diff --git a/CMakeLists.txt b/CMakeLists.txt
index b2d3c03f..fbe7d05d 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -160,6 +160,7 @@ if (LWS_WITH_ESP8266)
  set(LWS_HAVE_MALLOC 1)
  set(LWS_HAVE_REALLOC 1)
  set(LWS_HAVE_GETIFADDRS 1)
+ set(LWS_WITH_ZIP_FOPS 0)
 endif()
 
 if (LWS_WITH_ESP32)
@@ -169,6 +170,7 @@ if (LWS_WITH_ESP32)
  # set(LWS_WITHOUT_CLIENT ON)
  set(LWS_WITHOUT_TESTAPPS ON)
  set(LWS_WITHOUT_EXTENSIONS ON)
+ set(LWS_WITHOUT_CLIENT ON)
  set(LWS_WITH_PLUGINS OFF)
  set(LWS_WITH_RANGES ON)
  # this implies no pthreads in the lib
@@ -176,6 +178,7 @@ if (LWS_WITH_ESP32)
  set(LWS_HAVE_MALLOC 1)
  set(LWS_HAVE_REALLOC 1)
  set(LWS_HAVE_GETIFADDRS 1)
+ set(LWS_WITH_ZIP_FOPS 0)
 endif()
 
 
@@ -245,7 +248,9 @@ endif()
 if (LWS_WITH_SSL AND NOT LWS_USE_WOLFSSL)
 	if ("${LWS_OPENSSL_LIBRARIES}" STREQUAL "" OR "${LWS_OPENSSL_INCLUDE_DIRS}" STREQUAL "")
 	else()
-		set(OPENSSL_LIBRARIES ${LWS_OPENSSL_LIBRARIES})
+		if (NOT LWS_WITH_ESP32)
+			set(OPENSSL_LIBRARIES ${LWS_OPENSSL_LIBRARIES})
+		endif()
 		set(OPENSSL_INCLUDE_DIRS ${LWS_OPENSSL_INCLUDE_DIRS})
 		set(OPENSSL_FOUND 1)
 	endif()
@@ -886,15 +891,21 @@ if (LWS_WITH_SSL)
 	if (NOT chose_ssl)
 		if (NOT OPENSSL_FOUND AND NOT LWS_USE_BORINGSSL)
 			# TODO: Add support for STATIC also.
+		if (NOT LWS_WITH_ESP32)
 			find_package(OpenSSL REQUIRED)
+		endif()
 			set(OPENSSL_INCLUDE_DIRS "${OPENSSL_INCLUDE_DIR}")
 		endif()
 
 		message("OpenSSL include dir: ${OPENSSL_INCLUDE_DIRS}")
-		message("OpenSSL libraries: ${OPENSSL_LIBRARIES}")
+		if (NOT LWS_WITH_ESP32)
+			message("OpenSSL libraries: ${OPENSSL_LIBRARIES}")
+		endif()
 
 		include_directories("${OPENSSL_INCLUDE_DIRS}")
-		list(APPEND LIB_LIST ${OPENSSL_LIBRARIES})
+		if (NOT LWS_WITH_ESP32)
+			list(APPEND LIB_LIST ${OPENSSL_LIBRARIES})
+		endif()
 
 	# older (0.98) Openssl lacks this
 	set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIRS})
@@ -989,6 +1000,93 @@ configure_file(
        "${PROJECT_SOURCE_DIR}/lws_config_private.h.in"
        "${PROJECT_BINARY_DIR}/lws_config_private.h")
 
