aws_iot example without network offloading

Hello,

I would like to know how to build the aws_iot example without network offloading to the modem. I need to make AWS connections through both the nRF9160’s LTE-M connection as well as through an Ethernet ENC424J600 controller (PHYTEC link board ETH or equivalent), only one of these two interfaces will be enabled at a time.

As I understand it, if I want to use more than one interface in my app, I have to disable sockets offloading (CONFIG_NET_SOCKETS_OFFLOAD=n), but doing that prevents enabling LTE connectivity (CONFIG_LTE_CONNECTIVITY=y). Hence my issues of having everything somehow use MbedTLS and being transparent to the AWS IoT library.

I have spent weeks trying to make the examples work independently and together (aws_iot, aws_iot_mqtt (which I cannot get to compile for the nRF9160DK because of build errors with TF-M), https_client and others) and cannot get anywhere close to where I need… I can make the dns_resolve work over Ethernet for example, by disabling the sockets offloading so that getaddrinfo() properly calls dns_get_addr_info() and such but putting everything together is a nightmare because of configuration incompatibilities with nRF Modem’s libraries…

I hope someone has any idea to help me here, thanks!

Parents
  • I’ve been experimenting a bit more with this sample and using only Ethernet as a first step, I’m now having errors when doing the TLS handshake. I attach the project (my Ethernet configuration is in the “prj-ethernet.overlay.conf" file), here is the log I’m getting with MbedTLS debug enabled:

    *** Booting nRF Connect SDK v2.5.0 ***
    [00:00:00.394,714] <inf> aws_iot_sample: The AWS IoT sample started, version: v1.0.0
    [00:00:00.394,744] <inf> aws_iot_sample: Bringing network interface up and connecting to the network
    [00:00:00.394,805] <inf> aws_iot_sample: Start on enc424j600@0: index=1
    [00:00:02.086,578] <inf> ethdrv: Link up
    [00:00:02.087,188] <inf> ethdrv: 100Mbps
    [00:00:02.087,219] <inf> ethdrv: full duplex
    [00:00:02.102,508] <dbg> net_ctx: net_context_bind: (rx_q[0]): Context 0x20003204 binding to UDP 0.0.0.0:42223 iface 1 (0x20001018)
    [00:00:02.107,940] <inf> net_dhcpv4: Received: 192.168.6.79
    [00:00:02.108,123] <inf> aws_iot_sample: DHCP Successful!
    
