[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [lwip-users] PolarSSL and mbedTLS
|
From: |
Noam Weissman |
|
Subject: |
Re: [lwip-users] PolarSSL and mbedTLS |
|
Date: |
Thu, 2 Mar 2017 12:11:24 +0000 |
Hi Simon,
I was able to catch the error inside function lwip_recvfrom, to remind you this
is read from
PolarSSL
It returns from here:
LWIP_DEBUGF(SOCKETS_DEBUG, ("lwip_recvfrom(%d): returning EWOULDBLOCK\n",
s));
The read buffer is large and it does have a problem, length is 14829 ?
Any ideas ??
BR,
Noam.
-----Original Message-----
From: lwip-users [mailto:address@hidden On Behalf Of address@hidden
Sent: Wednesday, March 01, 2017 9:27 PM
To: Mailing list for lwIP users
Subject: Re: [lwip-users] PolarSSL and mbedTLS
I did have mbedTLS running against our httpd (no sockets) but the resource
usage was rather high.
I'd imagine the problem could be lwIP's memory configurations here, too.
Simon
Jan Menzel wrote:
> Hi Noam!
> I've designed a system with almost the same setup which works well
> since a few years incl. firmware updates of a ~200kb.
> Did you checked the memory consumption of the ip stack and the ssl
> max content length setting? The default max content length setting is
> IIRC 16kb, which means that data is hashed and encrypted in chunks of
> up to 16kb and can only be verified and decrypted once the entire
> chunk has been received. The firmware update on my system only works
> if the max content length is reduced. With the default setting I faced
> memory issues on LPC1768 (which has just a fraction of your F4xx).
> I also had to fiddle around a little bit with errno in the interface
> between mbedtls and lwip. One last advice: carefully check your stack
> usage. mbedtls uses lots of function pointers which Keils static call
> graph analysis can not see and does not warn about.
>
> Jan
>
> On 01.03.2017 14:01, Noam Weissman wrote:
>> Hi,
>>
>>
>>
>> I have a client, single task using the socket API using and also
>> PolarSSL for SSL support.
>>
>>
>>
>> The client is WebSocket client and all seems to work ok.
>>
>>
>>
>> When I try to send small messages from the server to my client all is
>> working ok but when I try to push a large
>>
>> message 6K and up my ssl_read function fails with a read error?.
>>
>>
>>
>> The ssl_read is actually calling lwip_read internally.
>>
>>
>>
>> For some reason the SSL code is trying to read a large buffer 8-16K
>> bytes and the read function fails.
>>
>>
>>
>> Normally when we read from a socket more than is available the return
>> value should be the number
>>
>> of bytes actually read and not an error ?.
>>
>>
>>
>> The processor is STM32F427 using CCM for heap and Keil IDE
>>
>>
>>
>> My main project uses Lwip 1.41, FreeRTOS 8.0.1 and PolarSSL 1.0.0
>>
>>
>>
>> I have created two almost identical projects to the one I use. The
>> first
>> uses:
>>
>> Lwip 2.01, FreeRTOS 9.0
>>
>>
>>
>> The second project is the same as the one with Lwip 2.01 but instead
>> of PolaSSL I switched to mbedTLS 2.4.0
>>
>>
>>
>> In none secure mode everything works as expected and have no problems
>> getting a large message (600K)
>>
>> In secured mode I get a read fail on the first packet ??
>>
>>
>>
>> Anyone has an idea what I am doing wrong or what setting are not correct ??
>>
>>
>>
>> A second question for Simon or anyone that can assist. I tried to set
>> LWIP_DEBUG to 1 and my total used RAM (compiler) dropped
>>
>> about 30K ?? Why is that ?... I understood that debug should take
>> more RAM not Less ?
>>
>>
>>
>> Thanks,
>>
>> Noam.
>>
>>
>>
>> cid:image001.jpg@01D26A92.68494F10
>>
>>
>>
>> Noam Weissman
>>
>> Software Engineer
>>
>> SILORA R&D
>>
>> p:
>>
>>
>>
>> +972-4-9554915 m: +972-52-5786135
>>
>> w:
>>
>>
>>
>> www.silrd.com <http://www.silrd.com/> e: address@hidden
>> <mailto:address@hidden>
>>
>> cid:image002.png@01D26A92.68494F10
>> <https://www.facebook.com/SiloraRD/>
>> cid:image003.png@01D26A92.68494F10
>> <https://twitter.com/SiloraRD> cid:image004.png@01D26A92.68494F10
>> <https://www.linkedin.com/company/silora-r&d>
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> lwip-users mailing list
>> address@hidden
>> https://lists.nongnu.org/mailman/listinfo/lwip-users
>>
> _______________________________________________
> lwip-users mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/lwip-users
>
_______________________________________________
lwip-users mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/lwip-users
- Re: [lwip-users] PolarSSL and mbedTLS, (continued)
- Re: [lwip-users] PolarSSL and mbedTLS, address@hidden, 2017/03/01
- Re: [lwip-users] PolarSSL and mbedTLS, Noam Weissman, 2017/03/01
- Re: [lwip-users] PolarSSL and mbedTLS, Jan Menzel, 2017/03/01
- Re: [lwip-users] PolarSSL and mbedTLS, Noam Weissman, 2017/03/01
- Re: [lwip-users] PolarSSL and mbedTLS, Jan Menzel, 2017/03/02
- Re: [lwip-users] PolarSSL and mbedTLS, Noam Weissman, 2017/03/02
- Re: [lwip-users] PolarSSL and mbedTLS, address@hidden, 2017/03/02
- Re: [lwip-users] PolarSSL and mbedTLS, Noam Weissman, 2017/03/02
- Re: [lwip-users] PolarSSL and mbedTLS, address@hidden, 2017/03/02
- Re: [lwip-users] PolarSSL and mbedTLS, Noam Weissman, 2017/03/02
- Re: [lwip-users] PolarSSL and mbedTLS,
Noam Weissman <=
- Re: [lwip-users] PolarSSL and mbedTLS, Jan Menzel, 2017/03/03
- Re: [lwip-users] PolarSSL and mbedTLS, Noam Weissman, 2017/03/03
- Re: [lwip-users] PolarSSL and mbedTLS, Noam Weissman, 2017/03/10
- Re: [lwip-users] PolarSSL and mbedTLS, Simon Goldschmidt, 2017/03/10
- Re: [lwip-users] PolarSSL and mbedTLS, Noam Weissman, 2017/03/10
- Re: [lwip-users] PolarSSL and mbedTLS, address@hidden, 2017/03/11
- Re: [lwip-users] PolarSSL and mbedTLS, Noam Weissman, 2017/03/11
- Re: [lwip-users] PolarSSL and mbedTLS, address@hidden, 2017/03/11
- Re: [lwip-users] PolarSSL and mbedTLS, Noam Weissman, 2017/03/11
- Re: [lwip-users] PolarSSL and mbedTLS, Noam Weissman, 2017/03/12