You are not logged in. Please login or register.
Active topics Unanswered topics
Welcome to the wolfSSL Forums!
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
References
Stable Releases - download stable product releases.
Development Branch - latest development branch on GitHub.
wolfSSL Manual - wolfSSL (formerly CyaSSL) product manual and API reference.
Search options
Hi,
I am trying to run the server example on a windows server to test out an embedded client running wolfSSL. The server example never sees the connection from the client and the client cannot complete the socket connection. I have use the -b option and the standard port but I am not seeing a connection. What I am missing? Should the example server run on windows server?
I have the client -> server within the same pc box connecting correctly.
Have you tried building the wolfssl library and link it to your ciient? We did not use the client as is, but pulled specific items from the client and linked with the wofssl library. We are using in an embedded device with Keil MDK running RTX OS. The trick on the the library is getting the right options in the build.
We did use the server direct, but had to build it using the wolfSSL.sln. Running it on a server required a number of directories that the documents do not address. Tried to run the the server.sln but the paths were all off and once you do that the wolfssl.sln no longer allows the build. Building on windows with Vs 2015.
I analyzed on of the TLS packets for the Client HELLO
handshake 16
TLSV33 03 03
Length 00 41
Clienthello 01
length 00 00 3d
ClientVer 03 03
random 5b b7 51 b3 + bc c8 85 af 03 0d 63 c3 1c c4 3e 60 e6 39 88 55 5e
f9 36 01 02 7f 3e a7 06 40 2f 86
SessionLen 00
CSS-Len 00 0a
CSS 00 6b 00 67 00 39 00 33 00 16
Comp-len 01
comp-meth 00
ext-len 00 0a
ext-id 000d 0006 0004 0401 0201
Not sure which value is causing the server to disconnect.
Can someone help me with the TLS HELLO_CLIENT? Here is the messages sent to the server. The server is disconnecting after receiving this data.
04/13/18-19:10:07:263 IP Debug TSK: ETHPPP wolfssl_send: return code: 70
04/13/18-19:10:07:272 IP Hex TSK: ETHPPP Data:
HEX: 70
16 03 03 00 41 01 00 00 3d 03 03 3a 59 9e b6 39 ....A...=..:Y..9
c2 1c da 65 79 9f d3 31 aa 34 c0 13 ee 88 1a 28 ...ey..1.4.....(
5c f7 5e 0b 80 5a 20 18 88 f1 4e 00 00 0a 00 6b \.^..Z ...N....k
00 67 00 39 00 33 00 16 01 00 00 0a 00 0d 00 06 .g.9.3..........
00 04 04 01 02 01 ......
04/13/18-19:10:07:383 IP Debug TSK: ETHPPP wolfSSL: Shrinking output buffer
04/13/18-19:10:07:383 IP Debug TSK: ETHPPP wolfSSL: connect state: CLIENT_HELLO_SENT
Adding config file that contains 2 files in one.
Config and config-wolfLib.h
We are using wolfSSL in a KEIL MDK 5 environment. We have the KEIL BSD sockets working have tied the wofSSL 3.1.40 into the socket layer. Build options included for a bare bones operation. Included is our config files created by the MDK build.
Client configurations is TLSClient23Build.
Our test was to connect to google.com on port 443. We are not attempting to verify the server with a certificate and are not creating a private key at this point. Just a simple connect. The client connects to the server and CLIENT_HELLO is sent. The server responds with a small message and then issues a close. We have included a log of the transaction showing the KEIL TCP and the wolfssl logging.
Questions:
1. Why is wolfSSL trying to connect before we issue the wolfSSL_connect?
2. Is there anything in the client hello that would cause the server to close our connection?
Thanks.
We found the reason for the socket error. Due to memory constraints, we setup the the minimum required to for TLS. The reason for the socket error was not a socket error itself but that the callbacks for send and receive were not setup. One of our options ( I believe it was NOFILESYSTEM) caused the the xio callback to not be setup. After using the callback setup we were able to get past that option. Now wolfssl is establishing a connection with an error of -313. Here is the log
04/13/18-15:55:19:788 IP Debug TSK: ETHPPP wolfSSL: received record layer msg
04/13/18-15:55:19:789 IP Debug TSK: ETHPPP wolfSSL: got ALERT!
04/13/18-15:55:19:811 IP Debug TSK: ETHPPP wolfSSL: Got alert
04/13/18-15:55:19:811 IP Debug TSK: ETHPPP wolfSSL: wolfSSL error occurred, error = 40
04/13/18-15:55:19:815 IP Debug TSK: ETHPPP wolfSSL: wolfSSL error occurred, error = -313
04/13/18-15:55:19:824 IP Debug TSK: ETHPPP wolfSSL: wolfSSL Entering SSL_connect()
Not sure what this is...
We are using an embedded client in the KEIL MDK environment. Using the KEIL version of BSD for the interfaces.
Library was built with these settings.
#define HAVE_KEIL_RTX /* or define RTOS option */
#define WOLFSSL_USER_IO /* Use own TCP/IP lib */
#define NO_DEV_RANDOM
#define WOLFSSL_KEIL_TCP_NET
#define WOLFSSL_MDK_ARM
#define WOLFSSL_CALLBACKS
#define NO_WOLFSSL_DIR
#define NO_WRITEV
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#define NO_FILESYSTEM
#define NO_ECHOSERVER
#define NO_ECHOCLIENT
#define NO_SIMPLE_SERVER
#define NO_SIMPLE_CLIENT
#define NO_WOLFSSL_SERVER
#define SMALL_SESSION_CACHE
#undef USE_CERT_BUFFERS_1024
#undef WOLFSSL_SMALL_STACK
We do the standard socket create, bind, and connect for the socket using a google.com address and port 443. After we verify the connect we execute the wolfssl functions,
wolfSSL_CTX_new(wolfSSLv23_client_method())
wolfSSL_CTX_set_verify(pCtx, WOLFSSL_VERIFY_NONE, 0);
wolfSSL_new(pCtx))
wolfSSL_use_PrivateKey_buffer
wolfSSL_set_fd(pSSL, socket)
wolfSSL_connect(pSSL)
All function calls are successful except the wolfSSL_connect.
Quickly after issuing the wolfSSL _connect we get a -308 error. We wait for about 10 seconds before reporting the error in hopes that something will be sent to the server. The KEIL TCP debug is enable and we see that the wolfssl library never sends a handshake to the server. After the socket timeout period the server issues a close on the socket.
We have doubled checked the socket connection and it is definitely connected.
Can someone point us in a direction to determine what the issue is?
Attached is a KEIL TCP LOG.
Thanks
Posts found: 9
Generated in 0.056 seconds (96% PHP - 4% DB) with 5 queries