+# Generate self-signed SSL certs for the test-server.
+
+if (LWS_WITH_SSL AND NOT LWS_USE_WOLFSSL)
+	message("Searching for OpenSSL executable and dlls")
+	find_package(OpenSSLbins)
+	message("OpenSSL executable: ${OPENSSL_EXECUTABLE}")
+	if (OPENSSL_EXECUTABLE MATCHES "^$")
+		set(OPENSSL_EXECUTABLE openssl)
+	endif()
+	if (NOT OPENSSL_EXECUTABLE)
+		set(OPENSSL_EXECUTABLE openssl)
+	endif()
+
+endif()
+
+set(GENCERTS 0)
+
+if (LWS_WITH_SSL AND OPENSSL_EXECUTABLE AND NOT LWS_WITHOUT_TEST_SERVER)
+	set(GENCERTS 1)
+endif()
+if (LWS_WITH_ESP32)
+	set(GENCERTS 1)
+endif()
+message(" GENCERTS = ${GENCERTS}")
+if (GENCERTS)
+	message("Generating SSL Certificates for the test-server...")
+
+	set(TEST_SERVER_SSL_KEY "${PROJECT_BINARY_DIR}/libwebsockets-test-server.key.pem")
+	set(TEST_SERVER_SSL_CERT "${PROJECT_BINARY_DIR}/libwebsockets-test-server.pem")
+
+	if (WIN32)
+		if (MINGW)
+			message("cmd = \"${OPENSSL_EXECUTABLE}\" req -new -newkey rsa:1024 -days 10000 -nodes -x509 -subj \"/C=GB/ST=Erewhon/L=All around/O=libwebsockets-test/CN=localhost\" -keyout \"${TEST_SERVER_SSL_KEY}\" -out \"${TEST_SERVER_SSL_CERT}\"")
+			execute_process(
+				COMMAND "${OPENSSL_EXECUTABLE}" req -new -newkey rsa:1024 -days 10000 -nodes -x509 -subj "/C=GB/ST=Erewhon/L=All around/O=libwebsockets-test/CN=localhost" -keyout "${TEST_SERVER_SSL_KEY}" -out "${TEST_SERVER_SSL_CERT}"
+				RESULT_VARIABLE OPENSSL_RETURN_CODE)
+		else()
+			file(WRITE "${PROJECT_BINARY_DIR}/openssl_input.txt"
+				"GB\n"
+				"Erewhon\n"
+				"All around\n"
+				"libwebsockets-test\n"
+				"localhost\n"
+				"none@invalid.org\n\n"
+				)
+
+			# The "type" command is a bit picky with paths.
+			file(TO_NATIVE_PATH "${PROJECT_BINARY_DIR}/openssl_input.txt" OPENSSL_INPUT_WIN_PATH)
+			message("OPENSSL_INPUT_WIN_PATH = ${OPENSSL_INPUT_WIN_PATH}")
+			message("cmd = \"${OPENSSL_EXECUTABLE}\" req -new -newkey rsa:1024 -days 10000 -nodes -x509 -keyout \"${TEST_SERVER_SSL_KEY}\" -out \"${TEST_SERVER_SSL_CERT}\"")
+
+			execute_process(
+				COMMAND cmd /c type "${OPENSSL_INPUT_WIN_PATH}"
+				COMMAND "${OPENSSL_EXECUTABLE}" req -new -newkey rsa:1024 -days 10000 -nodes -x509 -keyout "${TEST_SERVER_SSL_KEY}" -out "${TEST_SERVER_SSL_CERT}"
+				RESULT_VARIABLE OPENSSL_RETURN_CODE
+				OUTPUT_QUIET ERROR_QUIET)
+
+			message("\n")
+		endif()
+
+		if (OPENSSL_RETURN_CODE)
+			message(WARNING "!!! Failed to generate SSL certificate for Test Server using cmd.exe !!!:\nOpenSSL return code = ${OPENSSL_RETURN_CODE}")
+		else()
+			message("SUCCSESFULLY generated SSL certificate")
+		endif()
+	else()
+		# Unix.
+		execute_process(
+			COMMAND printf "GB\\nErewhon\\nAll around\\nlibwebsockets-test\\n\\nlocalhost\\nnone@invalid.org\\n"
+			COMMAND "${OPENSSL_EXECUTABLE}"
+				req -new -newkey rsa:1024 -days 10000 -nodes -x509 -keyout "${TEST_SERVER_SSL_KEY}" -out "${TEST_SERVER_SSL_CERT}"
+			RESULT_VARIABLE OPENSSL_RETURN_CODE
+			OUTPUT_QUIET ERROR_QUIET)
+
+		if (OPENSSL_RETURN_CODE)
+			message(WARNING "!!! Failed to generate SSL certificate for Test Server!!!:\nOpenSSL return code = ${OPENSSL_RETURN_CODE}")
+		else()
+			message("SUCCESSFULLY generated SSL certificate")
+		endif()
+	endif()
+
+	list(APPEND TEST_SERVER_DATA 
+		"${TEST_SERVER_SSL_KEY}"
+		"${TEST_SERVER_SSL_CERT}")
+endif()
+
+
 
