Memory Leak/Usage

User avatar
rudi
Posts: 197
Joined: Fri Oct 24, 2014 7:55 pm

Re: SSL example

Postby rudi » Wed Aug 12, 2015 9:29 pm

hdrut wrote:Hi Rudi yes! That was the problem....

..How are you doing? Have you managed to do some progress on copy protection for ESP?

I am now trying SSL communication, just started...

Cheers, i am going to celebrate my birthday today !!


Hi Horacio ! All the Best from me to you!
Happy Birthday to you!
https://www.youtube.com/watch?v=Vdsqbh_0zzg

Thanks i am fine, hope u too ;-)
Yes, copy protect runs like a charme ;))))
hope for open src the bootloader code from espressif, will be touch more possibles.

SSL works fine, Horacio, 'huafan' has made fine examples too, have a look and a try:
viewtopic.php?f=7&t=386

celebrate your birthday fine! - see you 'jumping' and hear you singing ;-) ;-) ;-)
la la lalalala yeap ...

best wishes!
rudi ;-)

edit: see at this too:
viewtopic.php?f=16&p=3173#p3173

-------------------------------------
love it, change it or leave it.
-------------------------------------
問候飛出去的朋友遍全球魯迪

hdrut
Posts: 25
Joined: Fri Feb 13, 2015 11:02 am
Location: Argentina

Re: SSL example

Postby hdrut » Thu Aug 13, 2015 2:37 am

Thank you Rudi!


any chance to "share" your knowledge with me?? :P


Cheers!




rudi wrote:
hdrut wrote:Hi Rudi yes! That was the problem....

..How are you doing? Have you managed to do some progress on copy protection for ESP?

I am now trying SSL communication, just started...

Cheers, i am going to celebrate my birthday today !!


Hi Horacio ! All the Best from me to you!
Happy Birthday to you!
https://www.youtube.com/watch?v=Vdsqbh_0zzg

Thanks i am fine, hope u too ;-)
Yes, copy protect runs like a charme ;))))
hope for open src the bootloader code from espressif, will be touch more possibles.

SSL works fine, Horacio, 'huafan' has made fine examples too, have a look and a try:
viewtopic.php?f=7&t=386

celebrate your birthday fine! - see you 'jumping' and hear you singing ;-) ;-) ;-)
la la lalalala yeap ...

best wishes!
rudi ;-)

edit: see at this too:
viewtopic.php?f=16&p=3173#p3173

zaxl
Posts: 29
Joined: Mon Jun 08, 2015 6:34 pm
Contact:

Re: Memory Leak/Usage

Postby zaxl » Thu Aug 13, 2015 4:44 am

Espressif_Faye wrote:Hi,

So sorry for the inconvenience.

Please update to esp_iot_sdk_v1.3.0 and try the SSL patch here http://bbs.espressif.com/viewtopic.php?f=46&t=925

Please have a try. If your problem is still unsolved, feel free to let us know !

Thanks for your interest in Espressif Systems and ESP8266 !


Yes, it fixes the missing disconnect callbacks. Leak is gone too - will torture it a little bit more but it's fine. Thanks!!
The SDK 1.3.0 frees some more memory which is great. Keep the good work!

However I've faced the next issue now - the more free memory allows me to enable the ca server verification -
i got just handshake fail debug message - no reconnect or disconnect callback- the connection stays up until the server closes, i.e. no error code. Any pointers on how to debug/resolve this? Web server is apache , i've placed the host as the default vhost so the esp ssl clients get the first certificate during the ssl handshake. I'm using a self signed certificate /CA and Intermediate CA/ - would it pass the verification?
Regards,
zaxl

ESP_Faye
Posts: 1646
Joined: Mon Oct 27, 2014 11:08 am

Re: Memory Leak/Usage

Postby ESP_Faye » Thu Aug 13, 2015 10:50 am

Hi,

Did your espconn_secure_connect return ESPCONN_OK ?

zaxl
Posts: 29
Joined: Mon Jun 08, 2015 6:34 pm
Contact:

Re: Memory Leak/Usage

Postby zaxl » Thu Aug 13, 2015 1:42 pm

Espressif_Faye wrote:Hi,

Did your espconn_secure_connect return ESPCONN_OK ?


Yes:
esp_secure_connect:0
client handshake start.
client handshake failed

esp_ca_cert.bin size is 1649 bytes.

SSL buffer size is 5120 - i've received errors before when it was to small.
netstat on the server shows the connection in established state.

openssl s_client -connect server:443 reports:

depth=2 C = BG, ST = BG, O = Test, OU = RCA, CN = RCA
verify error:num=19:self signed certificate in certificate chain
verify return:0

Certificate chain
0 s:/C=BG/ST=BG/O=Test/OU=Test/CN=Test
i:/C=BG/ST=BG/O=Test/OU=ICA/CN=ICA
1 s:/C=BG/ST=BG/O=Test/OU=ICA/CN=ICA
i:/C=BG/ST=BG/O=Test/OU=RCA/CN=RCA
2 s:/C=BG/ST=BG/O=Test/OU=RCA/CN=RCA
i:/C=BG/ST=BG/O=Test/OU=RCA/CN=RCA
-- BEGIN CERTIFICATE ---
.....
-----END CERTIFICATE-----
subject=/C=BG/ST=BG/O=Test/OU=Test/CN=Test
issuer=/C=BG/ST=BG/O=Test/OU=ICA/CN=ICA
---
No client certificate CA names sent
---
SSL handshake has read 3075 bytes and written 421 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Regards,
zaxl

