@Simon!
I was reading your posts on this forum and saw that you managed to use
"mbedtls_ssl_conf_max_frag_len" function to get the request sent through SSL
be fragmented. Can you please advise how you managed to make it work?
I am doing a HTTPS server and one of the options is a file upload
IP own task.
>
> Thanks for everyone answering and giving ideas J
>
> Great work LwIP team.
>
> BR,
> Noam.
>
> From: lwip-users [mailto:lwip-users-bounces+noam=silrd@nongnu.org] On
> Behalf Of Noam Weissman
> Sent: Thursday, March 16, 2017 5:5
m.
BR,
Noam.
From: lwip-users [mailto:lwip-users-bounces+noam=silrd@nongnu.org] On
Behalf Of Noam Weissman
Sent: Thursday, March 16, 2017 5:58 PM
To: Mailing list for lwIP users
Subject: Re: [lwip-users] PolarSSL and mbedTLS
Simon,
I am not saying that LwIP has bugs because I am no
-bounces+noam=silrd@nongnu.org] On
Behalf Of goldsimon
Sent: Thursday, March 16, 2017 5:37 PM
To: Mailing list for lwIP users
Subject: Re: [lwip-users] PolarSSL and mbedTLS
From all information given so far, I fail to see how this would be an lwip
problem.
Did you test your SSL application
ssage-
> From: lwip-users [mailto:lwip-users-bounces+noam=silrd@nongnu.org] On
> Behalf Of Jan Menzel
> Sent: Wednesday, March 15, 2017 10:54 PM
> To: lwip-users@nongnu.org
> Subject: Re: [lwip-users] PolarSSL and mbedTLS
>
> Hi Noam!
> Did you follow th
From: lwip-users [mailto:lwip-users-bounces+noam=silrd@nongnu.org]
>On Behalf Of Jan Menzel
>Sent: Wednesday, March 15, 2017 10:54 PM
>To: lwip-users@nongnu.org
>Subject: Re: [lwip-users] PolarSSL and mbedTLS
>
>Hi Noam!
> Did you follow the error code through mbedtls's n
+noam=silrd@nongnu.org] On
Behalf Of Jan Menzel
Sent: Wednesday, March 15, 2017 10:54 PM
To: lwip-users@nongnu.org
Subject: Re: [lwip-users] PolarSSL and mbedTLS
Hi Noam!
Did you follow the error code through mbedtls's net.c? In my code its
translated into "MBEDTLS_ERR_SSL_WANT
Noam.
>
>
>
> -Original Message-
> From: lwip-users [mailto:lwip-users-bounces+noam=silrd....@nongnu.org] On
> Behalf Of Simon Goldschmidt
> Sent: Friday, March 10, 2017 10:36 AM
> To: lwip-users@nongnu.org
> Subject: Re: [lwip-users] PolarSSL and mbedTLS
>
Noam Weissman wrote:
Any ideas ?
No, sorry. I'm sure I could find this when debugging myself, but I keep
getting lost in your descriptions and I haven't yet seen one thing that
springs to mind to say "this is it"...
Simon
___
lwip-users mailing
-
From: lwip-users [mailto:lwip-users-bounces+noam=silrd@nongnu.org] On
Behalf Of Simon Goldschmidt
Sent: Friday, March 10, 2017 10:36 AM
To: lwip-users@nongnu.org
Subject: Re: [lwip-users] PolarSSL and mbedTLS
Noam Weissman wrote:
> I get a read error inside lwip_recvfrom funct
, March 14, 2017 4:36 PM
To: lwip-users@nongnu.org
Subject: Re: [lwip-users] PolarSSL and mbedTLS
Hi Noam!
IIRC this options is not widely implemented. Especially openssl seems
to lack it. If you configure a short FRAGMENT_LENGTH and the other side does
not respect the option, transfer of
data to read.
>
>
> BR,
>
> Noam.
>
>
>
>
>
> *From:* lwip-users <lwip-users-bounces+noam=silrd@nongnu.org> on
> behalf of goldsi...@gmx.de <goldsi...@gmx.de>
> *
eryone that puts their inputs J
>
>
>
> If I will have an update I will update the group.