    [00:00:02.108,184] <inf> aws_iot_sample: IPv4 address: 192.168.6.79
    [00:00:02.108,215] <inf> aws_iot_sample: Lease time: 82800 seconds
    [00:00:02.108,276] <inf> aws_iot_sample: Subnet: 255.255.255.0
    [00:00:02.108,337] <inf> aws_iot_sample: Router: 192.168.6.1
    [00:00:02.108,581] <inf> aws_iot_sample: Network connectivity established
    [00:00:07.108,703] <inf> aws_iot_sample: Connecting to AWS IoT
    [00:00:07.108,795] <inf> aws_iot_sample: Next connection retry in 30 seconds
    [00:00:07.108,856] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTING
    [00:00:07.147,033] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
    [00:00:07.147,094] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
    [00:00:07.147,155] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
    [00:00:07.147,186] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
    [00:00:07.147,247] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -103
    [00:00:07.147,583] <dbg> net_sock_tls: tls_alloc: (aws_connection_poll_thread): Allocated TLS context, 0x200019d8
    [00:00:07.148,101] <dbg> net_sock: zsock_socket_internal: (aws_connection_poll_thread): socket: ctx=0x200032a8, fd=1
    [00:00:07.148,162] <dbg> net_mqtt_sock_tls: mqtt_client_tls_connect: (aws_connection_poll_thread): Created socket 0
    [00:00:07.148,559] <dbg> net_ctx: net_context_bind: (aws_connection_poll_thread): Context 0x200032a8 binding to TCP 0.0.0.0:36687 iface 1 (0x20001018)
    [00:00:07.313,568] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9222: got signature scheme [401] rsa_pkcs1_sha256
    --- 24 messages dropped ---
    [00:00:07.313,659] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9230: sent signature scheme [401] rsa_pkcs1_sha256
    [00:00:07.313,781] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:0276: client hello, adding max_fragment_length extension
    [00:00:07.313,873] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0671: client hello, total extension length: 17
    [00:00:07.313,995] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0673: dumping 'client hello extensions' (17 bytes)
    [00:00:07.314,270] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0673: 0000:  00 11 00 0d 00 08 00 06 06 01 05 01 04 01 00 01  ................
    [00:00:07.314,453] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0673: 0010:  00                                               .
    [00:00:07.314,697] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2634: => write handshake message
    [00:00:07.314,788] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2801: => write record
    [00:00:07.314,910] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2889: output record: msgtype = 22, version = [3:3], msglen = 72
    [00:00:07.315,032] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: dumping 'output record sent to network' (77 bytes)
    [00:00:07.315,277] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0000:  16 03 03 00 48 01 00 00 44 03 03 a2 8a dc e8 5b  ....H...D......[
    [00:00:07.315,582] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0010:  e3 bf 7c 0b b1 4d 84 93 c4 45 7a fa 5e 6e 59 d8  ..|..M...Ez.^nY.
    [00:00:07.315,856] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0020:  5d 0d 6c a3 e4 59 08 aa 50 4e 35 00 00 0a 00 3d  ].l..Y..PN5....=
    [00:00:07.316,131] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0030:  00 35 00 3c 00 2f 00 ff 01 00 00 11 00 0d 00 08  .5.<./..........
    [00:00:07.316,375] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0040:  00 06 06 01 05 01 04 01 00 01 00 01 02           .............
    [00:00:07.316,436] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2945: <= write record
    [00:00:07.316,528] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2762: <= write handshake message
    [00:00:07.316,619] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0996: <= write client hello
    [00:00:07.316,711] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
    [00:00:07.316,802] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2202: message length: 77, out_left: 77
    [00:00:07.610,504] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2209: ssl->f_send() returned 77 (-0xffffffb3)
    [00:00:07.610,717] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2237: <= flush output
    [00:00:07.611,785] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_SERVER_HELLO
    [00:00:07.611,511] <err> ethdrv: Unknown Interrupt, EIR: 0x0788
    [00:00:07.611,877] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1231: => parse server hello
    [00:00:07.611,938] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4010: => read record
    [00:00:07.611,999] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
    [00:00:07.612,091] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 0, nb_want: 5
    [00:00:07.612,182] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 0, nb_want: 5
    [00:00:07.612,274] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3816: <= handshake
    [00:00:07.629,638] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x200032a8, pkt=0x2000fbbc, st=0, user_data=0
    [00:00:07.632,263] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x200032a8, pkt=0x2000fc00, st=0, user_data=0
    [00:00:07.754,272] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1739: <= parse server hello
    --- 44 messages dropped ---
    [00:00:07.754,364] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
    [00:00:07.754,425] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2196: <= flush output
    [00:00:07.754,547] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_SERVER_CERTIFICATE
    [00:00:07.754,608] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:7340: => parse certificate
    [00:00:07.754,699] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4010: => read record
    [00:00:07.754,791] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
    [00:00:07.754,882] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 0, nb_want: 5
    [00:00:07.755,004] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 0, nb_want: 5
    [00:00:07.755,126] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2152: ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
    [00:00:07.755,187] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2172: <= fetch input
    [00:00:07.755,310] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: dumping 'input record header' (5 bytes)
    [00:00:07.755,554] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: 0000:  16 03 03 13 8d                                   .....
    [00:00:07.755,676] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3741: input record: msgtype = 22, version = [0x303], msglen = 5005
    [00:00:07.755,737] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
    [00:00:07.755,828] <err> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1980: requesting more data than fits
    [00:00:07.755,950] <err> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4788: mbedtls_ssl_fetch_input() returned -28928 (-0x7100)
    [00:00:07.756,072] <err> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4043: ssl_get_next_record() returned -28928 (-0x7100)
    [00:00:07.756,164] <err> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:7363: mbedtls_ssl_read_record() returned -28928 (-0x7100)
    [00:00:07.756,256] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3816: <= handshake
    [00:00:07.756,286] <err> net_sock_tls: TLS handshake error: -7100
    [00:00:07.757,049] <dbg> net_sock: z_impl_zsock_close: (aws_connection_poll_thread): close: ctx=0x200019d8, fd=0
    [00:00:07.757,110] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:5961: => write close notify
    [00:00:07.757,202] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:5974: <= write close notify
    [00:00:07.758,361] <dbg> net_sock: z_impl_zsock_close: (aws_connection_poll_thread): close: ctx=0x200032a8, fd=1
    [00:00:07.758,453] <dbg> net_sock: zsock_flush_queue: (aws_connection_poll_thread): discarding pkt 0x2000fbbc
    [00:00:07.758,544] <dbg> net_sock: zsock_flush_queue: (aws_connection_poll_thread): discarding pkt 0x2000fc00
    mqtt_connect: Software caused connection abort
    [00:00:08.078,460] <err> aws_iot: mqtt_connect, error: -113
    [00:00:08.078,521] <err> aws_iot: AWS broker connect failed -113
    [00:00:08.079,223] <err> ethdrv: Unknown Interrupt, EIR: 0x0788
    [00:00:08.083,648] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTING
    [00:00:10.076,141] <dbg> net_ctx: net_context_unref: (tcp_work): Context 0x200032a8 released

