Also add for async version

src/tls.rs

@@ -517,11 +517,7 @@ mod esptls {
  ///
  /// # Errors
  ///
- /// * `ESP_ERR_INVALID_SIZE` if `cfg.alpn_protos` exceeds 9 elements or avg 10 bytes/ALPN
  /// * `ESP_FAIL` if connection could not be established
- /// * `ESP_TLS_ERR_SSL_WANT_READ` if the socket is in non-blocking mode and it is not ready for reading
- /// * `ESP_TLS_ERR_SSL_WANT_WRITE` if the socket is in non-blocking mode and it is not ready for writing
- /// * `EWOULDBLOCK` if the socket is in non-blocking mode and it is not ready either for reading or writing (a peculiarity/bug of the `esp-tls` C module)
  #[cfg(esp_idf_esp_tls_server)]
  pub fn negotiate_server(&mut self, cfg: &ServerConfig) -> Result<(), EspError> {
  let mut bufs = RawConfigBufs::default();
@@ -789,6 +785,35 @@ mod esptls {
  res
  }
 
+ /// Establish a TLS/SSL connection using the adopted connection, acting as the server.
+ ///
+ /// # Errors
+ ///
+ /// * `ESP_FAIL` if connection could not be established
+ #[cfg(esp_idf_esp_tls_server)]
+ pub fn negotiate_server(&mut self, cfg: &ServerConfig) -> Result<(), EspError> {
+ let mut bufs = RawConfigBufs::default();
+ let mut rcfg = cfg.try_into_raw(&mut bufs)?;
+
+ unsafe {
+ // FIXME: this isn't actually async, but esp-idf does not expose anything else.
+ // we would have to use various hacks to call mbedtls_ssl_handshake by ourself
+ let error =
+ sys::esp_tls_server_session_create(&mut rcfg, self.socket.handle(), self.raw);
+ if error != 0 {
+ log::error!("failed to create tls server session (error {error})");
+ return Err(EspError::from_infallible::<ESP_FAIL>());
+ }
+ }
+ self.server_session = true;
+
+ // Make sure buffers are held long enough
+ #[allow(clippy::drop_non_drop)]
+ drop(bufs);
+
+ Ok(())
+ }
+
  /// Read in the supplied buffer. Returns the number of bytes read.
  pub async fn read(&self, buf: &mut [u8]) -> Result<usize, EspError> {
  loop {