>
>
>
> BR,
>
> Noam.
>
>
>
> *From:*lwip-users [mailto:lwip-users-bounces+noam=silrd@nongnu.org]
> *On Behalf Of *Noam Weissman
> *Sent:* Sunda
: [lwip-users] PolarSSL and mbedTLS
Hi Simon,
with SSL there is a read for 5 bytes record header and then reading the data
itself as a whole
or in parts (inside lwip_recvfrom).
My module is a single task that has a state machine. When the state is in OPEN
state it blocks
for 1 second on select
something stupid :-)
BR,
Noam.
From: lwip-users <lwip-users-bounces+noam=silrd@nongnu.org> on behalf of
goldsi...@gmx.de <goldsi...@gmx.de>
Sent: Saturday, March 11, 2017 11:29 PM
To: Mailing list for lwIP users
Subject: Re: [lwip-users] PolarSSL
Noam,
that sounds a bit too complicatied...
My first thought is: you call select and it returns that there is data
to read, but that does not mean there is enough data to read for TLS, so
EWOULDBLOCK is not an error at all in this case.
Simon
___
_
From: lwip-users <lwip-users-bounces+noam=silrd@nongnu.org> on behalf of
goldsi...@gmx.de <goldsi...@gmx.de>
Sent: Saturday, March 11, 2017 9:34 PM
To: Mailing list for lwIP users
Subject: Re: [lwip-users] PolarSSL and mbedTLS
Noam Weissman wrote:
I am not ignoring the fact that
Noam Weissman wrote:
I am not ignoring the fact that it may be the driver or definitions
but I am simply asking
for leads...
That's what I thought I gave in the last mail. OTOH, for getting the
errno set by recvfrom, you don't have to be an lwIP developer...
Simon
Simon Goldschmidt <goldsi...@gmx.de>
Sent: Friday, March 10, 2017 10:35 AM
To: lwip-users@nongnu.org
Subject: Re: [lwip-users] PolarSSL and mbedTLS
Noam Weissman wrote:
> I get a read error inside lwip_recvfrom function.
> [..]
> If anyone has any ideas on what more to check or te
Noam Weissman wrote:
> I get a read error inside lwip_recvfrom function.
> [..]
> If anyone has any ideas on what more to check or test please respond.
1: Get an idea of the error (if recvfrom returns -1, what's the corrent errno?)
2: Get a debugger and try to find out why recvfrom returns an
March 3, 2017 5:29 PM
To: lwip-users@nongnu.org
Subject: Re: [lwip-users] PolarSSL and mbedTLS
Hi Noam! Hi Simon!
I'm using mbedtls v2.2.1 and lwip 2.0.0RC2 without problems. I can't
remember that I've ever seen the EWOULDBLOCK error. In the interface
code between mbedtls and lwip I found a
PM
To: lwip-users@nongnu.org
Subject: Re: [lwip-users] PolarSSL and mbedTLS
Hi Noam! Hi Simon!
I'm using mbedtls v2.2.1 and lwip 2.0.0RC2 without problems. I can't
remember that I've ever seen the EWOULDBLOCK error. In the interface
code between mbedtls and lwip I found a few references to
t does have a problem, length is 14829 ?
>
> Any ideas ??
>
> BR,
> Noam.
>
> -Original Message-
> From: lwip-users [mailto:lwip-users-bounces+noam=silrd@nongnu.org] On
> Behalf Of goldsi...@gmx.de
> Sent: Wednesday, March 01, 2017 9:27 PM
> To: M
829 ?
Any ideas ??
BR,
Noam.