    Increasing MBEDTLS_SSL_MAX_CONTENT_LEN to 6000 (from the default MTU size 1500) gives this:

    *** Booting nRF Connect SDK v2.5.0 ***
    [00:00:00.388,793] <inf> aws_iot_sample: The AWS IoT sample started, version: v1.0.0
    [00:00:00.388,824] <inf> aws_iot_sample: Bringing network interface up and connecting to the network
    [00:00:00.388,885] <inf> aws_iot_sample: Start on enc424j600@0: index=1
    [00:00:02.079,650] <inf> ethdrv: Link up
    [00:00:02.080,291] <inf> ethdrv: 100Mbps
    [00:00:02.080,322] <inf> ethdrv: full duplex
    [00:00:02.095,336] <dbg> net_ctx: net_context_bind: (rx_q[0]): Context 0x20003a34 binding to UDP 0.0.0.0:52490 iface 1 (0x20001048)
    [00:00:02.100,311] <inf> net_dhcpv4: Received: 192.168.6.79
    [00:00:02.100,494] <inf> aws_iot_sample: DHCP Successful!
    
    [00:00:02.100,555] <inf> aws_iot_sample: IPv4 address: 192.168.6.79
    [00:00:02.100,585] <inf> aws_iot_sample: Lease time: 82800 seconds
    [00:00:02.100,616] <inf> aws_iot_sample: Subnet: 255.255.255.0
    [00:00:02.100,677] <inf> aws_iot_sample: Router: 192.168.6.1
    [00:00:02.100,952] <inf> aws_iot_sample: Network connectivity established
    [00:00:07.101,043] <inf> aws_iot_sample: Connecting to AWS IoT
    [00:00:07.101,135] <inf> aws_iot_sample: Next connection retry in 30 seconds
    [00:00:07.101,196] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTING
    [00:00:07.125,732] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
    [00:00:07.125,793] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
    [00:00:07.125,854] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
    [00:00:07.125,885] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
    [00:00:07.125,946] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -103
    [00:00:07.126,251] <dbg> net_sock_tls: tls_alloc: (aws_connection_poll_thread): Allocated TLS context, 0x20002208
    [00:00:07.126,739] <dbg> net_sock: zsock_socket_internal: (aws_connection_poll_thread): socket: ctx=0x20003ad8, fd=1
    [00:00:07.126,831] <dbg> net_mqtt_sock_tls: mqtt_client_tls_connect: (aws_connection_poll_thread): Created socket 0
    [00:00:07.127,197] <dbg> net_ctx: net_context_bind: (aws_connection_poll_thread): Context 0x20003ad8 binding to TCP 0.0.0.0:53820 iface 1 (0x20001048)
    [00:00:07.285,034] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:1221: The SSL configuration is tls12 only.
    [00:00:07.286,621] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3805: => handshake
    [00:00:07.286,682] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
    [00:00:07.286,773] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2196: <= flush output
    [00:00:07.286,865] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_HELLO_REQUEST
    [00:00:07.286,926] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
    [00:00:07.286,987] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2196: <= flush output
    [00:00:07.287,109] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_CLIENT_HELLO
    [00:00:07.287,170] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0927: => write client hello
    [00:00:07.287,475] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0485: dumping 'client hello, random bytes' (32 bytes)
    [00:00:07.287,750] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0485: 0000:  a4 b6 a5 2a aa 1c 25 c1 43 01 72 a6 e2 46 98 6d  ...*..%.C.r..F.m
    [00:00:07.288,024] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0485: 0010:  10 5f 8c 67 ad 6d 3b 21 2b 5c 9e a3 13 68 35 a5  ._.g.m;!+\...h5.
    [00:00:07.288,116] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0510: dumping 'session id' (0 bytes)
    [00:00:07.288,238] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0367: client hello, add ciphersuite: 003d, TLS-RSA-WITH-AES-256-CBC-SHA256
    [00:00:07.288,360] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0367: client hello, add ciphersuite: 0035, TLS-RSA-WITH-AES-256-CBC-SHA
    [00:00:07.288,482] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0367: client hello, add ciphersuite: 003c, TLS-RSA-WITH-AES-128-CBC-SHA256
    [00:00:07.288,574] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0367: client hello, add ciphersuite: 002f, TLS-RSA-WITH-AES-128-CBC-SHA
    [00:00:07.288,665] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0386: adding EMPTY_RENEGOTIATION_INFO_SCSV
    [00:00:07.288,757] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0395: client hello, got 5 cipher suites
    [00:00:07.288,848] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9202: adding signature_algorithms extension
    [00:00:07.288,940] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9222: got signature scheme [601] rsa_pkcs1_sha512
    [00:00:07.289,031] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9230: sent signature scheme [601] rsa_pkcs1_sha512
    [00:00:07.289,154] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9222: got signature scheme [501] rsa_pkcs1_sha384
    [00:00:07.289,245] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9230: sent signature scheme [501] rsa_pkcs1_sha384
    [00:00:07.289,337] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9222: got signature scheme [401] rsa_pkcs1_sha256
    [00:00:07.289,459] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:9230: sent signature scheme [401] rsa_pkcs1_sha256
    [00:00:07.289,550] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:0276: client hello, adding max_fragment_length extension
    [00:00:07.289,642] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0671: client hello, total extension length: 17
    [00:00:07.289,733] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0673: dumping 'client hello extensions' (17 bytes)
    [00:00:07.290,008] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0673: 0000:  00 11 00 0d 00 08 00 06 06 01 05 01 04 01 00 01  ................
    [00:00:07.290,191] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0673: 0010:  00                                               .
    [00:00:07.290,405] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2634: => write handshake message
    [00:00:07.290,466] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2801: => write record
    [00:00:07.290,588] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2889: output record: msgtype = 22, version = [3:3], msglen = 72
    [00:00:07.290,710] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: dumping 'output record sent to network' (77 bytes)
    [00:00:07.290,954] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0000:  16 03 03 00 48 01 00 00 44 03 03 a4 b6 a5 2a aa  ....H...D.....*.
    [00:00:07.291,229] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0010:  1c 25 c1 43 01 72 a6 e2 46 98 6d 10 5f 8c 67 ad  .%.C.r..F.m._.g.
