aws_iot example without network offloading

Hello,

I would like to know how to build the aws_iot example without network offloading to the modem. I need to make AWS connections through both the nRF9160’s LTE-M connection as well as through an Ethernet ENC424J600 controller (PHYTEC link board ETH or equivalent), only one of these two interfaces will be enabled at a time.

As I understand it, if I want to use more than one interface in my app, I have to disable sockets offloading (CONFIG_NET_SOCKETS_OFFLOAD=n), but doing that prevents enabling LTE connectivity (CONFIG_LTE_CONNECTIVITY=y). Hence my issues of having everything somehow use MbedTLS and being transparent to the AWS IoT library.

I have spent weeks trying to make the examples work independently and together (aws_iot, aws_iot_mqtt (which I cannot get to compile for the nRF9160DK because of build errors with TF-M), https_client and others) and cannot get anywhere close to where I need… I can make the dns_resolve work over Ethernet for example, by disabling the sockets offloading so that getaddrinfo() properly calls dns_get_addr_info() and such but putting everything together is a nightmare because of configuration incompatibilities with nRF Modem’s libraries…

I hope someone has any idea to help me here, thanks!

Top Replies

GilDev over 1 year ago in reply to GilDev +1 verified

I have made some advancements on the matter. Turns out you can indeed keep the offloaded sockets enabled but still use the native implementation by using the SOCK_NATIVE flag when opening a socket. SOCK_NATIVE_TLS…

Parents

0 GilDev over 1 year ago

I’ve been experimenting a bit more with this sample and using only Ethernet as a first step, I’m now having errors when doing the TLS handshake. I attach the project (my Ethernet configuration is in the “prj-ethernet.overlay.conf" file), here is the log I’m getting with MbedTLS debug enabled:

*** Booting nRF Connect SDK v2.5.0 ***
[00:00:00.394,714] <inf> aws_iot_sample: The AWS IoT sample started, version: v1.0.0
[00:00:00.394,744] <inf> aws_iot_sample: Bringing network interface up and connecting to the network
[00:00:00.394,805] <inf> aws_iot_sample: Start on enc424j600@0: index=1
[00:00:02.086,578] <inf> ethdrv: Link up
[00:00:02.087,188] <inf> ethdrv: 100Mbps
[00:00:02.087,219] <inf> ethdrv: full duplex
[00:00:02.102,508] <dbg> net_ctx: net_context_bind: (rx_q[0]): Context 0x20003204 binding to UDP 0.0.0.0:42223 iface 1 (0x20001018)
[00:00:02.107,940] <inf> net_dhcpv4: Received: 192.168.6.79
[00:00:02.108,123] <inf> aws_iot_sample: DHCP Successful!

