL_write()
SSL_get_error
SSL_get_error:-397
SSL_shutdown()
SSL_shutdown():-1
disconnect tcp client

//now trying new tcp connection
TCP Client call IP:192.168.1.107 Port:35023
TCP Client connected 0 socket:20010bf8
SSL_set_fd
SSL_set_read_fd
SSL_set_write_fd
SSL_write()
output buffer was full, trying to send again
FREERTOS send 39 bytes
Shrinking output buffer
sent write buffered data
SSL_write()
growing output buffer
BuildMessage
BuildMessage:0
//tcp connection break this point. Test SSL server closed TCP session here.
FREERTOS send error -128 socket:20010bf8
selami conn closed
SSL_write()
SSL_get_error
SSL_get_error:-397
SSL_shutdown()
SSL_shutdown():-1
disconnect tcp client

wolfSSL stack is not trying to establish a new ssl connection/handshake, trying to continue the old connection. In my . I tried to end current SSL session with wolfSSL_shutdown(ssl) or wolfSSL_clear(ssl), but it did not help.

Is there any fuction or method to reset SSL session? (reset state machines and init buffers for new connection) Have I use wolfSSL_free+wolfSSL_CTX_free+wolfSSL_Cleanup() functions all the time? I plan to use multiple ssl object (multiple tcp and ssl connection) in same WOLFSSL_CTX. (becase of the memory limits) I don't want to break all connections just because of the problem in a tcp connection.

Thanks.