 
 #
@@ -1069,12 +1167,6 @@ if (NOT LWS_WITHOUT_TESTAPPS)
 		list(APPEND TEST_APP_LIST ${TEST_NAME})
 	endmacro()
 
-	if (LWS_WITH_SSL AND NOT LWS_USE_WOLFSSL)
-		message("Searching for OpenSSL executable and dlls")
-		find_package(OpenSSLbins)
-		message("OpenSSL executable: ${OPENSSL_EXECUTABLE}")
-	endif()
-
 	if (UNIX AND LWS_WITH_PLUGINS)
 		set(CMAKE_C_FLAGS "-fPIC ${CMAKE_C_FLAGS}")
 		if(NOT(${CMAKE_SYSTEM_NAME} MATCHES "FreeBSD"))
@@ -1082,6 +1174,9 @@ if (NOT LWS_WITHOUT_TESTAPPS)
 		endif()
 	endif()
 
+
+
+
 	if (NOT LWS_WITHOUT_SERVER)
 		#
 		# test-server
@@ -1179,69 +1274,6 @@ if (NOT LWS_WITHOUT_TESTAPPS)
 			"${PROJECT_SOURCE_DIR}/test-server/lws-common.js"
 			"${PROJECT_SOURCE_DIR}/test-server/test.html")
 
