From cd237b59fc54c21f5d9096ec9a9c8fc947337bb2 Mon Sep 17 00:00:00 2001
From: Thomas Schaller <me@torkleyy.com>
Date: Fri, 23 Feb 2024 12:44:43 +0100
Subject: [PATCH] Also add for async version

---
 src/tls.rs | 33 +++++++++++++++++++++++++++++----
 1 file changed, 29 insertions(+), 4 deletions(-)

diff --git a/src/tls.rs b/src/tls.rs
index bdb84a422ce..06a1fa3da8f 100644
--- a/src/tls.rs
+++ b/src/tls.rs
@@ -517,11 +517,7 @@ mod esptls {
         ///
         /// # Errors
         ///
-        /// * `ESP_ERR_INVALID_SIZE` if `cfg.alpn_protos` exceeds 9 elements or avg 10 bytes/ALPN
         /// * `ESP_FAIL` if connection could not be established
-        /// * `ESP_TLS_ERR_SSL_WANT_READ` if the socket is in non-blocking mode and it is not ready for reading
-        /// * `ESP_TLS_ERR_SSL_WANT_WRITE` if the socket is in non-blocking mode and it is not ready for writing
-        /// * `EWOULDBLOCK` if the socket is in non-blocking mode and it is not ready either for reading or writing (a peculiarity/bug of the `esp-tls` C module)
         #[cfg(esp_idf_esp_tls_server)]
         pub fn negotiate_server(&mut self, cfg: &ServerConfig) -> Result<(), EspError> {
             let mut bufs = RawConfigBufs::default();
@@ -789,6 +785,35 @@ mod esptls {
             res
         }
 
+        /// Establish a TLS/SSL connection using the adopted connection, acting as the server.
+        ///
+        /// # Errors
+        ///
+        /// * `ESP_FAIL` if connection could not be established
+        #[cfg(esp_idf_esp_tls_server)]
+        pub fn negotiate_server(&mut self, cfg: &ServerConfig) -> Result<(), EspError> {
+            let mut bufs = RawConfigBufs::default();
+            let mut rcfg = cfg.try_into_raw(&mut bufs)?;
+
+            unsafe {
+                // FIXME: this isn't actually async, but esp-idf does not expose anything else.
+                // we would have to use various hacks to call mbedtls_ssl_handshake by ourself
+                let error =
+                    sys::esp_tls_server_session_create(&mut rcfg, self.socket.handle(), self.raw);
+                if error != 0 {
+                    log::error!("failed to create tls server session (error {error})");
+                    return Err(EspError::from_infallible::<ESP_FAIL>());
+                }
+            }
+            self.server_session = true;
+
+            // Make sure buffers are held long enough
+            #[allow(clippy::drop_non_drop)]
+            drop(bufs);
+
+            Ok(())
+        }
+
         /// Read in the supplied buffer. Returns the number of bytes read.
         pub async fn read(&self, buf: &mut [u8]) -> Result<usize, EspError> {
             loop {