[00:00:02.108,184] <inf> aws_iot_sample: IPv4 address: 192.168.6.79
[00:00:02.108,215] <inf> aws_iot_sample: Lease time: 82800 seconds
[00:00:02.108,276] <inf> aws_iot_sample: Subnet: 255.255.255.0
[00:00:02.108,337] <inf> aws_iot_sample: Router: 192.168.6.1
[00:00:02.108,581] <inf> aws_iot_sample: Network connectivity established
[00:00:07.108,703] <inf> aws_iot_sample: Connecting to AWS IoT
[00:00:07.108,795] <inf> aws_iot_sample: Next connection retry in 30 seconds
[00:00:07.108,856] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTING
[00:00:07.147,033] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:07.147,094] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:07.147,155] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:07.147,186] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
[00:00:07.147,247] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -103
[00:00:07.147,583] <dbg> net_sock_tls: tls_alloc: (aws_connection_poll_thread): Allocated TLS context, 0x200019d8
[00:00:07.148,101] <dbg> net_sock: zsock_socket_internal: (aws_connection_poll_thread): socket: ctx=0x200032a8, fd=1
[00:00:07.148,162] <dbg> net_mqtt_sock_tls: mqtt_client_tls_connect: (aws_connection_poll_thread): Created socket 0
[00:00:07.148,559] <dbg> net_ctx: net_context_bind: (aws_connection_poll_thread): Context 0x200032a8 binding to TCP 0.0.0.0:36687 iface 1 (0x20001018)
[00:00:07.313,568] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9222: got signature scheme [401] rsa_pkcs1_sha256
--- 24 messages dropped ---
[00:00:07.313,659] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9230: sent signature scheme [401] rsa_pkcs1_sha256
[00:00:07.313,781] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:0276: client hello, adding max_fragment_length extension
[00:00:07.313,873] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0671: client hello, total extension length: 17
[00:00:07.313,995] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0673: dumping 'client hello extensions' (17 bytes)
[00:00:07.314,270] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0673: 0000:  00 11 00 0d 00 08 00 06 06 01 05 01 04 01 00 01  ................
[00:00:07.314,453] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0673: 0010:  00                                               .
[00:00:07.314,697] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2634: => write handshake message
[00:00:07.314,788] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2801: => write record
[00:00:07.314,910] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2889: output record: msgtype = 22, version = [3:3], msglen = 72
[00:00:07.315,032] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: dumping 'output record sent to network' (77 bytes)
[00:00:07.315,277] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0000:  16 03 03 00 48 01 00 00 44 03 03 a2 8a dc e8 5b  ....H...D......[
[00:00:07.315,582] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0010:  e3 bf 7c 0b b1 4d 84 93 c4 45 7a fa 5e 6e 59 d8  ..|..M...Ez.^nY.
[00:00:07.315,856] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0020:  5d 0d 6c a3 e4 59 08 aa 50 4e 35 00 00 0a 00 3d  ].l..Y..PN5....=
[00:00:07.316,131] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0030:  00 35 00 3c 00 2f 00 ff 01 00 00 11 00 0d 00 08  .5.<./..........
[00:00:07.316,375] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0040:  00 06 06 01 05 01 04 01 00 01 00 01 02           .............
[00:00:07.316,436] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2945: <= write record
[00:00:07.316,528] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2762: <= write handshake message
[00:00:07.316,619] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0996: <= write client hello
[00:00:07.316,711] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
[00:00:07.316,802] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2202: message length: 77, out_left: 77
[00:00:07.610,504] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2209: ssl->f_send() returned 77 (-0xffffffb3)
[00:00:07.610,717] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2237: <= flush output
[00:00:07.611,785] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_SERVER_HELLO
[00:00:07.611,511] <err> ethdrv: Unknown Interrupt, EIR: 0x0788
[00:00:07.611,877] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1231: => parse server hello
[00:00:07.611,938] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4010: => read record
[00:00:07.611,999] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
[00:00:07.612,091] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 0, nb_want: 5
[00:00:07.612,182] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 0, nb_want: 5
[00:00:07.612,274] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3816: <= handshake
[00:00:07.629,638] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x200032a8, pkt=0x2000fbbc, st=0, user_data=0
[00:00:07.632,263] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x200032a8, pkt=0x2000fc00, st=0, user_data=0
[00:00:07.754,272] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1739: <= parse server hello
--- 44 messages dropped ---
[00:00:07.754,364] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
[00:00:07.754,425] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2196: <= flush output
[00:00:07.754,547] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_SERVER_CERTIFICATE
[00:00:07.754,608] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:7340: => parse certificate
[00:00:07.754,699] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4010: => read record
[00:00:07.754,791] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
[00:00:07.754,882] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 0, nb_want: 5
[00:00:07.755,004] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 0, nb_want: 5
[00:00:07.755,126] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2152: ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
[00:00:07.755,187] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2172: <= fetch input
[00:00:07.755,310] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: dumping 'input record header' (5 bytes)
[00:00:07.755,554] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: 0000:  16 03 03 13 8d                                   .....
[00:00:07.755,676] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3741: input record: msgtype = 22, version = [0x303], msglen = 5005
[00:00:07.755,737] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
[00:00:07.755,828] <err> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1980: requesting more data than fits
[00:00:07.755,950] <err> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4788: mbedtls_ssl_fetch_input() returned -28928 (-0x7100)
[00:00:07.756,072] <err> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4043: ssl_get_next_record() returned -28928 (-0x7100)
[00:00:07.756,164] <err> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:7363: mbedtls_ssl_read_record() returned -28928 (-0x7100)
[00:00:07.756,256] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3816: <= handshake
[00:00:07.756,286] <err> net_sock_tls: TLS handshake error: -7100
[00:00:07.757,049] <dbg> net_sock: z_impl_zsock_close: (aws_connection_poll_thread): close: ctx=0x200019d8, fd=0
[00:00:07.757,110] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:5961: => write close notify
[00:00:07.757,202] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:5974: <= write close notify
[00:00:07.758,361] <dbg> net_sock: z_impl_zsock_close: (aws_connection_poll_thread): close: ctx=0x200032a8, fd=1
[00:00:07.758,453] <dbg> net_sock: zsock_flush_queue: (aws_connection_poll_thread): discarding pkt 0x2000fbbc
[00:00:07.758,544] <dbg> net_sock: zsock_flush_queue: (aws_connection_poll_thread): discarding pkt 0x2000fc00
mqtt_connect: Software caused connection abort
[00:00:08.078,460] <err> aws_iot: mqtt_connect, error: -113
[00:00:08.078,521] <err> aws_iot: AWS broker connect failed -113
[00:00:08.079,223] <err> ethdrv: Unknown Interrupt, EIR: 0x0788
[00:00:08.083,648] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTING
[00:00:10.076,141] <dbg> net_ctx: net_context_unref: (tcp_work): Context 0x200032a8 released

Increasing MBEDTLS_SSL_MAX_CONTENT_LEN to 6000 (from the default MTU size 1500) gives this:

*** Booting nRF Connect SDK v2.5.0 ***
[00:00:00.388,793] <inf> aws_iot_sample: The AWS IoT sample started, version: v1.0.0
[00:00:00.388,824] <inf> aws_iot_sample: Bringing network interface up and connecting to the network
[00:00:00.388,885] <inf> aws_iot_sample: Start on enc424j600@0: index=1
[00:00:02.079,650] <inf> ethdrv: Link up
[00:00:02.080,291] <inf> ethdrv: 100Mbps
[00:00:02.080,322] <inf> ethdrv: full duplex
[00:00:02.095,336] <dbg> net_ctx: net_context_bind: (rx_q[0]): Context 0x20003a34 binding to UDP 0.0.0.0:52490 iface 1 (0x20001048)
[00:00:02.100,311] <inf> net_dhcpv4: Received: 192.168.6.79
[00:00:02.100,494] <inf> aws_iot_sample: DHCP Successful!

