You are not logged in. Please login or register.
Active topics Unanswered topics
Welcome to the wolfSSL Forums!
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
References
Stable Releases - download stable product releases.
Development Branch - latest development branch on GitHub.
wolfSSL Manual - wolfSSL (formerly CyaSSL) product manual and API reference.
Search options
Thank you! It's tough on those who are inexperienced to have incorrect documentation. I'll take a look at the callback, too. Hopefully that documentation is okay. 
Hello,
If you visit this documentation page, the MqttClient_WaitMessage() function prototype only shows 2 parameters, but the example below it shows 3:
https://www.wolfssl.com/docs/wolfmqtt-m … i4qultver2
I am looking to read the incoming message.
I saw that there were memory leak fixes made in wolfSSL. I am going to try using this latest version.
Regarding the wolfSSL_shutdown(), I see.
About the memory flags, I am rather unfamiliar with using such flags in my embedded environment (an NXP K22 128 kB RAM, using their CodeWarrior IDE). Am I able to, or are these for full operating systems? And what do these do for me; I find no documentation.
Since MqttSocket_Disconnect() is in wolfMQTT's library, wouldn't that still leave any wolfSSL socket resources allocated? Or does wolfMQTT tell wolfSSL to free its socket resources somehow? Since I can find no calls to wolfSSL_shutdown() anywhere in the wolfMQTT or wolfSSL libraries, what's the point of that function in the first place?
This is an embedded project, so I don't know how I would use Valgrind. wolfMQTT itself has only a couple of mallocs and my manual debugger tracing showed me they are handled correctly. But there are dozens within wolfSSL and it eats more memory upon every re-connection.
Thank you, Eric, for your reply.
I think it's the server that is initiating the disconnect from my wolfMQTT client. Wouldn't that leave a wolfSSL socket hanging?
I did not explicitly use mqtt_tls_cb(), and after a code search, I don't see it being utilized by wolfSSL nor wolfMQTT.
I am trying to track down a memory leak that occurs every time wolfSSL tries to reconnect after the socket connection with a sever was lost. I am not an expert, so I ask: Should MqttSocket_Disconnect() within mqtt_socket.c also contain a call to wolfSSL_shutdown()?
NXP's CodeWarrior 10.6 MCU GUI compiling NXP's/MQX's PSPs and BSPs.
Thank you, I think I understand. The function names and manual don't lend themselves to clarity.
The wolfSSL library first gets initialized. Then a wolfSSL context is created. From that context, a wolfSSL session is created, through which a regular socket is "encrypted". One session per socket, meaning, multiple sessions/sockets are possible.
I am using MQX 4, if you have more you'd like to explain.
Is it reasonably possible to use wolfSSL in an embedded environment for multiple, simultaneous, encrypted connections (sockets)? I haven't tried more than one connection yet, but I know there is a context I need to set up first and I don't know whether the wolfSSL initialization will accept multiple connections. Thank you.
Function "MqttDecode_ConenctAck()" is misspelled (in version 0.13.0), I assume.
I'm not sure I'd bother "fixing" your code for MQX v4.2 since your code is handling it properly: htons() and similar functions SHOULD be used when communicating over a network, as far my familiarity with it goes.
I could report the MQX issue to whomever owns the problem this year, but it seems like they're already onto their next OS du jour. (Maybe you can add some cautionary code comment next to your connect() call? I don't know...) Thank you again for your help.
I have to admit, I didn't think I'd see anything via Wireshark, but I saw that it was trying to connect to the wrong port. I think MQX's (v4.2) htons() is broken (used by your "mqttnet.c"), swapping bytes when it's not supposed to. Once the htons() was removed, the code connected securely to AWS' IoT gateway. Thank you for your help.
I don't think I'm getting to the wolfSSL_connect() - I put a print statement immediately after the initial MQX connect() and it only prints after the connect()'s default timeout of 3 minutes is reached (blocked). When I change connect()'s timeout to 10 seconds, then the print statement executes at 10 seconds. Unless some sort of background print threading/blocking is going on that I'm unaware of...
I am aware of how AWS requires certificates, etc., as I have successfully connected/subscribed before using mbed's AWS example and TLS. I'm just trying to replicate that in the wolf/MQX environment.
Does wolfSSL_connect() use the regular connect() in the background? That might explain what I'm seeing, perhaps. I can try the wolfSSL's debugging and see what Wireshark reveals. Thank you.
Hello David,
I am building on an NXP/Freescale "Freedom Board". Amazon's AWS' IoT service sees that I am trying to connect, but that access is denied (shown in the AWS logs).
When you say that the socket must be open, you mean "connected to the AWS server", THEN the wolfSSL_connect() is called to form an encrypted connection? I'm not getting past that first unencrypted connection step. I have used MQX's connect() before without trouble. If what you say is correct, then I would think AWS should accept any connection at first. Do you have any thoughts?
I apologize; I see there ARE wolfSSL calls deeper in the code, I'm just not getting there as I am stuck on the first connect() which times out after 3 minutes.
Doesn't the initial connection need to be encrypted; why is the example code connecting to AWS IoT with an un-encrypted connection first before calling wolfSSL_connect()? Thank you.
Thank you; I'll see how it goes.
Am I correct in stating that the Amazon AWS IoT example included with wolfMQTT does not work as is since it makes no wolfSSL function calls to encrypt the connection? (The connect() call on my embedded platform only times out...)
Hello,
I am trying to port wolfMQTT to an NXP processor running the MQX v4.2 OS. The compiler is telling me that file mqttnet.c needs a structure "timeval" ('error: dereferencing pointer to incomplete type'). I made one up (what I THINK it wants) and put it in the file:
struct timeval {
int tv_sec;
int tv_usec;
}
The error goes away. But do I need to increment/decrement those structure variables based on time or does wolfMQTT handle that? Thank you.
Should I move this issue to your email support? I don't know how frequently forum questions are handled here.
Chris, thank you for your reply.
Running the test on the target sounds like a good idea, but I have no filesystem. Is this feasible?
What is meant by "NO_MAIN_DRIVER"; a driver for what?
I have some basic questions about doing encrypted email on an embedded platform. I am posting here because I'm sure others will want to do the same thing in the future.
If I want to send an email without validating the email server's identity via certificates, but still encrypt the communication, how would I go about doing that? I try such code below but I keep getting a PEER_KEY_ERROR from CyaSSL_negotiate.
CyaSSL_Init();
method = CyaSSLv23_client_method();
ctx = CyaSSL_CTX_new(method);
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
wolfSSL_CTX_use_PrivateKey_buffer(ctx,
clientKeyInBuffer,
strlen(clientKeyInBuffer),
SSL_FILETYPE_PEM);
ssl = CyaSSL_new(ctx);
socket = SMTP_connect(¶ms->server);
recv(socket, response, CYASSL_SMTP_RESPONSE_BUFFER_SIZE, 0);
CyaSSL_set_fd(ssl, socket);
SMTP_send_command(socket, "EHLO me", response);
SMTP_send_command(socket, "STARTTLS", response);
CyaSSL_negotiate(ssl);
SSL_SMTP_send_command(socket, "EHLO me", response);
Variable "clientKeyInBuffer" holds what was in ASCII disk file "client-key.pem".
Posts found: 22
Generated in 0.019 seconds (95% PHP - 5% DB) with 5 queries