ESP_Faye
Posts: 1646
Joined: Mon Oct 27, 2014 11:08 am

Re: Memory Leak/Usage

Postby ESP_Faye » Fri Aug 14, 2015 11:27 am

Hi,

Please call espconn_regist_disconcb before espconn_secure_connect, for example

Code: Select all

        espconn_regist_connectcb(pespconn, user_tcp_connect_cb);
        espconn_regist_reconcb(pespconn, user_tcp_recon_cb);
        // register disconnect cb here, because that SSL handshake may fail.
        espconn_regist_disconcb(pespconn, user_tcp_discon_cb); 
       
       //espconn_secure_set_size(ESPCONN_CLIENT,5120);
       
        espconn_secure_connect(pespconn); // tcp SSL connect


If your problem is still unsolved, please provide your test code, we will have a try.

zaxl
Posts: 29
Joined: Mon Jun 08, 2015 6:34 pm
Contact:

Re: Memory Leak/Usage

Postby zaxl » Mon Aug 17, 2015 6:36 pm

Hi, Faye,

Espressif_Faye wrote:Hi,

Please call espconn_regist_disconcb before espconn_secure_connect, for example

Code: Select all

        espconn_regist_connectcb(pespconn, user_tcp_connect_cb);
        espconn_regist_reconcb(pespconn, user_tcp_recon_cb);
        // register disconnect cb here, because that SSL handshake may fail.
        espconn_regist_disconcb(pespconn, user_tcp_discon_cb); 
       
       //espconn_secure_set_size(ESPCONN_CLIENT,5120);
       
        espconn_secure_connect(pespconn); // tcp SSL connect


If your problem is still unsolved, please provide your test code, we will have a try.


It's there but the disconnect callback is actually called but after 5 minutes , when the server closes the connection.
/see the tcpdump.log/ And not after the handshake failure.

I'm attaching archive with test code, there is a README.txt containing relevant info and instructions.
I'm testing against sdk1.3.0 + ssl patch.

If i do not do secure_ca_enable - everything is fine.

So there are two problems:
1. CA verification does not work
2. Disconnect callback is called on server close , not when the handshake fails
Attachments
ssltest.tgz
(20.91 KiB) Downloaded 732 times
stdout.log.gz
console log
(466 Bytes) Downloaded 730 times
tcpdump.log.txt.gz
tcp dump
(5.37 KiB) Downloaded 723 times
Regards,
zaxl

ESP_Faye
Posts: 1646
Joined: Mon Oct 27, 2014 11:08 am

Re: Memory Leak/Usage

Postby ESP_Faye » Tue Aug 18, 2015 2:06 pm

Hi,

Could you have a try with our SSL server "iot.espressif.cn" port 443 ?

Here is the CA of our SSL server.

Documentation "5A-ESP8266__SDK__SSL_User_Manual" is in \esp_iot_sdk_v1.3.0\document\
Attachments
esp_ca_cert.zip
(1.58 KiB) Downloaded 692 times

zaxl
Posts: 29
Joined: Mon Jun 08, 2015 6:34 pm
Contact:

Re: Memory Leak/Usage

Postby zaxl » Tue Aug 18, 2015 2:48 pm

Espressif_Faye wrote:Hi,

Could you have a try with our SSL server "iot.espressif.cn" port 443 ?

Here is the CA of our SSL server.

Documentation "5A-ESP8266__SDK__SSL_User_Manual" is in \esp_iot_sdk_v1.3.0\document\

Hi,
I've replaced the esp_ca_cert.bin with espressif's and it fails again:
.....
dhcp client start...
chg_B:-60
FH:46632 t:4
Got ip
ip:192.168.0.104,mask:255.255.255.0,gw:192.168.0.1
Starting request to:[https://iot.espressif.cn/]
hostname=iot.espressif.cn
port=443
path=/
DNS request
DNS pending
FH:46360 t:6
DNS found iot.espressif.cn 115.29.202.58
FH:28672 t:7
client handshake start.
client handshake failed
Disconnected
http_status=-1
httperr:-1
FH:44480 t:8
..........

BUT this time faster.
With my self signed certificate - it fails and waits 5 minutes for the server to close..
With espressif's certificate which is not self signed - it disconnects how it should - right after the handshake failure.

Other minor difference to note is that espressif's server accepts client certificates - mine does not.
Regards,
zaxl

ESP_Faye
Posts: 1646
Joined: Mon Oct 27, 2014 11:08 am

Re: Memory Leak/Usage

Postby ESP_Faye » Wed Aug 19, 2015 4:28 pm

Hi,

Here is my test project and test log, it can connect to Espressif Cloud successfully.

The last log "tcp disconnect succeed !!! " means the Espressif Cloud disconnect to ESP8266, it is not a problem.

Please have a try.
Flash download tool.png
Attachments
SSL_CA_TEST_LOG.zip
(1.94 KiB) Downloaded 658 times
esp_iot_sdk_v1.3.0_BBP175.zip
(1.63 MiB) Downloaded 714 times

Who is online

Users browsing this forum: No registered users and 3 guests