[00:00:02.100,555] <inf> aws_iot_sample: IPv4 address: 192.168.6.79
[00:00:02.100,585] <inf> aws_iot_sample: Lease time: 82800 seconds
[00:00:02.100,616] <inf> aws_iot_sample: Subnet: 255.255.255.0
[00:00:02.100,677] <inf> aws_iot_sample: Router: 192.168.6.1
[00:00:02.100,952] <inf> aws_iot_sample: Network connectivity established
[00:00:07.101,043] <inf> aws_iot_sample: Connecting to AWS IoT
[00:00:07.101,135] <inf> aws_iot_sample: Next connection retry in 30 seconds
[00:00:07.101,196] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTING
[00:00:07.125,732] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:07.125,793] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:07.125,854] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:07.125,885] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
[00:00:07.125,946] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -103
[00:00:07.126,251] <dbg> net_sock_tls: tls_alloc: (aws_connection_poll_thread): Allocated TLS context, 0x20002208
[00:00:07.126,739] <dbg> net_sock: zsock_socket_internal: (aws_connection_poll_thread): socket: ctx=0x20003ad8, fd=1
[00:00:07.126,831] <dbg> net_mqtt_sock_tls: mqtt_client_tls_connect: (aws_connection_poll_thread): Created socket 0
[00:00:07.127,197] <dbg> net_ctx: net_context_bind: (aws_connection_poll_thread): Context 0x20003ad8 binding to TCP 0.0.0.0:53820 iface 1 (0x20001048)
[00:00:07.285,034] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:1221: The SSL configuration is tls12 only.
[00:00:07.286,621] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3805: => handshake
[00:00:07.286,682] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
[00:00:07.286,773] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2196: <= flush output
[00:00:07.286,865] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_HELLO_REQUEST
[00:00:07.286,926] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
[00:00:07.286,987] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2196: <= flush output
[00:00:07.287,109] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_CLIENT_HELLO
[00:00:07.287,170] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0927: => write client hello
[00:00:07.287,475] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0485: dumping 'client hello, random bytes' (32 bytes)
[00:00:07.287,750] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0485: 0000:  a4 b6 a5 2a aa 1c 25 c1 43 01 72 a6 e2 46 98 6d  ...*..%.C.r..F.m
[00:00:07.288,024] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0485: 0010:  10 5f 8c 67 ad 6d 3b 21 2b 5c 9e a3 13 68 35 a5  ._.g.m;!+\...h5.
[00:00:07.288,116] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0510: dumping 'session id' (0 bytes)
[00:00:07.288,238] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0367: client hello, add ciphersuite: 003d, TLS-RSA-WITH-AES-256-CBC-SHA256
[00:00:07.288,360] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0367: client hello, add ciphersuite: 0035, TLS-RSA-WITH-AES-256-CBC-SHA
[00:00:07.288,482] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0367: client hello, add ciphersuite: 003c, TLS-RSA-WITH-AES-128-CBC-SHA256
[00:00:07.288,574] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0367: client hello, add ciphersuite: 002f, TLS-RSA-WITH-AES-128-CBC-SHA
[00:00:07.288,665] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0386: adding EMPTY_RENEGOTIATION_INFO_SCSV
[00:00:07.288,757] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0395: client hello, got 5 cipher suites
[00:00:07.288,848] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9202: adding signature_algorithms extension
[00:00:07.288,940] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9222: got signature scheme [601] rsa_pkcs1_sha512
[00:00:07.289,031] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9230: sent signature scheme [601] rsa_pkcs1_sha512
[00:00:07.289,154] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9222: got signature scheme [501] rsa_pkcs1_sha384
[00:00:07.289,245] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9230: sent signature scheme [501] rsa_pkcs1_sha384
[00:00:07.289,337] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9222: got signature scheme [401] rsa_pkcs1_sha256
[00:00:07.289,459] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9230: sent signature scheme [401] rsa_pkcs1_sha256
[00:00:07.289,550] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:0276: client hello, adding max_fragment_length extension
[00:00:07.289,642] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0671: client hello, total extension length: 17
[00:00:07.289,733] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0673: dumping 'client hello extensions' (17 bytes)
[00:00:07.290,008] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0673: 0000:  00 11 00 0d 00 08 00 06 06 01 05 01 04 01 00 01  ................
[00:00:07.290,191] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0673: 0010:  00                                               .
[00:00:07.290,405] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2634: => write handshake message
[00:00:07.290,466] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2801: => write record
[00:00:07.290,588] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2889: output record: msgtype = 22, version = [3:3], msglen = 72
[00:00:07.290,710] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: dumping 'output record sent to network' (77 bytes)
[00:00:07.290,954] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0000:  16 03 03 00 48 01 00 00 44 03 03 a4 b6 a5 2a aa  ....H...D.....*.
[00:00:07.291,229] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0010:  1c 25 c1 43 01 72 a6 e2 46 98 6d 10 5f 8c 67 ad  .%.C.r..F.m._.g.
[00:00:07.291,473] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0020:  6d 3b 21 2b 5c 9e a3 13 68 35 a5 00 00 0a 00 3d  m;!+\...h5.....=
[00:00:07.291,748] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0030:  00 35 00 3c 00 2f 00 ff 01 00 00 11 00 0d 00 08  .5.<./..........
[00:00:07.291,992] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0040:  00 06 06 01 05 01 04 01 00 01 00 01 04           .............
[00:00:07.292,053] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2945: <= write record