-Original Message-
From: lwip-users [mailto:lwip-users-bounces+noam=silrd@nongnu.org] On
Behalf Of goldsi...@gmx.de
Sent: Wednesday, March 01, 2017 9:27 PM
To: Mailing list for lwIP users
Subject: Re: [lwip-users] PolarSSL and mbedTLS
I did have mbedT
t; on behalf of
goldsi...@gmx.de <goldsi...@gmx.de>
Sent: Thursday, March 2, 2017 11:24 PM
To: Mailing list for lwIP users
Subject: Re: [lwip-users] PolarSSL and mbedTLS
Noam Weissman wrote:
Same problem with either 1.41 or 2.01 tested on both
Up to now, EWOULDBLOCK is based on netconn ca
Noam Weissman wrote:
Same problem with either 1.41 or 2.01 tested on both
Up to now, EWOULDBLOCK is based on netconn callback events. I'm in the
progress of changing this to be a result of a "tryget" operation on the
recvmbox. If there should be a bug in the event callback handling, this
lrd@nongnu.org> on behalf of
goldsi...@gmx.de <goldsi...@gmx.de>
Sent: Thursday, March 2, 2017 8:54 PM
To: Mailing list for lwIP users
Subject: Re: [lwip-users] PolarSSL and mbedTLS
Noam Weissman wrote:
> lwip_recvfrom is called.
>
> Inside this function there is a do <>
Noam Weissman wrote:
lwip_recvfrom is called.
Inside this function there is a do <> while loop that is supposed to collect
the fragments into the 16K buffer
and after getting it all return to the SSL for decryption etc...
for some reason it always returns with EWOULDBLOCK error !
Which
7 8:08 PM
To: lwip-users@nongnu.org
Subject: Re: [lwip-users] PolarSSL and mbedTLS
Hi Noam!
With MAX_CONTENT_LEN set to 16k you have to provide more then 32k to
the SSL stack. With 64k ssl memory pool, that should be fine. You'll need more
memory for extensive math in case you enable en
to decrypt. So if it
> Works for a small message it should work for a larger message that is
> decrypted in chunks anyway.
>
> Any suggestion for an easy to handle (for testing) WSS server in PHP or
> similar ?
>
> I think you are correct that it is a memory problem or some tw
.@peperoni-light.de>
> *Sent:* Wednesday, March 1, 2017 11:46 PM
> *To:* lwip-users@nongnu.org
> *Subject:* Re: [lwip-users] PolarSSL and mbedTLS
>
> Hi Noam!
> SSL/TLS isn't that simple. Besides encryption the data is also
> hashed
> to detect data integrity iss
Subject: Re: [lwip-users] PolarSSL and mbedTLS
Hi Noam!
SSL/TLS isn't that simple. Besides encryption the data is also hashed
to detect data integrity issues. This places strong resource
requirements on the block size that is used for hashing and this is
where MAX_CONTENT_LEN comes into p
-
> *From:* lwip-users <lwip-users-bounces+noam=silrd@nongnu.org> on
> behalf of goldsi...@gmx.de <goldsi...@gmx.de>
> *Sent:* Wednesday, March 1, 2017 9:26 PM
> *To:* Mailing list for lwIP users
> *Subject:* Re: [lwip-users] PolarSSL and mbedTLS
>
>
wip-users-bounces+noam=silrd@nongnu.org> on behalf of
goldsi...@gmx.de <goldsi...@gmx.de>
Sent: Wednesday, March 1, 2017 9:26 PM
To: Mailing list for lwIP users
Subject: Re: [lwip-users] PolarSSL and mbedTLS
I did have mbedTLS running against our httpd (no sockets) but the
resource usag
I did have mbedTLS running against our httpd (no sockets) but the
resource usage was rather high.
I'd imagine the problem could be lwIP's memory configurations here, too.
Simon
Jan Menzel wrote:
Hi Noam!
I've designed a system with almost the same setup which works well
since a few
Hi Noam!
I've designed a system with almost the same setup which works well
since a few years incl. firmware updates of a ~200kb.
Did you checked the memory consumption of the ip stack and the ssl max
content length setting? The default max content length setting is IIRC
16kb,
Noam Weissman wrote:
> I have a client, single task using the socket API using and also PolarSSL for
> SSL support.
> [..]
> When I try to send small messages from the server to my client all is working
> ok but when I try to push a large
> message 6K and up my ssl_read function fails with a
Hi,
I have a client, single task using the socket API using and also PolarSSL for
SSL support.
The client is WebSocket client and all seems to work ok.
When I try to send small messages from the server to my client all is working
ok but when I try to push a large
message 6K and up my ssl_read
38 matches
Mail list logo