    [00:00:07.291,473] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0020:  6d 3b 21 2b 5c 9e a3 13 68 35 a5 00 00 0a 00 3d  m;!+\...h5.....=
    [00:00:07.291,748] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0030:  00 35 00 3c 00 2f 00 ff 01 00 00 11 00 0d 00 08  .5.<./..........
    [00:00:07.291,992] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0040:  00 06 06 01 05 01 04 01 00 01 00 01 04           .............
    [00:00:07.292,053] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2945: <= write record
    [00:00:07.292,144] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2762: <= write handshake message
    [00:00:07.292,205] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_client.c:0996: <= write client hello
    [00:00:07.292,266] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
    [00:00:07.292,358] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2202: message length: 77, out_left: 77
    [00:00:07.890,808] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2209: ssl->f_send() returned 77 (-0xffffffb3)
    [00:00:07.891,693] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2237: <= flush output
    [00:00:07.891,784] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_SERVER_HELLO
    [00:00:07.891,845] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1231: => parse server hello
    [00:00:07.891,937] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4010: => read record
    [00:00:07.891,998] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
    [00:00:07.892,089] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 0, nb_want: 5
    [00:00:07.892,181] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 0, nb_want: 5
    [00:00:07.893,188] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3816: <= handshake
    [00:00:07.901,519] <err> ethdrv: Unknown Interrupt, EIR: 0x0788
    [00:00:07.907,196] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x2000ffec, st=0, user_data=0
    [00:00:07.907,592] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x20010030, st=0, user_data=0
    [00:00:08.036,804] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3805: => handshake
    [00:00:08.036,895] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
    [00:00:08.036,956] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2196: <= flush output
    [00:00:08.037,048] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_SERVER_HELLO
    [00:00:08.037,139] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1231: => parse server hello
    [00:00:08.037,200] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4010: => read record
    [00:00:08.037,261] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
    [00:00:08.037,353] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 0, nb_want: 5
    [00:00:08.037,475] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 0, nb_want: 5
    [00:00:08.037,597] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2152: ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
    [00:00:08.037,689] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2172: <= fetch input
    [00:00:08.037,780] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: dumping 'input record header' (5 bytes)
    [00:00:08.037,994] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: 0000:  16 03 03 00 51                                   ....Q
    [00:00:08.038,116] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3741: input record: msgtype = 22, version = [0x303], msglen = 81
    [00:00:08.038,177] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
    [00:00:08.038,269] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 5, nb_want: 86
    [00:00:08.231,903] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: dumping 'input record from network' (86 bytes)
    --- 4 messages dropped ---
    [00:00:08.232,666] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0020:  41 4f 4a 8c 24 cb 63 a1 88 f6 b5 20 01 98 c8 f0  AOJ.$.c.... ....
    --- 1 messages dropped ---
    [00:00:08.233,734] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0030:  e8 6b f6 06 ab 9a 8c 12 e6 65 2b c3 f9 14 e9 24  .k.......e+....$
    [00:00:08.234,008] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0040:  88 1e 6e 54 a2 12 c0 b7 82 ef a1 90 00 3c 00 00  ..nT.........<..
    [00:00:08.234,222] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0050:  05 ff 01 00 01 00                                ......
    [00:00:08.234,375] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3096: handshake message: msglen = 81, type = 2, hslen = 81
    [00:00:08.234,924] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4084: <= read record
    [00:00:08.235,687] <err> ethdrv: Unknown Interrupt, EIR: 0x0788
    [00:00:08.235,992] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1314: dumping 'server hello, version' (2 bytes)
    [00:00:08.236,175] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1314: 0000:  03 03                                            ..
    [00:00:08.236,267] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1333: server hello, current time: 1916759440
    [00:00:08.236,389] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1343: dumping 'server hello, random bytes' (32 bytes)
    [00:00:08.236,633] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1343: 0000:  72 3f 6d 90 fa 25 20 8d ea db a0 71 b9 b7 6a 53  r?m..% ....q..jS
    [00:00:08.236,907] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1343: 0010:  3c d3 a1 5f 9d 41 4f 4a 8c 24 cb 63 a1 88 f6 b5  <.._.AOJ.$.c....
    [00:00:08.236,999] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1415: server hello, session id len.: 32
    [00:00:08.237,091] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1416: dumping 'server hello, session id' (32 bytes)
    [00:00:08.237,365] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1416: 0000:  01 98 c8 f0 e8 6b f6 06 ab 9a 8c 12 e6 65 2b c3  .....k.......e+.
    [00:00:08.237,609] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1416: 0010:  f9 14 e9 24 88 1e 6e 54 a2 12 c0 b7 82 ef a1 90  ...$..nT........
    [00:00:08.237,701] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1443: no session has been resumed
    [00:00:08.237,792] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1446: server hello, chosen ciphersuite: 003c
    [00:00:08.237,884] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1447: server hello, compress alg.: 0
    [00:00:08.237,976] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1486: server hello, chosen ciphersuite: TLS-RSA-WITH-AES-128-CBC-SHA256
    [00:00:08.238,067] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1509: server hello, total extension length: 5