[00:00:07.292,144] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2762: <= write handshake message
[00:00:07.292,205] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0996: <= write client hello
[00:00:07.292,266] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
[00:00:07.292,358] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2202: message length: 77, out_left: 77
[00:00:07.890,808] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2209: ssl->f_send() returned 77 (-0xffffffb3)
[00:00:07.891,693] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2237: <= flush output
[00:00:07.891,784] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_SERVER_HELLO
[00:00:07.891,845] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1231: => parse server hello
[00:00:07.891,937] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4010: => read record
[00:00:07.891,998] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
[00:00:07.892,089] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 0, nb_want: 5
[00:00:07.892,181] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 0, nb_want: 5
[00:00:07.893,188] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3816: <= handshake
[00:00:07.901,519] <err> ethdrv: Unknown Interrupt, EIR: 0x0788
[00:00:07.907,196] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x2000ffec, st=0, user_data=0
[00:00:07.907,592] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x20010030, st=0, user_data=0
[00:00:08.036,804] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3805: => handshake
[00:00:08.036,895] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
[00:00:08.036,956] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2196: <= flush output
[00:00:08.037,048] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_SERVER_HELLO
[00:00:08.037,139] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1231: => parse server hello
[00:00:08.037,200] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4010: => read record
[00:00:08.037,261] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
[00:00:08.037,353] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 0, nb_want: 5
[00:00:08.037,475] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 0, nb_want: 5
[00:00:08.037,597] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2152: ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
[00:00:08.037,689] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2172: <= fetch input
[00:00:08.037,780] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: dumping 'input record header' (5 bytes)
[00:00:08.037,994] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: 0000:  16 03 03 00 51                                   ....Q
[00:00:08.038,116] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3741: input record: msgtype = 22, version = [0x303], msglen = 81
[00:00:08.038,177] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
[00:00:08.038,269] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 5, nb_want: 86
[00:00:08.231,903] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: dumping 'input record from network' (86 bytes)
--- 4 messages dropped ---
[00:00:08.232,666] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0020:  41 4f 4a 8c 24 cb 63 a1 88 f6 b5 20 01 98 c8 f0  AOJ.$.c.... ....
--- 1 messages dropped ---
[00:00:08.233,734] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0030:  e8 6b f6 06 ab 9a 8c 12 e6 65 2b c3 f9 14 e9 24  .k.......e+....$
[00:00:08.234,008] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0040:  88 1e 6e 54 a2 12 c0 b7 82 ef a1 90 00 3c 00 00  ..nT.........<..
[00:00:08.234,222] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0050:  05 ff 01 00 01 00                                ......
[00:00:08.234,375] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3096: handshake message: msglen = 81, type = 2, hslen = 81
[00:00:08.234,924] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4084: <= read record
[00:00:08.235,687] <err> ethdrv: Unknown Interrupt, EIR: 0x0788
[00:00:08.235,992] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1314: dumping 'server hello, version' (2 bytes)
[00:00:08.236,175] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1314: 0000:  03 03                                            ..
[00:00:08.236,267] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1333: server hello, current time: 1916759440
[00:00:08.236,389] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1343: dumping 'server hello, random bytes' (32 bytes)
[00:00:08.236,633] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1343: 0000:  72 3f 6d 90 fa 25 20 8d ea db a0 71 b9 b7 6a 53  r?m..% ....q..jS
[00:00:08.236,907] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1343: 0010:  3c d3 a1 5f 9d 41 4f 4a 8c 24 cb 63 a1 88 f6 b5  <.._.AOJ.$.c....
[00:00:08.236,999] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1415: server hello, session id len.: 32
[00:00:08.237,091] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1416: dumping 'server hello, session id' (32 bytes)
[00:00:08.237,365] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1416: 0000:  01 98 c8 f0 e8 6b f6 06 ab 9a 8c 12 e6 65 2b c3  .....k.......e+.
[00:00:08.237,609] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1416: 0010:  f9 14 e9 24 88 1e 6e 54 a2 12 c0 b7 82 ef a1 90  ...$..nT........
[00:00:08.237,701] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1443: no session has been resumed
[00:00:08.237,792] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1446: server hello, chosen ciphersuite: 003c
[00:00:08.237,884] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1447: server hello, compress alg.: 0
[00:00:08.237,976] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1486: server hello, chosen ciphersuite: TLS-RSA-WITH-AES-128-CBC-SHA256
[00:00:08.238,067] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1509: server hello, total extension length: 5
[00:00:08.238,159] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1531: found renegotiation extension
[00:00:08.238,220] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1739: <= parse server hello
[00:00:08.238,311] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
