1 (edited by teja.veeragandam 2020-01-21 09:06:12)

Topic: Wolfssl connect is never got success in non blocking state

Pasted the code below, in which I failed to make wolfssl_connect function success.
I am getting SOCKET_ERROR_E for wolfSSL_get_error function.
Can anyone help?

STATIC WOLFSSL_CTX *tls_context = NULL;   /* WolfSSL context */
STATIC WOLFSSL *ssl = NULL;               /* SSL object */

/****************************************************************************/
/*                  See header file for documentation                       */
/****************************************************************************/
EXTERN int GDP_PAL_Socket(int protocol_family, int type, int protocol)
{
  int socket_id = -1;
 
  /* Call NetX BSDs socket function */
  socket_id = socket(protocol_family, type, protocol);
 
  /* Did we get a valid socket id? */
  if(socket_id > 0)
  {
    (void)fcntl(socket_id, F_SETFL, fcntl(socket_id, F_GETFL, 0) | O_NONBLOCK);
   
    /* Create new TLS context using TLS 1.2 */
    tls_context = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
   
    if(tls_context != NULL)
    {
      /* Set verification level */
      wolfSSL_CTX_set_verify(tls_context, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
     
      /* Create SSL object */
      ssl = wolfSSL_new(tls_context);
     
      if(ssl != NULL)
      {
        wolfSSL_SSLSetIORecv(ssl, my_recv_func);
        wolfSSL_SSLSetIOSend(ssl, my_send_fnc);
        wolfSSL_SetIOSend(tls_context, my_send_fnc);
        wolfSSL_SetIORecv(tls_context, my_recv_func);
       
        wolfSSL_set_verify(ssl, WOLFSSL_VERIFY_NONE, NULL);
      }
    }
  } 
 
  return socket_id;
}

/****************************************************************************/
/*                  See header file for documentation                       */
/****************************************************************************/
EXTERN int GDP_PAL_Connect(int socket_id, sockaddr_t *remote_address, int address_length)
{
  int result = -1;
  int wolfssl_error = 0;
  int8_t dns_retry_cnt = 5; /* Used to break out of loop after 5 failed attempts */
 
  UINT status = 0;
  ULONG host_ip_address = 0;
  static uint8_t sckt_conn_state = LOOKUP_STATE;
 
  if(remote_address != NULL)
  {
    switch(sckt_conn_state)
    {
      case LOOKUP_STATE:
        do
        {
          host_ip_address = NetX_dns_loopup_ipv4(remote_address->address, DNS_LOOKUP_TIMEOUT);
          /* Attempt to look up the IP address of the requested server */
          //status = nx_dns_host_by_name_get(&my_dns, (UCHAR *)remote_address->address, &host_ip_address, DNS_LOOKUP_TIMEOUT);
          dns_retry_cnt--;
        } while((status != NX_SUCCESS) && (dns_retry_cnt > 0));
       
        if(status == NX_SUCCESS)
        {
          if(tls_context != NULL)
          {
            wolfSSL_CTX_use_certificate_buffer(tls_context, certificate, certificate_size, SSL_FILETYPE_PEM);
          }
         
          /* Got the IP of the server, fill out the address structure */
          memset(&server_addr, 0, sizeof(server_addr));
         
          server_addr.sin_family = AF_INET;
          server_addr.sin_port = htons(remote_address->port);
          server_addr.sin_addr.s_addr = htonl(host_ip_address);         
          sckt_conn_state = REQ_SCKT_CONNECT_STATE;
        }
        else
        {
          break;
        }
      case REQ_SCKT_CONNECT_STATE:
        if(connect(socket_id, (struct sockaddr *)&server_addr, sizeof(server_addr)) == 0)
        {
          /* Connected, feed WolfSSL with the required information */
          wolfSSL_set_fd(ssl, socket_id);     
          /* make wolfSSL object nonblocking */
          wolfSSL_set_using_nonblock(ssl, 1); 
          wolfSSL_check_domain_name(ssl, remote_address->address);
          sckt_conn_state = REQ_SSL_CONNECT_STATE;
        }
        else
        {
          break;
        }
      case REQ_SSL_CONNECT_STATE:
        /* Start TLS connection procedure */
        wolfssl_error = wolfSSL_connect(ssl);
        if(wolfssl_error == WOLFSSL_SUCCESS)
        {
          sckt_conn_state = LOOKUP_STATE;
          socket_connected = true;
          result = 0;
        }
        else
        {
          wolfssl_error = wolfSSL_get_error(ssl, 0);
          error_buffer[i++] = wolfssl_error;
          if(i == 100)
          {
            i = 0;
          }
//          if((wolfssl_error != WOLFSSL_ERROR_WANT_READ) &&
//             (wolfssl_error != WOLFSSL_ERROR_WANT_WRITE))
//          {
               //Socket close
//          }
        }
        break;
      default:
        break;
    }
  }
 
  return result;
}

void main()
{
  int socket_num = -1;
    int connect_state = -1;
  while(1)
    {
      if(socket_num == -1)
        {
        socket_num = GDP_PAL_Socket(AF_INET, SOCK_STREAM ,0);
      }
    else if(connect_state == -1)
        {
          connect_state = GDP_PAL_Connect(socket_num, &addr, strlen(addr.address));
        }
        else
        {
          //Send data and close socket.. Yet to implement.
        }
    }
}

Share

Re: Wolfssl connect is never got success in non blocking state

Hi @teja,

Thank you so much for reaching out to wolfSSL. Can you tell us a bit about what you are working on and who this effort is for? Is this an evaluation of wolfSSL or something else?

Can you tell us what remote_address->port is set to in the below portion of your code? Is it 80 or 443?

          server_addr.sin_family = AF_INET;
          server_addr.sin_port = htons(remote_address->port);
          server_addr.sin_addr.s_addr = htonl(host_ip_address);          
          sckt_conn_state = REQ_SCKT_CONNECT_STATE;

Regards,

K

Re: Wolfssl connect is never got success in non blocking state

As part of the project, I am trying to connect the Azure cloud. I can communicate with Azure cloud with the socket in blocking mode without any issues. But when I tried to connect in a Non-blocking mode, it is returning SOCKET_ERROR_E.

I did some more analysis and found out that function "recv(pal_socket_id, buf, sz, flags);" from BSD layer returning -1 because of which we are getting SOCKET_ERROR_E.

I am trying to connect to port 443.

Share

Re: Wolfssl connect is never got success in non blocking state

@teja,

Have  you seen our simple non-blocking client example here: https://github.com/wolfSSL/wolfssl-exam … locking.c?

Perhaps give our example a try, (update the domain to the azure endpoint of course) and let us know if it connects OK.

Warm Regards,

K

Re: Wolfssl connect is never got success in non blocking state

Hi @teja,

Were you able to test our example? Was it able to connect?

Warm Regards,

K

Re: Wolfssl connect is never got success in non blocking state

Thank you for your reply.

Code what I mentioned is written by seeing the example. I didn't see much difference.
For confirmation, I will replace it with your code and confirm.

Share