    [00:00:08.238,159] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1531: found renegotiation extension
    [00:00:08.238,220] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls12_client.c:1739: <= parse server hello
    [00:00:08.238,311] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
    [00:00:08.238,372] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2196: <= flush output
    [00:00:08.238,464] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_SERVER_CERTIFICATE
    [00:00:08.238,555] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:7340: => parse certificate
    [00:00:08.238,616] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4010: => read record
    [00:00:08.238,677] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
    [00:00:08.238,769] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 0, nb_want: 5
    [00:00:08.238,891] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 0, nb_want: 5
    [00:00:08.239,013] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2152: ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
    [00:00:08.239,074] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2172: <= fetch input
    [00:00:08.239,166] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: dumping 'input record header' (5 bytes)
    [00:00:08.239,379] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: 0000:  16 03 03 13 8d                                   .....
    [00:00:08.239,501] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3741: input record: msgtype = 22, version = [0x303], msglen = 5005
    [00:00:08.239,562] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
    [00:00:08.239,654] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 5, nb_want: 5010
    [00:00:08.239,898] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 5, nb_want: 5010
    [00:00:08.239,990] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2152: ssl->f_recv(_timeout)() returned 677 (-0xfffffd5b)
    [00:00:08.240,112] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 682, nb_want: 5010
    [00:00:08.240,203] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3816: <= handshake
    [00:00:08.247,253] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x20010030, st=0, user_data=0
    [00:00:08.261,962] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x2000ffa8, st=0, user_data=0
    [00:00:08.618,041] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x2000ff64, st=0, user_data=0
    [00:00:08.869,598] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3805: => handshake
    [00:00:08.869,689] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
    [00:00:08.869,750] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2196: <= flush output
    [00:00:08.869,873] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_SERVER_CERTIFICATE
    [00:00:08.869,934] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:7340: => parse certificate
    [00:00:08.869,995] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4010: => read record
    [00:00:08.870,086] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
    [00:00:08.870,147] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 682, nb_want: 5
    [00:00:08.870,239] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2172: <= fetch input
    [00:00:08.870,330] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: dumping 'input record header' (5 bytes)
    [00:00:08.870,574] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: 0000:  16 03 03 13 8d                                   .....
    [00:00:08.870,666] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3741: input record: msgtype = 22, version = [0x303], msglen = 5005
    [00:00:08.870,758] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
    [00:00:08.870,849] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 682, nb_want: 5010
    [00:00:08.896,423] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x2000ffa8, st=0, user_data=0
    [00:00:08.896,789] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x2000ff64, st=0, user_data=0
    [00:00:09.066,528] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 682, nb_want: 5010
    [00:00:09.066,680] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2152: ssl->f_recv(_timeout)() returned 1365 (-0xfffffaab)
    [00:00:09.069,274] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 2047, nb_want: 5010
    [00:00:09.069,366] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2152: ssl->f_recv(_timeout)() returned 1363 (-0xfffffaad)
    [00:00:09.069,488] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2149: in_left: 3410, nb_want: 5010
    [00:00:09.069,580] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3816: <= handshake
    [00:00:09.087,371] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x2000ff64, st=0, user_data=0
    [00:00:09.087,768] <dbg> net_sock: zsock_received_cb: (rx_q[0]): ctx=0x20003ad8, pkt=0x2000ffa8, st=0, user_data=0
    [00:00:09.087,890] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3805: => handshake
    [00:00:09.087,951] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
    [00:00:09.088,043] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2196: <= flush output
    [00:00:09.088,134] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3724: client state: MBEDTLS_SSL_SERVER_CERTIFICATE
    [00:00:09.088,226] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:7340: => parse certificate
    [00:00:09.088,287] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4010: => read record
    [00:00:09.088,348] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
    [00:00:09.088,439] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 3410, nb_want: 5
    [00:00:09.088,500] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2172: <= fetch input
    [00:00:09.088,623] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: dumping 'input record header' (5 bytes)
    [00:00:09.088,836] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3739: 0000:  16 03 03 13 8d                                   .....
    [00:00:09.088,928] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3741: input record: msgtype = 22, version = [0x303], msglen = 5005
    [00:00:09.089,019] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:1970: => fetch input
    [00:00:09.089,111] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2124: in_left: 3410, nb_want: 5010
    [00:00:09.430,358] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0e50:  80 89 6c cf 28 03 18 83 47 79 a3 10 7e 30 5b ac  ..l.(...Gy..~0[.
    --- 253 messages dropped ---
    [00:00:09.430,633] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0e60:  3b b0 60 e0 77 d4 08 a6 e1 1d 7c 5e c0 bb f9 9a  ;.`.w.....|^....