-		# Generate self-signed SSL certs for the test-server.
-		if (LWS_WITH_SSL AND OPENSSL_EXECUTABLE AND NOT LWS_WITHOUT_TEST_SERVER)
-			message("Generating SSL Certificates for the test-server...")
-
-			set(TEST_SERVER_SSL_KEY "${PROJECT_BINARY_DIR}/libwebsockets-test-server.key.pem")
-			set(TEST_SERVER_SSL_CERT "${PROJECT_BINARY_DIR}/libwebsockets-test-server.pem")
-
-			if (WIN32)
-				if (MINGW)
-					message("cmd = \"${OPENSSL_EXECUTABLE}\" req -new -newkey rsa:1024 -days 10000 -nodes -x509 -subj \"/C=GB/ST=Erewhon/L=All around/O=libwebsockets-test/CN=localhost\" -keyout \"${TEST_SERVER_SSL_KEY}\" -out \"${TEST_SERVER_SSL_CERT}\"")
-					execute_process(
-						COMMAND "${OPENSSL_EXECUTABLE}" req -new -newkey rsa:1024 -days 10000 -nodes -x509 -subj "/C=GB/ST=Erewhon/L=All around/O=libwebsockets-test/CN=localhost" -keyout "${TEST_SERVER_SSL_KEY}" -out "${TEST_SERVER_SSL_CERT}"
-						RESULT_VARIABLE OPENSSL_RETURN_CODE)
-				else()
-					file(WRITE "${PROJECT_BINARY_DIR}/openssl_input.txt"
-						"GB\n"
-						"Erewhon\n"
-						"All around\n"
-						"libwebsockets-test\n"
-						"localhost\n"
-						"none@invalid.org\n\n"
-						)
-
-					# The "type" command is a bit picky with paths.
-					file(TO_NATIVE_PATH "${PROJECT_BINARY_DIR}/openssl_input.txt" OPENSSL_INPUT_WIN_PATH)
-					message("OPENSSL_INPUT_WIN_PATH = ${OPENSSL_INPUT_WIN_PATH}")
-					message("cmd = \"${OPENSSL_EXECUTABLE}\" req -new -newkey rsa:1024 -days 10000 -nodes -x509 -keyout \"${TEST_SERVER_SSL_KEY}\" -out \"${TEST_SERVER_SSL_CERT}\"")
-
-					execute_process(
-						COMMAND cmd /c type "${OPENSSL_INPUT_WIN_PATH}"
-						COMMAND "${OPENSSL_EXECUTABLE}" req -new -newkey rsa:1024 -days 10000 -nodes -x509 -keyout "${TEST_SERVER_SSL_KEY}" -out "${TEST_SERVER_SSL_CERT}"
-						RESULT_VARIABLE OPENSSL_RETURN_CODE
-						OUTPUT_QUIET ERROR_QUIET)
-
-					message("\n")
-				endif()
-
-				if (OPENSSL_RETURN_CODE)
-					message(WARNING "!!! Failed to generate SSL certificate for Test Server using cmd.exe !!!:\nOpenSSL return code = ${OPENSSL_RETURN_CODE}")
-				else()
-					message("SUCCSESFULLY generated SSL certificate")
-				endif()
-			else()
-				# Unix.
-				execute_process(
-					COMMAND printf "GB\\nErewhon\\nAll around\\nlibwebsockets-test\\n\\nlocalhost\\nnone@invalid.org\\n"
-					COMMAND "${OPENSSL_EXECUTABLE}"
-						req -new -newkey rsa:1024 -days 10000 -nodes -x509 -keyout "${TEST_SERVER_SSL_KEY}" -out "${TEST_SERVER_SSL_CERT}"
-					RESULT_VARIABLE OPENSSL_RETURN_CODE
-					OUTPUT_QUIET ERROR_QUIET)
-
-				if (OPENSSL_RETURN_CODE)
-					message(WARNING "!!! Failed to generate SSL certificate for Test Server!!!:\nOpenSSL return code = ${OPENSSL_RETURN_CODE}")
-				else()
-					message("SUCCESSFULLY generated SSL certificate")
-				endif()
-			endif()
-
-			list(APPEND TEST_SERVER_DATA 
-				"${TEST_SERVER_SSL_KEY}"
-				"${TEST_SERVER_SSL_CERT}")
-		endif()
-
 		add_custom_command(TARGET test-server
 						POST_BUILD 
 						COMMAND "${CMAKE_COMMAND}" -E make_directory "$<TARGET_FILE_DIR:test-server>/../share/libwebsockets-test-server")
diff --git a/component.mk b/component.mk
index a61649f2..7617999d 100644
--- a/component.mk
+++ b/component.mk
@@ -20,6 +20,8 @@ build:
 		-DCMAKE_TOOLCHAIN_FILE=$(COMPONENT_PATH)/cross-esp32.cmake \
 		-DCMAKE_BUILD_TYPE=RELEASE \
 		-DLWS_WITH_NO_LOGS=0 \
+		-DOPENSSL_INCLUDE_DIR=${COMPONENT_PATH}/../openssl/include \
+		-DOPENSSL_LIBRARIES=x \
 		-DLWS_WITH_ESP32=1 ;\
 	make VERBOSE=1 && \
 	cp ${COMPONENT_BUILD_DIR}/lib/libwebsockets.a ${COMPONENT_BUILD_DIR}/liblibwebsockets.a
diff --git a/lib/context.c b/lib/context.c
index 379e8f9b..1958a099 100644
--- a/lib/context.c
+++ b/lib/context.c
@@ -634,11 +634,11 @@ lws_create_context(struct lws_context_creation_info *info)
 
 	/* default to just the platform fops implementation */
 
-	context->fops_platform.open		= _lws_plat_file_open;
-	context->fops_platform.close		= _lws_plat_file_close;
-	context->fops_platform.seek_cur		= _lws_plat_file_seek_cur;
-	context->fops_platform.read		= _lws_plat_file_read;
-	context->fops_platform.write		= _lws_plat_file_write;
+	context->fops_platform.LWS_FOP_OPEN	= _lws_plat_file_open;
+	context->fops_platform.LWS_FOP_CLOSE	= _lws_plat_file_close;
+	context->fops_platform.LWS_FOP_SEEK_CUR	= _lws_plat_file_seek_cur;
+	context->fops_platform.LWS_FOP_READ	= _lws_plat_file_read;
+	context->fops_platform.LWS_FOP_WRITE	= _lws_plat_file_write;
 	context->fops_platform.fi[0].sig	= NULL;
 
