Re: #networking #ppp #gsm_modem #mbedtls #networking #ppp #gsm_modem #mbedtls

Jukka Rissanen
 

Hi Bo,

some comments inline below:

On Wed, 2020-05-06 at 09:36 -0700, Bo.Kragelund@... wrote:
Hello

I am working on an application on frdm_k64f board using official
zephyr release 2.2.0.
Can you try what you are doing using upstream master branch, it might
have issues fixed regarding what you are trying to do?

The application involves mqtt and mbedtls.
The connection is a secure connection using certificates.
The application is using either LAN with dhcpv4 client or gsm modem
with ppp.

Everything works perfect via LAN, which means
the mbedtls_ssl_handshake_client_step() function in ssl_cli.c passes
all steps of verifying certificates.

But when I use gsm modem I can connect to the network, but the
mbedtls_ssl_handshake_client_step() function stops in state
MBEDTLS_SSL_CERTIFICATE_VERIFY.
Debugging shows, that the net_ctx->flags suddenly switch from 0x14d
to 0x148, which indicates the connection is unconnected or idle, and
NET_CONMTEXT_IN_USE is also false. Please see the table of the flags
I have made here below.
In all previous states before MBEDTLS_SSL_CERTIFICATE_VERIFY, the
flags are 0x14D and every step of the
mbedtls_ssl_handshake_client_step() function works until this sudden
change in flags.

I have made sure that CONFIG_NET_PKT_RX_COUNT and
CONFIG_NET_PKT_TX_COUNT are 14 as recommended for
CONFIG_NET_L2_ETHERNET, which I then assume also applies to
NET_L2_PPP.
Where do you see a recommendation to use 14 as a value for
buffers/packets, in documentation or in samples? Usually you should use
as many network buffers as possible in your application (depending on
your application needs and device possibilities of course). The value
14 used in some sample apps, is just a reasonable working value for
some use case, but your application use case might be different.

I have also made sure that CONFIG_NET_BUF_RX_COUNT and
CONFIG_NET_BUF_TX_COUNT are 36 as recommended for
CONFIG_NET_L2_ETHERNET, which I then assume also applies to
NET_L2_PPP.
Same comment to value 36 here as for previous comment about number of
buffers.

But maybe there other CONFIG parameters I am not aware of, that need
to be adjusted. Maybe some timeout?
You could experiment with these mbedtls options. Are the values of
these same when you use Ethernet vs GSM modem?

ONFIG_MBEDTLS_HEAP_SIZE
CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN

Try increasing the max content len to 16kb, mbedtls is really memory
hungry and can fail weirdly if some buffers are not long enough.

The basic configuration was taken from the gsm_modem sample pr
oject and extended from there.
I have attached the autoconf.h so you can see the full configuration.
Hopefully someone can help me figure out, what I am missing to make
the application work with gsm modem.

I have also added my own debug code with printk, because enabling
debugging for some of the modules simply makes it impossible to
display all debug messages in a console.
Hmm, I did not quite understand this comment. If you see log messages
being dropped, try increasing these values

CONFIG_LOG_BUFFER_SIZE=65536
CONFIG_LOG_STRDUP_BUF_COUNT=100

the buf count could be even higher if you have memory.

Zephyr writes it has dumped e.g. 54 messages.
I have also attached my debug output, where each state in the
mbedtls_ssl_handshake_client_step() function is clearly identified,
and some debug info about the flags, number of bytes to send etc.
And here you can see the change in flags clearly in state
MBEDTLS_SSL_CERTIFICATE_VERIFY.

Best regards

Bo Kragelund
Prevas A/S
You can also discuss these issues in #networking or #modem channels in
Zephyr slack.


Cheers,
Jukka

Join devel@lists.zephyrproject.org to automatically receive all group messages.