[00:00:08.238,372] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2196: <= flush output
[00:00:08.238,464] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_SERVER_CERTIFICATE
[00:00:08.238,555] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:7340: => parse certificate
[00:00:08.238,616] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4010: => read record
[00:00:08.238,677] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
[00:00:08.238,769] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 0, nb_want: 5
[00:00:08.238,891] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 0, nb_want: 5
[00:00:08.239,013] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2152: ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
[00:00:08.239,074] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2172: <= fetch input
[00:00:08.239,166] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: dumping 'input record header' (5 bytes)
[00:00:08.239,379] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: 0000:  16 03 03 13 8d                                   .....
[00:00:08.239,501] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3741: input record: msgtype = 22, version = [0x303], msglen = 5005
[00:00:08.239,562] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
[00:00:08.239,654] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 5, nb_want: 5010
[00:00:08.239,898] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 5, nb_want: 5010
[00:00:08.239,990] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2152: ssl->f_recv(_timeout)() returned 677 (-0xfffffd5b)
[00:00:08.240,112] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 682, nb_want: 5010
[00:00:08.240,203] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3816: <= handshake
[00:00:08.247,253] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x20010030, st=0, user_data=0
[00:00:08.261,962] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x2000ffa8, st=0, user_data=0
[00:00:08.618,041] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x2000ff64, st=0, user_data=0
[00:00:08.869,598] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3805: => handshake
[00:00:08.869,689] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
[00:00:08.869,750] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2196: <= flush output
[00:00:08.869,873] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_SERVER_CERTIFICATE
[00:00:08.869,934] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:7340: => parse certificate
[00:00:08.869,995] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4010: => read record
[00:00:08.870,086] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
[00:00:08.870,147] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 682, nb_want: 5
[00:00:08.870,239] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2172: <= fetch input
[00:00:08.870,330] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: dumping 'input record header' (5 bytes)
[00:00:08.870,574] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: 0000:  16 03 03 13 8d                                   .....
[00:00:08.870,666] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3741: input record: msgtype = 22, version = [0x303], msglen = 5005
[00:00:08.870,758] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
[00:00:08.870,849] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 682, nb_want: 5010
[00:00:08.896,423] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x2000ffa8, st=0, user_data=0
[00:00:08.896,789] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x2000ff64, st=0, user_data=0
[00:00:09.066,528] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 682, nb_want: 5010
[00:00:09.066,680] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2152: ssl->f_recv(_timeout)() returned 1365 (-0xfffffaab)
[00:00:09.069,274] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 2047, nb_want: 5010
[00:00:09.069,366] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2152: ssl->f_recv(_timeout)() returned 1363 (-0xfffffaad)
[00:00:09.069,488] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 3410, nb_want: 5010
[00:00:09.069,580] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3816: <= handshake
[00:00:09.087,371] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x2000ff64, st=0, user_data=0
[00:00:09.087,768] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x2000ffa8, st=0, user_data=0
[00:00:09.087,890] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3805: => handshake
[00:00:09.087,951] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
[00:00:09.088,043] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2196: <= flush output
[00:00:09.088,134] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_SERVER_CERTIFICATE
[00:00:09.088,226] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:7340: => parse certificate
[00:00:09.088,287] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4010: => read record
[00:00:09.088,348] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
[00:00:09.088,439] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 3410, nb_want: 5
[00:00:09.088,500] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2172: <= fetch input
[00:00:09.088,623] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: dumping 'input record header' (5 bytes)
[00:00:09.088,836] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: 0000:  16 03 03 13 8d                                   .....
[00:00:09.088,928] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3741: input record: msgtype = 22, version = [0x303], msglen = 5005
[00:00:09.089,019] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
[00:00:09.089,111] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 3410, nb_want: 5010
[00:00:09.430,358] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0e50:  80 89 6c cf 28 03 18 83 47 79 a3 10 7e 30 5b ac  ..l.(...Gy..~0[.
--- 253 messages dropped ---
[00:00:09.430,633] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0e60:  3b b0 60 e0 77 d4 08 a6 e1 1d 7c 5e c0 bb f9 9a  ;.`.w.....|^....
[00:00:09.430,908] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0e70:  7b 22 9d a7 00 09 7e ac 46 17 83 dc 9c 26 57 99  {"....~.F....&W.