    [00:00:09.430,908] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0e70:  7b 22 9d a7 00 09 7e ac 46 17 83 dc 9c 26 57 99  {"....~.F....&W.
    [00:00:09.431,182] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0e80:  30 39 62 96 8f ed da de aa c5 cc 1b 3e ca 43 68  09b.........>.Ch
    [00:00:09.431,457] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0e90:  6c 57 16 bc d5 0e 20 2e fe ff c2 6a 5d 2e a0 4a  lW.... ....j]..J
    [00:00:09.431,732] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0ea0:  6d 14 58 87 94 e6 39 31 5f 7c 73 cb 90 88 6a 84  m.X...91_|s...j.
    [00:00:09.431,976] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0eb0:  11 96 27 a6 ed d9 81 46 a6 7e a3 72 00 0a 52 3e  ..'....F.~.r..R>
    [00:00:09.432,250] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0ec0:  83 88 07 63 77 89 69 17 0f 39 85 d2 ab 08 45 4d  ...cw.i..9....EM
    [00:00:09.432,525] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0ed0:  d0 51 3a fd 5d 5d 37 64 4c 7e 30 b2 55 24 42 9d  .Q:.]]7dL~0.U$B.
    [00:00:09.432,800] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0ee0:  36 b0 5d 9c 17 81 61 f1 ca f9 10 02 24 ab eb 0d  6.]...a.....$...
    [00:00:09.433,074] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0ef0:  74 91 8d 7b 45 29 50 39 88 b2 a6 89 35 25 1e 14  t..{E)P9....5%..
    [00:00:09.433,349] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f00:  6a 47 23 31 2f 5c 9a fa ad 9a 0e 62 51 a4 2a a9  jG#1/\.....bQ.*.
    [00:00:09.433,624] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f10:  c4 f9 34 9d 21 18 00 04 79 30 82 04 75 30 82 03  ..4.!...y0..u0..
    [00:00:09.433,898] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f20:  5d a0 03 02 01 02 02 09 00 a7 0e 4a 4c 34 82 b7  ]..........JL4..
    [00:00:09.434,143] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f30:  7f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00  .0...*.H........
    [00:00:09.434,417] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f40:  30 68 31 0b 30 09 06 03 55 04 06 13 02 55 53 31  0h1.0...U....US1
    [00:00:09.434,692] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f50:  25 30 23 06 03 55 04 0a 13 1c 53 74 61 72 66 69  %0#..U....Starfi
    [00:00:09.434,967] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f60:  65 6c 64 20 54 65 63 68 6e 6f 6c 6f 67 69 65 73  eld Technologies
    [00:00:09.435,241] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f70:  2c 20 49 6e 63 2e 31 32 30 30 06 03 55 04 0b 13  , Inc.1200..U...
    [00:00:09.435,516] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f80:  29 53 74 61 72 66 69 65 6c 64 20 43 6c 61 73 73  )Starfield Class
    [00:00:09.435,791] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0f90:  20 32 20 43 65 72 74 69 66 69 63 61 74 69 6f 6e   2 Certification
    [00:00:09.436,065] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0fa0:  20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 30 39   Authority0...09
    [00:00:09.436,309] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0fb0:  30 39 30 32 30 30 30 30 30 30 5a 17 0d 33 34 30  0902000000Z..340
    [00:00:09.436,584] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0fc0:  36 32 38 31 37 33 39 31 36 5a 30 81 98 31 0b 30  628173916Z0..1.0
    [00:00:09.436,859] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0fd0:  09 06 03 55 04 06 13 02 55 53 31 10 30 0e 06 03  ...U....US1.0...
    [00:00:09.437,133] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0fe0:  55 04 08 13 07 41 72 69 7a 6f 6e 61 31 13 30 11  U....Arizona1.0.
    [00:00:09.437,408] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3851: 0ff0:  06 03 55 04 07 13 0a 53 63 6f 74 74 73 64 61 6c  ..U....Scottsdal
    [00:00:09.437,530] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3096: handshake message: msglen = 5005, type = 11, hslen = 5005
    [00:00:09.446,960] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:4084: <= read record
    [00:00:09.448,242] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:5039: => send alert message
    [00:00:09.448,364] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:5040: send alert level=2 message=80
    [00:00:09.448,425] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2801: => write record
    [00:00:09.448,547] <inf> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2889: output record: msgtype = 21, version = [3:3], msglen = 2
    [00:00:09.448,669] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: dumping 'output record sent to network' (7 bytes)
    [00:00:09.448,883] <dbg> mbedtls: zephyr_mbedtls_debug: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2894: 0000:  15 03 03 00 02 02 50                             ......P
    [00:00:09.448,974] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2185: => flush output
    [00:00:09.449,066] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2202: message length: 7, out_left: 7
    mqtt_connect: Software caused connection abort
    [00:00:10.042,846] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2209: ssl->f_send() returned 7 (-0xfffffff9)
    [00:00:10.042,938] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2237: <= flush output
    [00:00:10.042,999] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:2945: <= write record
    [00:00:10.043,975] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:5052: <= send alert message
    [00:00:10.044,097] <err> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:7001:  mbedtls_x509_crt_parse_der() returned -10368 (-0x2880)
    [00:00:10.045,379] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:3816: <= handshake
    [00:00:10.045,410] <err> net_sock_tls: TLS handshake error: -2880
    [00:00:10.047,729] <dbg> net_sock: z_impl_zsock_close: (aws_connection_poll_thread): close: ctx=0x20002208, fd=0
    [00:00:10.047,790] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:5961: => write close notify
    [00:00:10.047,882] <wrn> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:5974: <= write close notify
    [00:00:10.049,957] <err> ethdrv: Unknown Interrupt, EIR: 0x0788
    [00:00:10.051,513] <dbg> net_sock: z_impl_zsock_close: (aws_connection_poll_thread): close: ctx=0x20003ad8, fd=1
    [00:00:10.051,574] <dbg> net_sock: zsock_flush_queue: (aws_connection_poll_thread): discarding pkt 0x2000ffa8
    [00:00:10.051,696] <err> aws_iot: mqtt_connect, error: -113
    [00:00:10.051,727] <err> aws_iot: AWS broker connect failed -113
    [00:00:10.058,166] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTING
    [00:00:12.038,177] <dbg> net_ctx: net_context_unref: (tcp_work): Context 0x20003ad8 released
    [00:00:16.938,385] <err> ethdrv: Unknown Interrupt, EIR: 0x0788

