https server not listening

[pol delgado martín]

Hello

I'm trying to create  an https server, i used the official mbedtls examples as reference. 

I't doesn't work, it seems that the socket is not listening. Any hint?

Thanks for your help, 

All the best,

Pol 

server code:

#define PORT "4433"
void server(){
  xQueueHandle xWorkersQueue;
  int ret, bRestart;
  mbedtls_net_context listen_fd, client_fd;
  mbedtls_entropy_context entropy;
  mbedtls_ctr_drbg_context ctr_drbg;
  //mbedtls_ssl_config conf; //defined as a global variable so threads can access it
  mbedtls_ssl_config conf;
  mbedtls_x509_crt srvcert;
  mbedtls_pk_context pkey;


  vTaskDelay( INITIAL_DELAY  / portTICK_RATE_MS);
  bRestart=false;
  do{
    mbedtls_net_init( &listen_fd );
    mbedtls_net_init( &client_fd );
    mbedtls_ssl_config_init(&conf);
    mbedtls_x509_crt_init( &srvcert );
    mbedtls_pk_init( &pkey );
    mbedtls_entropy_init( &entropy );
    mbedtls_ctr_drbg_init( &ctr_drbg );
#ifdef MBEDTLS_DEBUG_C
    mbedtls_debug_set_threshold( DEBUG_LEVEL );
#endif

    printf( "  . Bind on https://localhost:%s/ ...",PORT );
    if( ( ret = mbedtls_net_bind( &listen_fd, 0, PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
    {
      printf( " failed\n  ! mbedtls_net_bind returned %d\n\n", ret );
      bRestart=true;
    }
    printf( "ok\n");
    printf("  · loading certs...");
    ret = mbedtls_x509_crt_parse( &srvcert, (uint8_t*) server_cert,
        strlen(server_cert)+1);
    if( ret != 0 )
    {
      printf( " failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret );
      bRestart=true;
    }

    ret =  mbedtls_pk_parse_key( &pkey, (uint8_t *) server_private_key,
        strlen(server_private_key)+1, NULL, 0 );
    if( ret != 0 )
    {
      printf( " failed\n  !  mbedtls_pk_parse_key returned %d\n\n", ret );
      bRestart=true;
    }
    printf(" ok\n");
    printf( "  . Seeding the random number generator..." );
    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, NULL, 0 ) ) != 0 )
    {
      printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
      bRestart=true; 
    }
    printf( " ok\n" );

    printf( "  . Setting up the SSL data...." );
    if( ( ret = mbedtls_ssl_config_defaults( &conf,
            MBEDTLS_SSL_IS_SERVER,
            MBEDTLS_SSL_TRANSPORT_STREAM,
            MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
    {
      printf( " failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
      bRestart=true;
    }
    printf("ok\n");
    printf("  · set rng...");
    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
#ifdef MBEDTLS_DEBUG_C
    mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
#endif
    printf("ok\n");
    if(bRestart==true){
      mbedtls_net_free( &client_fd );
      mbedtls_net_free( &listen_fd );
      mbedtls_x509_crt_free( &srvcert );
      mbedtls_pk_free( &pkey );
      mbedtls_ssl_config_free( &conf );
      mbedtls_ctr_drbg_free( &ctr_drbg );
      mbedtls_entropy_free( &entropy );
    }
  }while(bRestart==true);
  printf("  · config OK!!\n");

  //creating workers
  xWorkersQueue = xQueueCreate(NTHREADS,sizeof(mbedtls_net_context));
  printf("  · creating workers...\n");
  char *name= (char *) malloc(100*sizeof(char));
  for(int i=0;i<NTHREADS;i++){
    sprintf(name,"worker%d",i);
    printf("       %s on board!\n",name);
    xTaskCreate(worker, (signed char *)name, 1024, (void *)&xWorkersQueue, configMAX_PRIORITIES - 2 , NULL);
  }
  free(name);
  //service loop
  printf("  · top of the loop, free heap = %u\n", xPortGetFreeHeapSize());
  while(1){
    //accept new connections
    printf("  · waiting for connections...\n");
    if( (ret=mbedtls_net_accept(&listen_fd, &client_fd, NULL, 0 , NULL)) == 0 ){
      printf("  · info: %d",ret);
      //put the client on queue
      printf("new client!\n");
      while(xQueueSend( xWorkersQueue, &client_fd, portMAX_DELAY ) != pdTRUE){};
    }
    vTaskDelay( 10  / portTICK_RATE_MS);
  }
}

with the folowing output:

Connected with podemaAP, channel 11
dhcp client start...
ip:192.168.1.38,mask:255.255.255.0,gw:192.168.1.1
  . Bind on https://localhost:4433/ ... ok 
  > free heap = 34200
  · loading certs... ok
  . Seeding the random number generator... ok
  . Setting up the SSL data....ok
  · set rng...ok
  · config OK!!
  · creating workers...
       worker0 on board!
       worker1 on board!
       worker2 on board!
       worker3 on board!
  · top of the loop, free heap = 14136
  · waiting for connections...
 > free heap = 14308
  > free heap = 14308
  > free heap = 14308

telnet:

telnet 192.168.1.38 4433
podema@codingmachine:~$ telnet 192.168.1.38 4433
Trying 192.168.1.38...
telnet: Unable to connect to remote host: Connection refused

(nothing shown by the serial port after trying to connect)

[pol delgado martín]

Since i suspect that the error is on net_bind i modified my http server (using lwip, working), the result is a non working http server.

