Warnings and Errors when publishing wolfSSH Espressif Managed Component

[gojimmypi]

TL;DR: Better end-to-end build testing is needed for wolfSSL in the examples for various component configurations and versions. The wolfSSH 1.4.18 release has not yet been published as an Espressif ESP Registry Managed Component.

The current and most recent Managed Component version of wolfSSH is post-release version 1.4.17-preview1m5.

When attempting to publish the current wolfSSH 1.4.18 release, with ESP-IDF v5.7.2 and using the published wolfSSL Managed Component v5.7.2, the following warnings and errors were observed (example building is part of publishing script):

[ ... snip ... ]
Successfully created esp32 image.
Generated /mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/build/bootloader/bootloader.bin
[106/106] cd /mnt/c/workspace/wolfssl_scripts-gojimmypi/espr.../examples/wolfssh_echoserver/build/bootloader/bootloader.bin
Bootloader binary size 0x6810 bytes. 0x7f0 bytes (7%) free.
[904/1057] Building C object esp-idf/gojimmypi__mywolfssl/CMakeFiles/__idf_gojimmypi__mywolfssl.dir/src/ssl_load.c.obj
/mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/managed_components/gojimmypi__mywolfssl/src/ssl_load.c:56:10: warning: #warning ssl_load.c does not need to be compiled separately from ssl.c [-Wcpp]
   56 |         #warning ssl_load.c does not need to be compiled separately from ssl.c
      |          ^~~~~~~
[905/1057] Building C object esp-idf/gojimmypi__mywolfssl/CMakeFiles/__idf_gojimmypi__mywolfssl.dir/src/ssl_p7p12.c.obj
/mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/managed_components/gojimmypi__mywolfssl/src/ssl_p7p12.c:37:10: warning: #warning ssl_p7p12.c does not need to be compiled separately from ssl.c [-Wcpp]
   37 |         #warning ssl_p7p12.c does not need to be compiled separately from ssl.c
      |          ^~~~~~~
[906/1057] Building C object esp-idf/gojimmypi__mywolfssl/CMakeFiles/__idf_gojimmypi__mywolfssl.dir/src/ssl_sess.c.obj
/mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/managed_components/gojimmypi__mywolfssl/src/ssl_sess.c:31:10: warning: #warning ssl_sess.c does not need to be compiled separately from ssl.c [-Wcpp]
   31 |         #warning ssl_sess.c does not need to be compiled separately from ssl.c
      |          ^~~~~~~
[1024/1057] Building C object esp-idf/gojimmypi__mywolfssl/C...__mywolfssl.dir/wolfcrypt/src/port/Espressif/esp32_sha.c.obj
/mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/managed_components/gojimmypi__mywolfssl/wolfcrypt/src/port/Espressif/esp32_sha.c: In function 'esp_sha_hw_islocked':
/mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/managed_components/gojimmypi__mywolfssl/wolfcrypt/src/port/Espressif/esp32_sha.c:988:18: warning: unused variable 'mutexHolder' [-Wunused-variable]
  988 |     TaskHandle_t mutexHolder;
      |                  ^~~~~~~~~~~
/mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/managed_components/gojimmypi__mywolfssl/wolfcrypt/src/port/Espressif/esp32_sha.c: At top level:
/mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/managed_components/gojimmypi__mywolfssl/wolfcrypt/src/port/Espressif/esp32_sha.c:138:25: warning: 'sha_crit_sect' defined but not used [-Wunused-variable]
  138 |     static portMUX_TYPE sha_crit_sect = portMUX_INITIALIZER_UNLOCKED;
      |                         ^~~~~~~~~~~~~
[1042/1057] Building C object esp-idf/main/CMakeFiles/__idf_main.dir/main.c.obj
FAILED: esp-idf/main/CMakeFiles/__idf_main.dir/main.c.obj

As well as:

In file included from /mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/main/main.c:41:
/mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/main/include/wifi_connect.h:78: warning: "EXAMPLE_ESP_WIFI_SSID" redefined
   78 |         #define EXAMPLE_ESP_WIFI_SSID "MYSSID_WIFI_CONNECT"
      |
In file included from /mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/managed_components/gojimmypi__mywolfssl/wolfssl/wolfcrypt/settings.h:1072,
                 from /mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/managed_components/gojimmypi__mywolfssl/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h:28,
                 from /mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/main/include/main.h:30,
                 from /mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/main/main.c:21:
/mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/managed_components/gojimmypi__mywolfssl/wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h:124: note: this is the location of the previous definition
  124 |         #define EXAMPLE_ESP_WIFI_SSID CONFIG_EXAMPLE_WIFI_SSID
      |
/mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/main/include/wifi_connect.h:84: warning: "EXAMPLE_ESP_WIFI_PASS" redefined
   84 |         #define EXAMPLE_ESP_WIFI_PASS "MYPASSWORD_WIFI_CONNECT"
      |
/mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/managed_components/gojimmypi__mywolfssl/wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h:135: note: this is the location of the previous definition
  135 |         #define EXAMPLE_ESP_WIFI_PASS CONFIG_EXAMPLE_WIFI_PASSWORD
      |
In file included from /mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/main/main.c:42:
/mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/main/include/time_helper.h:40:5: error: conflicting types for 'set_time_from_string'; have 'int(char *)'
   40 | int set_time_from_string(char* time_buffer);
      |     ^~~~~~~~~~~~~~~~~~~~
/mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/managed_components/gojimmypi__mywolfssl/wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h:163:25: note: previous declaration of 'set_time_from_string' with type 'esp_err_t(const char *)' {aka 'int(const char *)'}
  163 | WOLFSSL_LOCAL esp_err_t set_time_from_string(const char* time_buffer);
      |                         ^~~~~~~~~~~~~~~~~~~~
[1050/1057] Building C object esp-idf/mywolfssh/CMakeFiles/__idf_mywolfssh.dir/src/internal.c.obj
ninja: build stopped: subcommand failed.
ninja failed with exit code 1, output of the command is in the /mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/build/log/idf_py_stderr_output_7598 and /mnt/c/workspace/wolfssl_scripts-gojimmypi/espressif/wolfssh-component-publish/examples/wolfssh_echoserver/build/log/idf_py_stdout_output_7598
Checking error code...

Failed to build ./examples/wolfssh_echoserver

Most of the warnings are easily resolved. Unfortunately these changes will need to be in a post-release update.

Of more interest is the set_time_from_string error. Common code throughout the wolfSSL examples was moved to a new library header called esp-sdk-lib.h. Currently the implementation is gated with USE_WOLFSSL_ESP_SDK_TIME but the header is not. This will need to be fixed.

The new USE_WOLFSSL_ESP_SDK_TIME macro and a minor example code change can resolve that time library problem. But as a managed component, the user_settings.h cannot be easily edited without converting the managed component to a regular component (somewhat defeating the value of managed components).

To use the new time library functions, enable USE_WOLFSSL_ESP_SDK_TIME in the wolfSSL user_settings.h or add this to the project root-level CMakeLists.txt file:

# Assume we have a ESP_ENABLE_WOLFSSH section in user_settings.h
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DUSE_WOLFSSL_ESP_SDK_TIME")

Fixing the time issue opens a can of worms of other issues, such as the ntp library not being found (e.g. #include <esp_netif_sntp.h>). The REQUIRES seems to now need an explicit reference to esp_netif (which contains the ntp library):

idf_component_register(
                       SRCS main.c echoserver.c wifi_connect.c
                       INCLUDE_DIRS "." "./include"
                       REQUIRES esp_netif wolfssh nvs_flash esp_netif protocol_examples_common esp_wifi)

This appears to be the case for either the prior time library code, or the newer wolfSSL code in version 5.2.2 of the ESP-IDF. The prior release of wolfSSH as a component was published with ESP-IDF v5.1.

Note also the new settings of nvs_flash , protocol_examples_common, and esp_wifi that are perhaps specific to ESP-IDF v5.2.2. Note in particular some of these names have changed over the course of time in the various ESP-IDF versions. More investigation is needed to ensure this code works with all supported versions of the ESP-IDF.

edit: for instance:

esp_netif_sntp.h was only added into v5.1. Please use "esp_sntp.h" on previous releases.

There's also missing updated support for staging components versions of wolfSSH, which are purposely renamed with a "my" prefix (e.g. mywolfssh) to help avoid staging components in production releases.

This is an overview of some of the issues I've encountered so far. Needless to say, the simple publishing of wolfSSH as a managed component is taking considerably longer than anticipated.