    Is there an issue with my certs? They use the same format as in the https_client example for example, it works fine there. It seems I can’t enable CONFIG_MBEDTLS_PEM_CERTIFICATE_FORMAT because it required MBEDTLS_BUILTIN and a bunch of other stuff that again, conflicts with each other.

     aws-sample.zip

  • Hey,

    it looks like there are some DNS resolve issues;

    [00:00:07.125,732] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
    [00:00:07.125,793] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
    [00:00:07.125,854] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
    [00:00:07.125,885] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
    [00:00:07.125,946] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -103

    Maybe it's not related to your problem, but you should check if CONFIG_NET_IPV6 is enabled in the config.

  • I have made some advancements on the matter. Turns out you can indeed keep the offloaded sockets enabled but still use the native implementation by using the SOCK_NATIVE flag when opening a socket. SOCK_NATIVE_TLS gives issues but that makes some sense considering the documentation:

    When CONFIG_NET_SOCKETS_OFFLOAD is enabled, offloaded sockets take precedence
    when creating a new socket. Combine this flag with a socket type when
    creating a socket, to enforce native socket creation (e. g. SOCK_STREAM | SOCK_NATIVE).
    If it's desired to create a native TLS socket, but still offload the
    underlying TCP/UDP socket, use e. g. SOCK_STREAM | SOCK_NATIVE_TLS.

