• State TI Thinks Resolved
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 32 subscribers
  • Views 572 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

RTOS/EK-TM4C129EXL: https request: With wrong root certificate program hangs

Krams
Intellectual 595 points
Part Number: EK-TM4C129EXL


Tool/software: TI-RTOS

Hello,
I work with these components:

Hardware:                       EK-TM4C129EXL

Operating System:         TI-RTOS for Tiva v 2.16.1.14

XDCtools version:           3.32.0.06_core

Project:                            httpsget_EK_TM4C129EXL_TI_TivaTM4C129ENCPDT

wolfSSL Version:             wolfSSL-3.10.4

My cloud access has been working for a while now. With the right certificate.

If I use another "wrong" certificate for the TLS_create (..) function to return -1, everything is alright.
But if I get a "false" certificate for the TLS_create (..) function to succeed, the TLS handshake will be sent to the HTTPCli_sendRequest (..)

function and I will get back the error code -103 and the wolfSSL error code -188. That's good too and not bad.

After a few attempts with this "wrong" certificate, the program counter will hang in the wolfSSL files. See image.

The program hangs within the function HTTPCli_sendRequest (& cli, requestParams.method, requestParams.url, false);
and will not come out anymore. If I stop the program you can see that it hangs within the WolfSSL file.

Here is my Request Funktion:

void httpsSendRequest(requestParams_t requestParams, responseParams_t* responseParams)
{
	//wolfSSL_Debugging_ON();
    bool moreFlag = false;
    char data[64];
    int ret;
    int len;
    struct sockaddr_in addr;

    TLS_Params tlsParams;
    TLS_Handle tls;

    HTTPCli_Params params;
    HTTPCli_Struct cli;

    responseParams->body = NULL;
    responseParams->bodyLen = 0;


    System_printf("Sending a HTTPS %s request !\n", requestParams.method);
    System_flush();



    TLS_Params_init(&tlsParams);
    tlsParams.ca 	= (uint8_t*)requestParams.cert;
    tlsParams.calen = strlen(requestParams.cert);

    System_printf("cloudTask: TLS_create\n");System_flush();
    tls = TLS_create(TLS_METHOD_CLIENT_TLSV1_2, &tlsParams, NULL);
    if (!tls) {
        printError("httpsTask: TLS create failed", -1);
    	goto exit1;
    }

    System_printf("cloudTask: HTTPCli_construct\n");System_flush();
    HTTPCli_construct(&cli);

    System_printf("cloudTask: HTTPCli_setRequestFields\n");System_flush();
    HTTPCli_setRequestFields(&cli, requestParams.fields);

    System_printf("cloudTask: HTTPCli_initSockAddr\n");System_flush();
    ret = HTTPCli_initSockAddr((struct sockaddr *)&addr, requestParams.host, 0);
    if (ret < 0) {
        printError("httpsTask: address resolution failed", ret);
    	goto exit2;
    }

    System_printf("cloudTask: HTTPCli_Params_init\n");System_flush();
    HTTPCli_Params_init(&params);
    params.tls = tls;

    System_printf("cloudTask: HTTPCli_connect\n");System_flush();
    ret = HTTPCli_connect(&cli, (struct sockaddr *)&addr, 0, &params);
    if (ret < 0) {
        printError("httpsTask: connect failed", ret);
    	goto exit2;
    }

    System_printf("cloudTask: HTTPCli_sendRequest\n");System_flush();
    // Handshake startet
    ret = HTTPCli_sendRequest(&cli, requestParams.method, requestParams.url, false);
    if (ret < 0) {
        printError("httpsTask: send failed", ret);

    	goto exit2;

    }

	ret = HTTPCli_sendRequestBody(&cli, requestParams.body, strlen(requestParams.body));
	if (ret < 0)
	{
		printError("httpTask: Variable data couldn't be sent", ret);
		goto exit2;
	}
	else
	{
		System_printf("Data sent successfully\n");
		System_flush();
	}

    ret = HTTPCli_getResponseStatus(&cli);
    if (ret != HTTPStd_OK) {
        printError("httpsTask: cannot get status", ret);
    	goto exit2;
    }

    System_printf("HTTP Response Status Code: %d\n", ret);
    System_flush();


   do
   {
	   ret = HTTPCli_readResponseHeader(&cli, data, sizeof(data), &moreFlag);

	   if( strncmp( data, HTTPStd_FIELD_NAME_CONTENT_LENGTH, strlen(HTTPStd_FIELD_NAME_CONTENT_LENGTH)) == 0 )
	   {
		   char* strContentLen = strstr(&data[strlen(HTTPStd_FIELD_NAME_CONTENT_LENGTH)], ": ");
		   if (strContentLen != NULL)
		   {
			   convert_DecStringToNumber(&strContentLen[2], &responseParams->bodyLen);
		   }
	   }

   }while(ret != 0);



   if (responseParams->bodyLen != 0)
   {
	    // Allocate a buffer for the response
		responseParams->body = (char*) mmBulkAlloc( responseParams->bodyLen + 1 );
		if ( !responseParams->body )
		{
			System_printf("\nNo dynamic Array!\n");	System_flush();
			mmBulkFree(responseParams->body);
		}
   }

   len = 0;
   if (responseParams->body != NULL)
   {
	    do {
	        ret = HTTPCli_readResponseBody(&cli, &responseParams->body[len], (responseParams->bodyLen - len), &moreFlag);
	        if (ret < 0) {
	            printError("httpsTask: response body processing failed", ret);
	        	goto exit2;
	        }

	        len += ret;
	    } while (moreFlag);

	    responseParams->body[len] = '\0';	// Null terminierter String
   }


    System_printf("Recieved %d bytes of payload\n\n", len);
    System_flush();


exit2: 	HTTPCli_disconnect(&cli);
    	HTTPCli_destruct(&cli);

exit1:  TLS_delete(&tls);


}

What is the problem ?

  • 0
    TI__Guru* 96960 points

    Hi,

    Have you contacted WolfSSL also? Unfortunately we don't have the expertise at TI to debug WolfSSL code. We'll take a look to see if anything looks strange on the TI code side, but I expect you'll need to work this through WolfSSL.

    Todd

  • 0 in reply to ToddMullanix
    Intellectual 595 points

    Hello Todd,
    Thank you for your reply. I am currently in contact with Wolffssl.

    It would be good if you could tell me if anything inside the httpsRequest function is incorrect.

    Many thanks

    If I stop the program within the function httpsRequest and look at the heap, I see after a successful handshake and data transfer the heap keeps sprinkling on the same size.

    If I take the certificate with which the handshake does not work, 2088Byte are stolen from the heap each round. And after a few rounds, nobody can reserve more memory on the heap.

  • 0 in reply to Krams
    TI__Intellectual 1390 points

    Hi Krams,

    I don't see a problem with your `httpsSendRequest`.

    This post seems directly related (a handshake failure leading to a memory leak).

    Best,

    Brandon