Is it possible that net_bind is not working/not implemented?

should i use lwip_send and lwip_recv in mbedtls_ssl_set_bio ?

PS:  I attach the modified program, and its output, telnet keeps witout working

void worker(void * pvParameters){

  xQueueHandle xWorkersQueue=*(xQueueHandle *)pvParameters;

  mbedtls_net_context client_fd;

  int ret;

  char cR[BUF_SIZE];

  int iBites;

  char cMethod[10];

  char cResource[40];

  char *token;

  while(1){

  mbedtls_net_init(&client_fd);

    //waiting for clients

    while( xQueueReceive( xWorkersQueue , &client_fd, portMAX_DELAY)  != pdTRUE );

    //get client request

    if((iBites=mbedtls_net_recv(&client_fd, (unsigned char *)cR, (size_t)sizeof(cR))) < 0 ){break;}

    printf("Request\n----------------------\n%.*s\n\n",iBites,cR);

    strncpy(cMethod,strtok_r(cR, " ", &token),10);

    strncpy(cResource,strtok_r(NULL, " ", &token),40);

    while(iBites==sizeof(cR)){

      if((iBites=mbedtls_net_recv(&client_fd, (unsigned char *)cR, (size_t)sizeof(cR))) < 0 ){break;}

    }

    //serve clients

    create_response(cMethod,cResource,cR);

    printf("Response\n-------------\n%.*s\n\n",strlen(cR),cR);

    mbedtls_net_send(&client_fd, (const unsigned char *)cR, (size_t)strlen(cR)*sizeof(char));

    //exit: 

    mbedtls_net_free(&client_fd);

  }

}

void server(){

  xQueueHandle xWorkersQueue;

  int ret, bRestart;

  mbedtls_net_context listen_fd, client_fd;

  vTaskDelay( INITIAL_DELAY  / portTICK_RATE_MS);

  bRestart=false;

  do{

    mbedtls_net_init( &listen_fd );

    mbedtls_net_init( &client_fd );

    printf( "  . Bind on https://localhost:%s/ ...",PORT );

    if( ( ret = mbedtls_net_bind( &listen_fd, 0, PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 )

    {

      printf( " failed\n  ! mbedtls_net_bind returned %d\n\n", ret );

      bRestart=true;

    }

    printf( "ok\n");

    if(bRestart==true){

      mbedtls_net_free( &client_fd );

      mbedtls_net_free( &listen_fd );

    }

  }while(bRestart==true);

  printf("  · config OK!!\n");

  //creating workers

  xWorkersQueue = xQueueCreate(NTHREADS,sizeof(mbedtls_net_context));

  printf("  · creating workers...\n");

  char *name= (char *) malloc(100*sizeof(char));

  for(int i=0;i<NTHREADS;i++){

    sprintf(name,"worker%d",i);

    printf("       %s on board!\n",name);

    xTaskCreate(worker, (signed char *)name, 1024, (void *)&xWorkersQueue, configMAX_PRIORITIES - 2 , NULL);

  }

  free(name);

  //service loop

  printf("  · top of the loop, free heap = %u\n", xPortGetFreeHeapSize());

  while(1){

    //accept new connections

    printf("  · waiting for connections...\n");

    ret=mbedtls_net_accept(&listen_fd, &client_fd, NULL, 0 , NULL);

    if( ret == 0 ){

      //put the client on queue

      printf("new client!\n");

      while(xQueueSend( xWorkersQueue, &client_fd, portMAX_DELAY ) != pdTRUE){};

    }

    vTaskDelay( 10  / portTICK_RATE_MS);

  }

}

Output:

ip:192.168.1.38,mask:255.255.255.0,gw:192.168.1.1

  . Bind on https://localhost:80/ ...ok

  · config OK!!

  · creating workers...

       worker0 on board!

       worker1 on board!

       worker2 on board!

       worker3 on board!

  · top of the loop, free heap = 20476

  · waiting for connections..

[Angus Gratton]

Hi pol,

Sorry for the slow reply, I've had a busy couple of weeks.

I wasn't able to compile your code (there were parts of it I didn't have), but I put together a simple 'tls_server' example that shows running a TLS server on a specific port, and echoing some information to it on connect. It's pushed to github now.

I think the problems with mbedtls_net_bind() you were seeing may have been due to the address argument, it seems this has to be the string "0.0.0.0" to bind to all/default interfaces.

In any case, if you adapt the tls_server example then you should be able to get a working TLS server and from that build up to a working HTTPS server.

Regards,


Angus

[pol delgado martín]

Hi Angus,
It works like a charm now, thanks!

Should i publish the issue in github anyway ?

In mbedtls documentation they say this about mbedtls_net_bind:

Create a receiving socket on bind_ip:port in the chosen protocol.

If bind_ip == NULL, all interfaces are bound.

Is it hard to fix? even if is not critic (since you can bind a socket anyway) some people may benefit from the experience

Best Regards and thanks again,

Pol

[Angus Gratton]

On Mon, Feb 08, 2016 at 01:42:11AM -0800, pol delgado martín wrote:
> In mbedtls documentation they say this about mbedtls_net_bind:
>
> Create a receiving socket on bind_ip:port in the chosen protocol.
>
> If bind_ip == NULL, all interfaces are bound.
>
> Is it hard to fix? even if is not critic (since you can bind a socket
> anyway) some people may benefit from the experience

Good catch, I hadn't seen this in the docs!

Should be fully fixed now:
https://github.com/SuperHouse/esp-open-rtos/commit/3dfa2272cc313ee0d6c97c14f183f1debef35eca


Angus