    The thing is that this doesn’t seem to work for some functions like getaddrinfo() that is used kind of everywhere to resolve host names. Instead those only statically rely on the definition of CONFIG_NET_SOCKETS_OFFLOAD. I had to patch zsock_getaddrinfo() and zsock_freeaddrinfo() with a global “ethernet” flag like this to make it changeable at runtime:

    #include "global.h"
    int zsock_getaddrinfo(const char *host, const char *service,
    		      const struct zsock_addrinfo *hints,
    		      struct zsock_addrinfo **res)
    {
    	if (!ethernet) {
    		if (IS_ENABLED(CONFIG_NET_SOCKETS_OFFLOAD)) {
    			return socket_offload_getaddrinfo(host, service, hints, res);
    		}
    	}
    
    	int ret = DNS_EAI_FAIL;
    
    …
    
    void zsock_freeaddrinfo(struct zsock_addrinfo *ai)
    {
    	if (!ethernet) {
    		if (IS_ENABLED(CONFIG_NET_SOCKETS_OFFLOAD)) {
    			return socket_offload_freeaddrinfo(ai);
    		}
    	}
    
    	free(ai);
    }

    I also patched mqtt_client_tls_connect() so the type given to the socket is SOCK_NATIVE instead of SOCK_NATIVE_TLS, making the entire socket going through MbedTLS:

    int mqtt_client_tls_connect(struct mqtt_client *client)
    {
    	const struct sockaddr *broker = client->broker;
    	struct mqtt_sec_config *tls_config = &client->transport.tls.config;
    	int type = SOCK_STREAM;
    	int ret;
    
    	if (tls_config->set_native_tls) {
    		type |= SOCK_NATIVE;
    	}
    
    	client->transport.tls.sock = zsock_socket(broker->sa_family,
    						  type, IPPROTO_TLS_1_2);
    	if (client->transport.tls.sock < 0) {
    		return -errno;
    	}
    
    	NET_DBG("Created socket %d", client->transport.tls.sock);
    
    …

    And finally this flag is enabled when Ethernet is needed by patching connect_client() of the aws_iot library:

    #include "global.h"
    static int connect_client(struct aws_iot_config *const config)
    {
    	int err;
    
    	err = client_broker_init(&client);
    	if (err) {
    		LOG_ERR("client_broker_init, error: %d", err);
    		return err;
    	}
    
    	if (ethernet) {
    		client.transport.tls.config.set_native_tls = true;
    	}
    
    	err = mqtt_connect(&client);
    	if (err) {
    		LOG_ERR("mqtt_connect, error: %d", err);
    		err = connect_error_translate(err);
    		perror("mqtt_connect");
    		return err;
    	}
    
    …

    This way, by changing the value of this ethernet flag on startup, I can up one interface or the other (LTE-M or Ethernet), start the DHCPv4 client on the Ethernet interface in case it is the selected one and the rest of the sample works properly by updating the AWS shadow. This is not made to have both interfaces up and working at the same time, in my case I just enable one or the other on startup depending on some local conditions (Ethernet cable plugged in or SIM card inserted).

    This is not a clean fix, it will probably require some adaptations to be made as I go along in my development (I’m not sure it will work as is with aws_fota for example). I’ll try to post the whole project with the SDK’s patch at some point.

    It seems crazy to me that I have to go through that much and alter the Zephyr networking libraries in this way, so I hope someone will be able to look at this and give some opinion, I may have missed something…

  • From what I have understood, what I did is a bit like  ’s solution mentioned here.

  • Comment from modem team;

    This is not a nRF Connect SDK specific problem. I would advice seeking help on Zephyr Discord channel on how to route traffic between multiple network interfaces.

    First, I recommend the author should to study how Socket Offloading is implemented on Zephyr side and also study Network Interface APIs. In nRF91 platform, socket offloading is the interface we use to feed the traffic to the modem. It cannot be disabled as there is no alternative way. Socket offloading should be enabled and socket dispatcher might be the solution.

  • Thanks for the insights. Indeed this seems to be a Zephyr limitation. Socket dispatcher sadly won’t help for things like getaddrinfo() or for Nordic’s libraries like AWS IoT because sockets are opened deep down in these ones.

    We are now facing issues with MBEDTLS using too much RAM of the nRF9160 despite following all the optimization guidelines, and no external RAM can be used to extend this. Maybe there aren’t any Nordic product that can suit our project right now, we may need to add a second microcontroller just to handle Ethernet communication, or to completely replace the nRF9160, we’ll see…

Reply
  • Thanks for the insights. Indeed this seems to be a Zephyr limitation. Socket dispatcher sadly won’t help for things like getaddrinfo() or for Nordic’s libraries like AWS IoT because sockets are opened deep down in these ones.

    We are now facing issues with MBEDTLS using too much RAM of the nRF9160 despite following all the optimization guidelines, and no external RAM can be used to extend this. Maybe there aren’t any Nordic product that can suit our project right now, we may need to add a second microcontroller just to handle Ethernet communication, or to completely replace the nRF9160, we’ll see…

Children
No Data
Related