[00:00:09.431,182] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0e80:  30 39 62 96 8f ed da de aa c5 cc 1b 3e ca 43 68  09b.........>.Ch
[00:00:09.431,457] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0e90:  6c 57 16 bc d5 0e 20 2e fe ff c2 6a 5d 2e a0 4a  lW.... ....j]..J
[00:00:09.431,732] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0ea0:  6d 14 58 87 94 e6 39 31 5f 7c 73 cb 90 88 6a 84  m.X...91_|s...j.
[00:00:09.431,976] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0eb0:  11 96 27 a6 ed d9 81 46 a6 7e a3 72 00 0a 52 3e  ..'....F.~.r..R>
[00:00:09.432,250] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0ec0:  83 88 07 63 77 89 69 17 0f 39 85 d2 ab 08 45 4d  ...cw.i..9....EM
[00:00:09.432,525] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0ed0:  d0 51 3a fd 5d 5d 37 64 4c 7e 30 b2 55 24 42 9d  .Q:.]]7dL~0.U$B.
[00:00:09.432,800] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0ee0:  36 b0 5d 9c 17 81 61 f1 ca f9 10 02 24 ab eb 0d  6.]...a.....$...
[00:00:09.433,074] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0ef0:  74 91 8d 7b 45 29 50 39 88 b2 a6 89 35 25 1e 14  t..{E)P9....5%..
[00:00:09.433,349] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f00:  6a 47 23 31 2f 5c 9a fa ad 9a 0e 62 51 a4 2a a9  jG#1/\.....bQ.*.
[00:00:09.433,624] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f10:  c4 f9 34 9d 21 18 00 04 79 30 82 04 75 30 82 03  ..4.!...y0..u0..
[00:00:09.433,898] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f20:  5d a0 03 02 01 02 02 09 00 a7 0e 4a 4c 34 82 b7  ]..........JL4..
[00:00:09.434,143] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f30:  7f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00  .0...*.H........
[00:00:09.434,417] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f40:  30 68 31 0b 30 09 06 03 55 04 06 13 02 55 53 31  0h1.0...U....US1
[00:00:09.434,692] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f50:  25 30 23 06 03 55 04 0a 13 1c 53 74 61 72 66 69  %0#..U....Starfi
[00:00:09.434,967] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f60:  65 6c 64 20 54 65 63 68 6e 6f 6c 6f 67 69 65 73  eld Technologies
[00:00:09.435,241] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f70:  2c 20 49 6e 63 2e 31 32 30 30 06 03 55 04 0b 13  , Inc.1200..U...
[00:00:09.435,516] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f80:  29 53 74 61 72 66 69 65 6c 64 20 43 6c 61 73 73  )Starfield Class
[00:00:09.435,791] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f90:  20 32 20 43 65 72 74 69 66 69 63 61 74 69 6f 6e   2 Certification
[00:00:09.436,065] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0fa0:  20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 30 39   Authority0...09
[00:00:09.436,309] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0fb0:  30 39 30 32 30 30 30 30 30 30 5a 17 0d 33 34 30  0902000000Z..340
[00:00:09.436,584] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0fc0:  36 32 38 31 37 33 39 31 36 5a 30 81 98 31 0b 30  628173916Z0..1.0
[00:00:09.436,859] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0fd0:  09 06 03 55 04 06 13 02 55 53 31 10 30 0e 06 03  ...U....US1.0...
[00:00:09.437,133] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0fe0:  55 04 08 13 07 41 72 69 7a 6f 6e 61 31 13 30 11  U....Arizona1.0.
[00:00:09.437,408] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0ff0:  06 03 55 04 07 13 0a 53 63 6f 74 74 73 64 61 6c  ..U....Scottsdal
[00:00:09.437,530] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3096: handshake message: msglen = 5005, type = 11, hslen = 5005
[00:00:09.446,960] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4084: <= read record
[00:00:09.448,242] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:5039: => send alert message
[00:00:09.448,364] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:5040: send alert level=2 message=80
[00:00:09.448,425] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2801: => write record
[00:00:09.448,547] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2889: output record: msgtype = 21, version = [3:3], msglen = 2
[00:00:09.448,669] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: dumping 'output record sent to network' (7 bytes)
[00:00:09.448,883] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0000:  15 03 03 00 02 02 50                             ......P
[00:00:09.448,974] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
[00:00:09.449,066] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2202: message length: 7, out_left: 7
mqtt_connect: Software caused connection abort
[00:00:10.042,846] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2209: ssl->f_send() returned 7 (-0xfffffff9)
[00:00:10.042,938] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2237: <= flush output
[00:00:10.042,999] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2945: <= write record
[00:00:10.043,975] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:5052: <= send alert message
[00:00:10.044,097] <err> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:7001:  mbedtls_x509_crt_parse_der() returned -10368 (-0x2880)
[00:00:10.045,379] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3816: <= handshake
[00:00:10.045,410] <err> net_sock_tls: TLS handshake error: -2880
[00:00:10.047,729] <dbg> net_sock: z_impl_zsock_close: (aws_connection_poll_thread): close: ctx=0x20002208, fd=0
[00:00:10.047,790] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:5961: => write close notify
[00:00:10.047,882] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:5974: <= write close notify
[00:00:10.049,957] <err> ethdrv: Unknown Interrupt, EIR: 0x0788
[00:00:10.051,513] <dbg> net_sock: z_impl_zsock_close: (aws_connection_poll_thread): close: ctx=0x20003ad8, fd=1
[00:00:10.051,574] <dbg> net_sock: zsock_flush_queue: (aws_connection_poll_thread): discarding pkt 0x2000ffa8
[00:00:10.051,696] <err> aws_iot: mqtt_connect, error: -113
[00:00:10.051,727] <err> aws_iot: AWS broker connect failed -113
[00:00:10.058,166] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTING
[00:00:12.038,177] <dbg> net_ctx: net_context_unref: (tcp_work): Context 0x20003ad8 released
[00:00:16.938,385] <err> ethdrv: Unknown Interrupt, EIR: 0x0788

