mbedTLS hangs during handshake

BuddyCasino
Posts: 263
Joined: Sun Jun 19, 2016 12:00 am

mbedTLS hangs during handshake

Postby BuddyCasino » Wed Mar 15, 2017 7:17 am

When I try to connect to the Amazon Alexa endpoint, often (but not always!) the connection seems to hang in the handshake phase, then proceed after well over a minute.

Other endpoints like https://http2.golang.org/ do not exhibit this behaviour.

Interestingly "nmap --script ssl-enum-ciphers -p 443 avs-alexa-eu.amazon.com" also seems to have trouble with Amazon, sometimes not finding any cypher.

I have no idea how to debug this.

ESP_Angus
Posts: 2344
Joined: Sun May 08, 2016 4:11 am

Re: mbedTLS hangs during handshake

Postby ESP_Angus » Wed Mar 15, 2017 7:44 am

Getting a dump of the TCP session is probably the first thing to try. Although you won't be able to view the contents of the TLS messages, you can see what type of message they are and see where the pauses happen and if anything strange is happening (retransmits at the TCP layer, failed negotiation attempts, etc.)

There are various ways to get a TCP session capture like this. I do it by addding a second USB WiFi adapter to my laptop, setting it up as an access point which NATs out to my "real" network. Then I can connect the ESP32 to the USB adapter access point, and capture traffic as it goes through. Or you could probably do it on a single WiFi network by setting up a socat tunnel (or something similar) and connecting the ESP32 to the tunnel, which then relays the TCP stream to the Alexa endpoint.


Angus

BuddyCasino
Posts: 263
Joined: Sun Jun 19, 2016 12:00 am

Re: mbedTLS hangs during handshake

Postby BuddyCasino » Wed Mar 15, 2017 2:53 pm

Thanks, I'll try that!
Is there a way to get a core dump of the ESP using my JTAG debugger?

ChrisHolza
Posts: 7
Joined: Mon Jan 09, 2017 1:32 pm
Location: Germany

Re: mbedTLS hangs during handshake

Postby ChrisHolza » Thu Mar 16, 2017 6:22 am

Hi Buddy,

is it possibly related to this one: https://github.com/espressif/esp-idf/issues/139?

I'm still having trouble there, would be great if anyone could confirm.

Other than that, have you turned on "Component Config -> mbedTLS -> Disable hardware MPI (bignum) acceleration" ?

BuddyCasino
Posts: 263
Joined: Sun Jun 19, 2016 12:00 am

Re: mbedTLS hangs during handshake

Postby BuddyCasino » Fri Mar 31, 2017 8:52 am

Looks like the newest version fixed it, no need to disable hw acceleration - thanks for the heads up! This was driving me insane.

Who is online

Users browsing this forum: No registered users and 21 guests