 	/*
diff --git a/lib/libwebsockets.c b/lib/libwebsockets.c
index d03e740c..c98e60ba 100755
--- a/lib/libwebsockets.c
+++ b/lib/libwebsockets.c
@@ -993,9 +993,9 @@ lws_callback_vhost_protocols(struct lws *wsi, int reason, void *in, int len)
 }
 
 LWS_VISIBLE LWS_EXTERN void
-lws_set_fops(struct lws_context *context, struct lws_plat_file_ops *fops)
+lws_set_fops(struct lws_context *context, const struct lws_plat_file_ops *fops)
 {
-	memcpy(&context->fops, fops, sizeof *fops);
+	context->fops = fops;
 }
 
 LWS_VISIBLE LWS_EXTERN lws_filepos_t
@@ -1020,9 +1020,9 @@ LWS_VISIBLE lws_fileofs_t
 lws_vfs_file_seek_set(lws_fop_fd_t fop_fd, lws_fileofs_t offset)
 {
 	lws_fileofs_t ofs;
-	lwsl_debug("%s: seeking to %ld, len %ld\n", __func__, offset, fop_fd->len);
+	lwsl_debug("%s: seeking to %ld, len %ld\n", __func__, (long)offset, (long)fop_fd->len);
 	ofs = fop_fd->fops->LWS_FOP_SEEK_CUR(fop_fd, offset - fop_fd->pos);
-	lwsl_debug("%s: result %ld, fop_fd pos %ld\n", __func__, ofs, fop_fd->pos);
+	lwsl_debug("%s: result %ld, fop_fd pos %ld\n", __func__, (long)ofs, (long)fop_fd->pos);
 	return ofs;
 }
 
@@ -1054,7 +1054,7 @@ lws_vfs_select_fops(const struct lws_plat_file_ops *fops, const char *vfs_path,
 	 * handled by a specific fops
 	 */
 
-	while (*p) {
+	while (p && *p) {
 		if (*p != '/') {
 			p++;
 			continue;
@@ -1086,7 +1086,7 @@ LWS_VISIBLE LWS_EXTERN lws_fop_fd_t LWS_WARN_UNUSED_RESULT
 lws_vfs_file_open(const struct lws_plat_file_ops *fops, const char *vfs_path,
 		  lws_fop_flags_t *flags)
 {
-	const char *vpath;
+	const char *vpath = "";
 	const struct lws_plat_file_ops *selected = lws_vfs_select_fops(
 			fops, vfs_path, &vpath);
 
diff --git a/lib/libwebsockets.h b/lib/libwebsockets.h
index ffdcc842..cfe403b0 100644
--- a/lib/libwebsockets.h
+++ b/lib/libwebsockets.h
@@ -182,19 +182,10 @@ struct sockaddr_in;
 #include <wolfssl/error-ssl.h>
 #endif /* not USE_OLD_CYASSL */
 #else
-#if defined(LWS_USE_POLARSSL)
-#include <polarssl/ssl.h>
-struct lws_polarssl_context {
-	x509_crt ca; /**< ca */
-	x509_crt certificate; /**< cert */
-	rsa_context key; /**< key */
-};
-typedef struct lws_polarssl_context SSL_CTX;
-typedef ssl_context SSL;
-#else
 #include <openssl/ssl.h>
+#if !defined(LWS_WITH_ESP32)
 #include <openssl/err.h>
-#endif /* not USE_POLARSSL */
+#endif
 #endif /* not USE_WOLFSSL */
 #endif
 
@@ -455,7 +446,7 @@ static inline void uv_timer_stop(uv_timer_t *t)
 #if defined(LWS_WITH_ESP32)
 
 typedef int lws_sockfd_type;
-typedef void * lws_filefd_type;
+typedef int lws_filefd_type;
 #define lws_sockfd_valid(sfd) (sfd >= 0)
 struct pollfd {
 	lws_sockfd_type fd; /**< fd related to */
@@ -4398,7 +4389,7 @@ struct lws_plat_file_ops {
 LWS_VISIBLE LWS_EXTERN struct lws_plat_file_ops * LWS_WARN_UNUSED_RESULT
 lws_get_fops(struct lws_context *context);
 LWS_VISIBLE LWS_EXTERN void
-lws_set_fops(struct lws_context *context, struct lws_plat_file_ops *fops);
+lws_set_fops(struct lws_context *context, const struct lws_plat_file_ops *fops);
 /**
  * lws_vfs_tell() - get current file position
  *
diff --git a/lib/lws-plat-esp32.c b/lib/lws-plat-esp32.c
index e858b5a6..b706cf64 100644
--- a/lib/lws-plat-esp32.c
+++ b/lib/lws-plat-esp32.c
@@ -1,6 +1,6 @@
 #include "private-libwebsockets.h"
 #include "freertos/timers.h"
-
+#include <esp_attr.h>
 /*
  * included from libwebsockets.c for unix builds
  */
@@ -395,8 +395,8 @@ lws_plat_inet_ntop(int af, const void *src, char *dst, int cnt)
 	return inet_ntop(af, src, dst, cnt);
 }
 
-LWS_VISIBLE lws_fop_fd_t
-_lws_plat_file_open(struct lws_plat_file_ops *fops, const char *filename,
+LWS_VISIBLE lws_fop_fd_t IRAM_ATTR
+_lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename,
 		    const char *vpath, lws_fop_flags_t *flags)
 {
 	struct stat stat_buf;
@@ -407,6 +407,7 @@ _lws_plat_file_open(struct lws_plat_file_ops *fops, const char *filename,
 		return NULL;
 
 	if (fstat(ret, &stat_buf) < 0)
+		goto bail;
 
 	fop_fd = malloc(sizeof(*fop_fd));
 	if (!fop_fd)
@@ -427,7 +428,7 @@ bail:
 	return NULL;
 }
 
-LWS_VISIBLE int
+LWS_VISIBLE int IRAM_ATTR
 _lws_plat_file_close(lws_fop_fd_t *fops_fd)
 {
 	int fd = (*fops_fd)->fd;
@@ -438,13 +439,13 @@ _lws_plat_file_close(lws_fop_fd_t *fops_fd)
 	return close(fd);
 }
 
-LWS_VISIBLE lws_fileofs_t
+LWS_VISIBLE lws_fileofs_t IRAM_ATTR
 _lws_plat_file_seek_cur(lws_fop_fd_t fops_fd, lws_fileofs_t offset)
 {
 	return lseek(fops_fd->fd, offset, SEEK_CUR);
 }
 
-LWS_VISIBLE int
+LWS_VISIBLE int IRAM_ATTR
 _lws_plat_file_read(lws_fop_fd_t fops_fd, lws_filepos_t *amount,
 		    uint8_t *buf, lws_filepos_t len)
 {
@@ -455,13 +456,13 @@ _lws_plat_file_read(lws_fop_fd_t fops_fd, lws_filepos_t *amount,
 		*amount = 0;
 		return -1;
 	}
-	fop_fd->pos += n;
+	fops_fd->pos += n;
 	*amount = n;
 
 	return 0;
 }
 
-LWS_VISIBLE int
+LWS_VISIBLE int IRAM_ATTR
 _lws_plat_file_write(lws_fop_fd_t fops_fd, lws_filepos_t *amount,
 		     uint8_t *buf, lws_filepos_t len)
 {
@@ -472,7 +473,7 @@ _lws_plat_file_write(lws_fop_fd_t fops_fd, lws_filepos_t *amount,
 		*amount = 0;
 		return -1;
 	}
-	fop_fd->pos += n;
+	fops_fd->pos += n;
 	*amount = n;
 
 	return 0;
@@ -511,3 +512,19 @@ LWS_VISIBLE void esp32_uvtimer_cb(TimerHandle_t t)
 	p->cb(p->t);
 }
 
+void ERR_error_string_n(unsigned long e, char *buf, size_t len)
+{
+	strncpy(buf, "unknown", len);
+}
+
+void ERR_free_strings(void)
+{
+}
+
+char *ERR_error_string(unsigned long e, char *buf)
+{
+	if (buf)
+		strcpy(buf, "unknown");
+
+	return "unknown";
+}
diff --git a/lib/private-libwebsockets.h b/lib/private-libwebsockets.h
index b0b59470..7d73d380 100644
--- a/lib/private-libwebsockets.h
+++ b/lib/private-libwebsockets.h
@@ -262,6 +262,7 @@ lws_plat_get_peer_simple(struct lws *wsi, char *name, int namelen);
 #endif /* not USE_OLD_CYASSL */
 #else
 #include <openssl/ssl.h>
+#if !defined(LWS_WITH_ESP32)
 #include <openssl/evp.h>
 #include <openssl/err.h>
 #include <openssl/md5.h>
@@ -270,7 +271,7 @@ lws_plat_get_peer_simple(struct lws *wsi, char *name, int namelen);
 #include <openssl/ecdh.h>
 #endif
 #include <openssl/x509v3.h>
-
+#endif
 #if (OPENSSL_VERSION_NUMBER < 0x0009080afL)
 /* later openssl defines this to negate the presence of tlsext... but it was only
  * introduced at 0.9.8j.  Earlier versions don't know it exists so don't
@@ -2000,6 +2001,8 @@ lws_plat_inet_ntop(int af, const void *src, char *dst, int cnt);
 
 LWS_EXTERN int LWS_WARN_UNUSED_RESULT
 lws_check_utf8(unsigned char *state, unsigned char *buf, size_t len);
+LWS_EXTERN int alloc_file(struct lws_context *context, const char *filename, uint8_t **buf,
+		                lws_filepos_t *amount);
 
 #ifdef __cplusplus
 };
diff --git a/lib/server.c b/lib/server.c
index 35eb753a..3c2e4982 100644
--- a/lib/server.c
+++ b/lib/server.c
@@ -349,10 +349,11 @@ lws_http_serve(struct lws *wsi, char *uri, const char *origin,
 {
 	const struct lws_protocol_vhost_options *pvo = m->interpret;
 	struct lws_process_html_args args;
-	const char *mimetype, *vpath;
+	const char *mimetype;
 #if !defined(_WIN32_WCE) && !defined(LWS_WITH_ESP8266) && \
     !defined(LWS_WITH_ESP32)
 	const struct lws_plat_file_ops *fops;
+	const char *vpath;
 	lws_fop_flags_t fflags = LWS_O_RDONLY;
 	struct stat st;
 	int spin = 0;
@@ -360,17 +361,18 @@ lws_http_serve(struct lws *wsi, char *uri, const char *origin,
 	char path[256], sym[512];
 	unsigned char *p = (unsigned char *)sym + 32 + LWS_PRE, *start = p;
 	unsigned char *end = p + sizeof(sym) - 32 - LWS_PRE;
-#if !defined(WIN32) && LWS_POSIX
+#if !defined(WIN32) && LWS_POSIX && !defined(LWS_WITH_ESP32)
 	size_t len;
 #endif
 	int n;
 
 	lws_snprintf(path, sizeof(path) - 1, "%s/%s", origin, uri);
 
-	fflags |= lws_vfs_prepare_flags(wsi);
-
 #if !defined(_WIN32_WCE) && !defined(LWS_WITH_ESP8266) && \
     !defined(LWS_WITH_ESP32)
+
+	fflags |= lws_vfs_prepare_flags(wsi);
+
 	do {
 		spin++;
 		fops = lws_vfs_select_fops(wsi->context->fops, path, &vpath);
@@ -2549,7 +2551,7 @@ lws_server_get_canonical_hostname(struct lws_context *context,
 {
 	if (lws_check_opt(info->options, LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME))
 		return;
-#if LWS_POSIX
+#if LWS_POSIX && !defined(LWS_WITH_ESP32)
 	/* find canonical hostname */
 	gethostname((char *)context->canonical_hostname,
 		    sizeof(context->canonical_hostname) - 1);