Is there an issue with my certs? They use the same format as in the https_client example for example, it works fine there. It seems I can’t enable CONFIG_MBEDTLS_PEM_CERTIFICATE_FORMAT because it required MBEDTLS_BUILTIN and a bunch of other stuff that again, conflicts with each other.

aws-sample.zip

0 Hakon over 1 year ago in reply to GilDev

Hey,

it looks like there are some DNS resolve issues;

[00:00:07.125,732] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:07.125,793] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:07.125,854] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:07.125,885] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
[00:00:07.125,946] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -103

Maybe it's not related to your problem, but you should check if CONFIG_NET_IPV6 is enabled in the config.

+1 GilDev over 1 year ago in reply to GilDev
I have made some advancements on the matter. Turns out you can indeed keep the offloaded sockets enabled but still use the native implementation by using the SOCK_NATIVE flag when opening a socket. SOCK_NATIVE_TLS gives issues but that makes some sense considering the documentation:

When CONFIG_NET_SOCKETS_OFFLOAD is enabled, offloaded sockets take precedence when creating a new socket. Combine this flag with a socket type when creating a socket, to enforce native socket creation (e. g. SOCK_STREAM | SOCK_NATIVE). If it's desired to create a native TLS socket, but still offload the underlying TCP/UDP socket, use e. g. SOCK_STREAM | SOCK_NATIVE_TLS.

The thing is that this doesn’t seem to work for some functions like getaddrinfo() that is used kind of everywhere to resolve host names. Instead those only statically rely on the definition of CONFIG_NET_SOCKETS_OFFLOAD. I had to patch zsock_getaddrinfo() and zsock_freeaddrinfo() with a global “ethernet” flag like this to make it changeable at runtime:

#include "global.h" int zsock_getaddrinfo(const char *host, const char *service, const struct zsock_addrinfo *hints, struct zsock_addrinfo **res) { if (!ethernet) { if (IS_ENABLED(CONFIG_NET_SOCKETS_OFFLOAD)) { return socket_offload_getaddrinfo(host, service, hints, res); } } int ret = DNS_EAI_FAIL; … void zsock_freeaddrinfo(struct zsock_addrinfo *ai) { if (!ethernet) { if (IS_ENABLED(CONFIG_NET_SOCKETS_OFFLOAD)) { return socket_offload_freeaddrinfo(ai); } } free(ai); }

I also patched mqtt_client_tls_connect() so the type given to the socket is SOCK_NATIVE instead of SOCK_NATIVE_TLS, making the entire socket going through MbedTLS:

int mqtt_client_tls_connect(struct mqtt_client *client) { const struct sockaddr *broker = client->broker; struct mqtt_sec_config *tls_config = &client->transport.tls.config; int type = SOCK_STREAM; int ret; if (tls_config->set_native_tls) { type |= SOCK_NATIVE; } client->transport.tls.sock = zsock_socket(broker->sa_family, type, IPPROTO_TLS_1_2); if (client->transport.tls.sock < 0) { return -errno; } NET_DBG("Created socket %d", client->transport.tls.sock); …

And finally this flag is enabled when Ethernet is needed by patching connect_client() of the aws_iot library:

#include "global.h" static int connect_client(struct aws_iot_config *const config) { int err; err = client_broker_init(&client); if (err) { LOG_ERR("client_broker_init, error: %d", err); return err; } if (ethernet) { client.transport.tls.config.set_native_tls = true; } err = mqtt_connect(&client); if (err) { LOG_ERR("mqtt_connect, error: %d", err); err = connect_error_translate(err); perror("mqtt_connect"); return err; } …

This way, by changing the value of this ethernet flag on startup, I can up one interface or the other (LTE-M or Ethernet), start the DHCPv4 client on the Ethernet interface in case it is the selected one and the rest of the sample works properly by updating the AWS shadow. This is not made to have both interfaces up and working at the same time, in my case I just enable one or the other on startup depending on some local conditions (Ethernet cable plugged in or SIM card inserted).

This is not a clean fix, it will probably require some adaptations to be made as I go along in my development (I’m not sure it will work as is with aws_fota for example). I’ll try to post the whole project with the SDK’s patch at some point.

It seems crazy to me that I have to go through that much and alter the Zephyr networking libraries in this way, so I hope someone will be able to look at this and give some opinion, I may have missed something…
Cancel
Vote Up +1 Vote Down

Sign in to reply

Reject Answer

Cancel
0 Hakon over 1 year ago in reply to GilDev

I have reported this internally now.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 GilDev over 1 year ago in reply to Hakon

From what I have understood, what I did is a bit like knutel ’s solution mentioned here.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Hakon over 1 year ago in reply to GilDev
Comment from modem team;

This is not a nRF Connect SDK specific problem. I would advice seeking help on Zephyr Discord channel on how to route traffic between multiple network interfaces.

