Memory Leak/Usage

[rudi]

Hi Rudi yes! That was the problem....

..How are you doing? Have you managed to do some progress on copy protection for ESP?

I am now trying SSL communication, just started...

Cheers, i am going to celebrate my birthday today !!

Hi Horacio ! All the Best from me to you!
Happy Birthday to you!
https://www.youtube.com/watch?v=Vdsqbh_0zzg

Thanks i am fine, hope u too
Yes, copy protect runs like a charme )))
hope for open src the bootloader code from espressif, will be touch more possibles.

SSL works fine, Horacio, 'huafan' has made fine examples too, have a look and a try:
viewtopic.php?f=7&t=386

celebrate your birthday fine! - see you 'jumping' and hear you singing
la la lalalala yeap ...

best wishes!
rudi

edit: see at this too:
viewtopic.php?f=16&p=3173#p3173

[hdrut]

Thank you Rudi!


any chance to "share" your knowledge with me??


Cheers!

Hi Rudi yes! That was the problem....

..How are you doing? Have you managed to do some progress on copy protection for ESP?

I am now trying SSL communication, just started...

Cheers, i am going to celebrate my birthday today !!

Hi Horacio ! All the Best from me to you!
Happy Birthday to you!
https://www.youtube.com/watch?v=Vdsqbh_0zzg

Thanks i am fine, hope u too
Yes, copy protect runs like a charme )))
hope for open src the bootloader code from espressif, will be touch more possibles.

SSL works fine, Horacio, 'huafan' has made fine examples too, have a look and a try:
viewtopic.php?f=7&t=386

celebrate your birthday fine! - see you 'jumping' and hear you singing
la la lalalala yeap ...

best wishes!
rudi

edit: see at this too:
viewtopic.php?f=16&p=3173#p3173

[zaxl]

Hi,

So sorry for the inconvenience.

Please update to esp_iot_sdk_v1.3.0 and try the SSL patch here http://bbs.espressif.com/viewtopic.php?f=46&t=925

Please have a try. If your problem is still unsolved, feel free to let us know !

Thanks for your interest in Espressif Systems and ESP8266 !

Yes, it fixes the missing disconnect callbacks. Leak is gone too - will torture it a little bit more but it's fine. Thanks!!
The SDK 1.3.0 frees some more memory which is great. Keep the good work!

However I've faced the next issue now - the more free memory allows me to enable the ca server verification -
i got just handshake fail debug message - no reconnect or disconnect callback- the connection stays up until the server closes, i.e. no error code. Any pointers on how to debug/resolve this? Web server is apache , i've placed the host as the default vhost so the esp ssl clients get the first certificate during the ssl handshake. I'm using a self signed certificate /CA and Intermediate CA/ - would it pass the verification?

[ESP_Faye]

Hi,

Did your espconn_secure_connect return ESPCONN_OK ?

[zaxl]

Hi,

Did your espconn_secure_connect return ESPCONN_OK ?

Yes:
esp_secure_connect:0
client handshake start.
client handshake failed

esp_ca_cert.bin size is 1649 bytes.

SSL buffer size is 5120 - i've received errors before when it was to small.
netstat on the server shows the connection in established state.

openssl s_client -connect server:443 reports:

depth=2 C = BG, ST = BG, O = Test, OU = RCA, CN = RCA
verify error:num=19:self signed certificate in certificate chain
verify return:0

Certificate chain
0 s:/C=BG/ST=BG/O=Test/OU=Test/CN=Test
i:/C=BG/ST=BG/O=Test/OU=ICA/CN=ICA
1 s:/C=BG/ST=BG/O=Test/OU=ICA/CN=ICA
i:/C=BG/ST=BG/O=Test/OU=RCA/CN=RCA
2 s:/C=BG/ST=BG/O=Test/OU=RCA/CN=RCA
i:/C=BG/ST=BG/O=Test/OU=RCA/CN=RCA
-- BEGIN CERTIFICATE ---
.....
-----END CERTIFICATE-----
subject=/C=BG/ST=BG/O=Test/OU=Test/CN=Test
issuer=/C=BG/ST=BG/O=Test/OU=ICA/CN=ICA
---
No client certificate CA names sent
---
SSL handshake has read 3075 bytes and written 421 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256

[ESP_Faye]

Hi,

Please call espconn_regist_disconcb before espconn_secure_connect, for example

Code: Select all

        espconn_regist_connectcb(pespconn, user_tcp_connect_cb);
        espconn_regist_reconcb(pespconn, user_tcp_recon_cb);
        // register disconnect cb here, because that SSL handshake may fail.
        espconn_regist_disconcb(pespconn, user_tcp_discon_cb); 
       
       //espconn_secure_set_size(ESPCONN_CLIENT,5120);
       
        espconn_secure_connect(pespconn); // tcp SSL connect


If your problem is still unsolved, please provide your test code, we will have a try.

[zaxl]

Hi, Faye,

Hi,

Please call espconn_regist_disconcb before espconn_secure_connect, for example

Code: Select all

        espconn_regist_connectcb(pespconn, user_tcp_connect_cb);
        espconn_regist_reconcb(pespconn, user_tcp_recon_cb);
        // register disconnect cb here, because that SSL handshake may fail.
        espconn_regist_disconcb(pespconn, user_tcp_discon_cb); 
       
       //espconn_secure_set_size(ESPCONN_CLIENT,5120);
       
        espconn_secure_connect(pespconn); // tcp SSL connect


If your problem is still unsolved, please provide your test code, we will have a try.

It's there but the disconnect callback is actually called but after 5 minutes , when the server closes the connection.
/see the tcpdump.log/ And not after the handshake failure.

I'm attaching archive with test code, there is a README.txt containing relevant info and instructions.
I'm testing against sdk1.3.0 + ssl patch.

If i do not do secure_ca_enable - everything is fine.

So there are two problems:
1. CA verification does not work
2. Disconnect callback is called on server close , not when the handshake fails

[ESP_Faye]

Hi,

Could you have a try with our SSL server "iot.espressif.cn" port 443 ?

Here is the CA of our SSL server.

Documentation "5A-ESP8266__SDK__SSL_User_Manual" is in \esp_iot_sdk_v1.3.0\document\

[zaxl]

Hi,

Could you have a try with our SSL server "iot.espressif.cn" port 443 ?

Here is the CA of our SSL server.

Documentation "5A-ESP8266__SDK__SSL_User_Manual" is in \esp_iot_sdk_v1.3.0\document\

Hi,
I've replaced the esp_ca_cert.bin with espressif's and it fails again:
.....
dhcp client start...
chg_B:-60
FH:46632 t:4
Got ip
ip:192.168.0.104,mask:255.255.255.0,gw:192.168.0.1
Starting request to:[https://iot.espressif.cn/]
hostname=iot.espressif.cn
port=443
path=/
DNS request
DNS pending
FH:46360 t:6
DNS found iot.espressif.cn 115.29.202.58
FH:28672 t:7
client handshake start.
client handshake failed
Disconnected
http_status=-1
httperr:-1
FH:44480 t:8
..........

BUT this time faster.
With my self signed certificate - it fails and waits 5 minutes for the server to close..
With espressif's certificate which is not self signed - it disconnects how it should - right after the handshake failure.

Other minor difference to note is that espressif's server accepts client certificates - mine does not.

[ESP_Faye]

Hi，

Here is my test project and test log, it can connect to Espressif Cloud successfully.

The last log "tcp disconnect succeed !!! " means the Espressif Cloud disconnect to ESP8266, it is not a problem.

Please have a try.