Skip to content
This repository was archived by the owner on Sep 6, 2023. It is now read-only.
This repository was archived by the owner on Sep 6, 2023. It is now read-only.

SSL handshake interruption causes hard fault #209

@0xDBFB7

Description

@0xDBFB7

Somewhat related to #193, if a socket times out about 20 times the board hard faults (unrecoverable).

Socket Open
Socket has timed out: [Errno 104] ECONNRESET
Socket Close

Socket Open
assertion "0" failed: file "../../py/../extmod/modussl_mbedtls.c", line 151, function: socket_new
abort() was called at PC 0x40131ad3 on core 0

Backtrace: 0x400873fb:0x3ffce020 0x40087427:0x3ffce040 0x40131ad3:0x3ffce060 0x400ecf2b:0x3ffce090 0x400df716:0x3ffce0e0 0x400dbbc1:0x3ffce110 0x400dbc29:0x3ffce130 0x400e8c09:0x3ffce150 0x400df7a4:0x3ffce1f0 0x400dbbc1:0x3ffce220 0x400e8b7f:0x3ffce240 0x400df7a4:0x3ffce2e0 0x400dbbc1:0x3ffce360 0x400e8b7f:0x3ffce380 0x400df7a4:0x3ffce420 0x400dbbc1:0x3ffce450 0x400dbbee:0x3ffce470 0x400f7352:0x3ffce490 0x400f75b5:0x3ffce530 0x400eeea7:0x3ffce550

Rebooting...
���x����xx�������

The relevant code:

def verify_server(socket):
    certHash = binascii.hexlify(
        hashlib.sha256(socket.getpeercert(True)).digest())
    print("Certificate Hash: " + str(certHash))
    for server in server_dict:
        if certHash in server['fingerprints']:
            return True
    return False


def send_to_server(data, url, server_index=0):
    wdt.feed()
    print("Sending " + str(data) + "to server " + url)
    s = socket.socket()
    print("Socket Open")
    try:
        s.settimeout(30)
        # server redundancy should be implemented. #FIXME: This will probably
        # do a dns lookup every time - probably shouldn't.
        ai = socket.getaddrinfo(server_dict[server_index]['address'], 443)
        addr = ai[0][-1]  # cache this
        s.connect(addr)
        s = ssl.wrap_socket(s, cert=sump_cert_2.CERT, key=sump_cert_2.KEY)

        if not verify_server(s):
            print("Certificate doesn't match.")
            s.close()
            return None

        server = server_dict[server_index]
        http_headers = '\r\n'.join([
            "POST {} HTTP/1.1".format(url),
            "Connection: Keep-Alive",
            "Accept: */*",
            "Host: {}".format(server['address']),
            "User-Agent: SafeSumpSeldon",
            "Content-Type: application/x-msgpack",
            "Content-Length: {}".format(len(data)),
            "\r\n"])
        s.write(http_headers)
        s.write(data)
        response = s.read(2048)
    except OSError as e:
        print("Socket has timed out: {}".format(e))
    except Exception as e:
        print("Server connection failed: {}".format(e))
        store_in_backlog(data)
    else:
        return response
        # process_backlog()
    finally:
        s.close()
        print("Socket Close")
    return None

We've been having numerous issues with sockets hardfaulting recently - it's a pretty serious issue for us.

I'm running the latest esp-idf (I got constant #193 errors otherwise).

Thanks!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions

      pFad - Phonifier reborn

      Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

      Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


      Alternative Proxies:

      Alternative Proxy

      pFad Proxy

      pFad v3 Proxy

      pFad v4 Proxy