First, I recommend the author should to study how Socket Offloading is implemented on Zephyr side and also study Network Interface APIs. In nRF91 platform, socket offloading is the interface we use to feed the traffic to the modem. It cannot be disabled as there is no alternative way. Socket offloading should be enabled and socket dispatcher might be the solution.

https://docs.zephyrproject.org/latest/connectivity/networking/api/net_if.html

https://docs.zephyrproject.org/latest/connectivity/networking/api/net_offload.html

https://docs.zephyrproject.org/latest/connectivity/networking/api/sockets.html#dealing-with-multiple-offloaded-interfaces

https://docs.zephyrproject.org/latest/kconfig.html#CONFIG_NET_SOCKETS_OFFLOAD_DISPATCHER
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 GilDev over 1 year ago in reply to Hakon

Thanks for the insights. Indeed this seems to be a Zephyr limitation. Socket dispatcher sadly won’t help for things like getaddrinfo() or for Nordic’s libraries like AWS IoT because sockets are opened deep down in these ones.

We are now facing issues with MBEDTLS using too much RAM of the nRF9160 despite following all the optimization guidelines, and no external RAM can be used to extend this. Maybe there aren’t any Nordic product that can suit our project right now, we may need to add a second microcontroller just to handle Ethernet communication, or to completely replace the nRF9160, we’ll see…
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 GilDev over 1 year ago in reply to Hakon

Thanks for the insights. Indeed this seems to be a Zephyr limitation. Socket dispatcher sadly won’t help for things like getaddrinfo() or for Nordic’s libraries like AWS IoT because sockets are opened deep down in these ones.

We are now facing issues with MBEDTLS using too much RAM of the nRF9160 despite following all the optimization guidelines, and no external RAM can be used to extend this. Maybe there aren’t any Nordic product that can suit our project right now, we may need to add a second microcontroller just to handle Ethernet communication, or to completely replace the nRF9160, we’ll see…
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

0 dheadrick 6 days ago in reply to GilDev

Has there been any developments on these issues? I too am facing the issue of not being able to use things like getaddrinfo() for DNS hostname resolution.

Really unfortunate there seems to be no way to take advantage of the power of Zephyr sockets and interface related libraries because the modem REQUIRES socket offloading. Not sure why the nRF Connect SDK and modem lib have to be setup this way.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 GilDev 6 days ago in reply to dheadrick

For us, it’s really the worst thing in our project. We had to implement ugly workarounds in Zephyr after weeks of work to get something that only partially works (we will have to do the same thing to get AWS FOTA updates through Ethernet soon) and leaves us at ~95 % usage on both flash and RAM, which causes crashes and lockups after a while (Nordic’s “AT modem” library complains about not being able to allocate memory after a few weeks, and our app gets stuck for 13h straight, no more explanation yet).

Not being able to use the modem’s secure stack is annoying, along with the lack of examples using MbedTLS with the modem (and the AWS IoT sample for example). There’s no obligation in providing such things of course, but it’s just a big time hog if you’re not an expert of the platform and the products, and you initially think it’s a modular platform so you’ll be able to achieve what you want without too much hassle… It’s not easy, there are contradictory configuration options between Zephyr and the NCS libs and not much samples to help.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 dheadrick 6 days ago in reply to GilDev

Thank you very much GilDev for the prompt response! This is extremely dissapointing to hear... The nRF9151 was marketted to myself and my team as capable of allowing our project to use both Cellular and Ethernet interfaces in a single application.

I have been looking around everywhere trying to find a way to avoid doing ugly hacks and modifying the Zephyr code directly - as we do not have a large enough team to justify maintaining our own fork following the necessary modifications you mention.

I haven't even begun to dive into the TLS side of things to keep things simple, but now this has me worried and wondering if we will need to use a seperate microcontroller to interface with our ethernet controller, as this seems simpler than having to hack apart Zephyr code directly.

We cannot be the first to come across this issue, and will likely not be the last. I hope sincerely the nordic team can help us find a better solution soon.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 GilDev 6 days ago in reply to dheadrick

We have the exact same challenges as you, couldn’t justify to maintain a fork but here we are anyway, scared by any SDK update we do as we have to patch things manually again every time. If we were to do it again, we would probably have put another MCU to handle the Ethernet part indeed. We have had great success with STM32 and Ethernet controllers in the past, but it adds another completely different development environment and other problems along the way (even more for secure communications with AWS, I’m sure).

If you have some time to try this out with the nRF9160 devkit and some Ethernet controller dev kits like we did, maybe it’s a good way to try things out and see if it’s a good fit for your application. I don’t know if things have changed since my issues…
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 dheadrick 6 days ago in reply to GilDev

We have just received our first prototype boards as our hardware team has been working in parallel to my -fumbling about in Zephyr (first time using it), as we have shifted away from using an ESP32 and FreeRTOS... This quite frustrating given our original design had a seperate MCU for ethernet interfacing, but we moved away from that following a meeting with the Nordic staff which suggested it is possible (at least from a hardware stance) to use both interfaces on a single MCU. To be fair, they are correc in that the nRF9151 has sufficient peripherals for all of our usecases, I just did not anticipate an issue such as this.

I have submitted my own DevZone ticket regarding this issue, as well my colleagues are looking online for expert support so that we may resolve this issue without a Zephyr fork (if that's even possible).

You will be among the first to hear from me if I can resolve this issue and/or if things have changed since this post was originally made.

In the meantime, best of luck!
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel