Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

esp_at: large DTLS handshake messages fail reassembly in passive mode (AT+CIPRECVTYPE=1) #77993

Open
hasheddan opened this issue Sep 4, 2024 · 1 comment
Open

esp_at: large DTLS handshake messages fail reassembly in passive mode (AT+CIPRECVTYPE=1) #77993

hasheddan opened this issue Sep 4, 2024 · 1 comment
Assignees
@mniestroj
Labels
area: Wi-Fi Wi-Fi bug The issue is a bug, or the PR is fixing a bug priority: low Low impact/importance bug

Comments

@hasheddan
Copy link
Contributor

Describe the bug

When interacting with a DTLS server using the esp_at WiFi driver with CONFIG_WIFI_ESP_AT_PASSIVE_MODE=y, if the size of a reassembled DTLS handshake message exceeds 2048, mbedtls will frequently fail to complete the handshake because the portion of the UDP datagram which contains the second fragment will frequently be less than that of the DTLS message. This causes mbedtls to discard the record with a message like the following:

[00:06:33.144,592] <err> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3895: Datagram of length 743 too small to contain record of advertised length 849.

This occurs because CIPRECVDATA_MAX_LEN is hard-coded to ESP_MTU, which is hard-coded to 2048, so if the sum of the fragments exceeds 2048 they won't both be able to be read in a single operation by mbedtls.

Consider the following sequence of datagrams from the server:
image

The first datagram containing the Server Hello has length 80:
image

The second containing the first fragment of the Certificate has length 1225:
image

Because CIPRECVDATA_MAX_LEN is 2048, we only have room for 743 bytes (2048 - 80 - 1225 = 743), but the first DTLS message (the second fragment) in the datagram indicates in its header that it alone is 849 bytes (836 bytes + 13 header bytes):

image

To Reproduce

Connect to a DTLS server that fragments records during the handshake with CONFIG_WIFI_ESP_AT_PASSIVE_MODE=y set on client.

The following config will assist in observing the behavior via logging:

CONFIG_WIFI_LOG_LEVEL_DBG=n
CONFIG_NET_SOCKETS_LOG_LEVEL_DBG=y
CONFIG_MBEDTLS_LOG_LEVEL_DBG=y
CONFIG_MBEDTLS_DEBUG=y

Expected behavior

Manually increasing the CIPRECVDATA_MAX_LEN allows the handshake to complete successfully (I set to 4096), so one option would be to expose it as a user configurable value. Alternatively, higher levels of the stack may be able to handle ensuring that multiple records are identified.

Impact

Using the esp_at driver in passive mode is not possible in some scenarios with some servers.

Logs and console output

Shown above.

Environment (please complete the following information):

  • Zephyr 3.7.0
  • mbedtls at commit 2f24831ee13d399ce019c4632b0bcd440a713f7c
@hasheddan hasheddan added the bug The issue is a bug, or the PR is fixing a bug label Sep 4, 2024
@mniestroj mniestroj self-assigned this Sep 4, 2024
@hasheddan
Copy link
Contributor Author

Though a handshake can still be completed in active mode, in Zephyr v3.7.0 this precludes the use of Zephyr's DNS resolution as it uses recvfrom, which is not implemented for active mode. However, @mniestroj has implemented it for active mode on main: 460b111

@mmahadevan108 mmahadevan108 added the priority: low Low impact/importance bug label Sep 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mniestroj mniestroj

Labels
area: Wi-Fi Wi-Fi bug The issue is a bug, or the PR is fixing a bug priority: low Low impact/importance bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@henrikbrixandersen @mniestroj @mmahadevan108 @hasheddan