Topic: ERRO: wolfSSL_connect renturn -125

listenfd = socket(AF_INET, SOCK_STREAM, 0);
          LWIP_ASSERT("socket_server_thread(): Socket create failed.", listenfd >= 0);
          socket_saddr.sin_family = AF_INET;
          if (inet_pton(AF_INET,my_value.walle_ip, &socket_saddr.sin_addr) != 1)
          {
              PRINTF("config ip address error \r\n");
          }
          socket_saddr.sin_port = lwip_htons(443); /* echo server port */

          if (connect(listenfd, (struct sockaddr *) &socket_saddr, sizeof(socket_saddr)) == -1)
          {
              PRINTF("Socket connect failed\r\n");
          }
          else
          {
              PRINTF("Socket connect success\r\n");
              /* Initialize WOLFSSL */
              ret = wolfSSL_Init();
              LWIP_ASSERT("wolfSSL_Init() failed", ret == SSL_SUCCESS);
              /* Create and initialize CTX */
              ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
              LWIP_ASSERT("wolfSSL_CTX_new() failed", ctx != NULL);
#if 0
              ret = wolfSSL_CTX_set_cipher_list(ctx, "AES128-SHA");
              LWIP_ASSERT("wolfSSL_CTX_set_cipher_list() failed", ret == SSL_SUCCESS);
              /* Load CA certificates */
              ret = wolfSSL_CTX_load_verify_buffer(ctx, CA_CERT, CA_CERT_SIZE, SSL_FILETYPE_ASN1);
              LWIP_ASSERT("wolfSSL_CTX_load_verify_locations() failed", ret == SSL_SUCCESS);
#endif
              wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);

              ssl = wolfSSL_new(ctx);
              if ( ssl == NULL )
              {
                  int error = wolfSSL_get_error(ssl, 0);
                  char *errStr="";
                  wolfSSL_ERR_error_string((unsigned long) error, errStr);
                  PRINTF("ERRO: wolfSSL_new: %d , %s\n", error, errStr);
              }
              LWIP_ASSERT("wolfSSL_new() failed.", ssl != NULL);
              wolfSSL_set_fd(ssl, listenfd);

              ret = wolfSSL_connect(ssl);
              if(ret == SSL_SUCCESS)
              {
                  PRINTF("ssl connect  ok \r\n");
                  if (wolfSSL_write(ssl, get_token_request, strlen(get_token_request)) != strlen(get_token_request))
                  {
                          PRINTF("[write ERROR]: failed to write\n");
                  }
                  else
                  {
                      PRINTF("write string =%s \r\n",get_token_request);
                      do
                      {
                          recv_len=(wolfSSL_read(ssl,recv_buf,1024));
                          my_value.flag_walle_server_connect=false;
                          PRINTF("recv len = %d,and recv string = %s \r\n",recv_len,recv_buf);
                      }while(recv_len==0||recv_len<0);
                  }
              }
              else
              {
                  PRINTF("ret = %d \r\n",ret);
                  int error = wolfSSL_get_error(ssl, 0);
                  char *errStr="";
                  wolfSSL_ERR_error_string((unsigned long) error, errStr);
                  PRINTF("ERRO: wolfSSL_connect: %d , %s\r\n", error, errStr);
              }
              wolfSSL_free(ssl);
              wolfSSL_CTX_free(ctx);
              wolfSSL_Cleanup();
              close(listenfd);
          }
          close(listenfd);

Share

Re: ERRO: wolfSSL_connect renturn -125

Hi @

As I had mentioned on https://www.wolfssl.com/forums/topic148 … urn-0.html regarding memory constraints. -125 is an out of memory error:

// From wolfssl-root/wolfssl/wolfcrypt/error-crypt.h

 67     MEMORY_E           = -125,  /* out of memory error */

I realize that didn't turn out to be the initial error (which you resolved by setting up an entropy source) but the same recommendation holds for this error as well. Make sure you have setup sufficient heap/stack. Keep in mind that if you set configTOTAL_HEAP_SIZE to 30k and make your maintask stack size also 30k that task stack gets allocated from the total heap so you'll have no heap left at that point. Make sure to set the configTOTAL_HEAP_SIZE sufficiently large enough to allow for your task(s) stack(s) and also have heap remaining for other pvPortMalloc() calls.

Regards,

K