Coder Social home page Coder Social logo

Comments (6)

gilmaimon avatar gilmaimon commented on June 26, 2024 1

@adelin-mcbsoft Interesting. connect should not be called more than once per client, so if you somehow need to call connect again, make sure you reset the object (buy assigning it to a new instance, for example).

Hopefully you will resolve the rest, and if not - I'm here to help!

Have a great weekend,
Gil.

from arduinowebsockets.

gilmaimon avatar gilmaimon commented on June 26, 2024

Hi, again!

I'm always glad to read your issues, sadly I'm a bit short on time right now.

This is definitely a very good question, I believe it is inherited from WiFiClient from the esp32 library. What I think happened, is that espressif changed the implementation recently. But, I haven't tested anything yet by myself, I will do my best to look into it this weekend.

Just wanted to let you know the library is still active and that I'm not ignoring the issue by any way.

Best regards,
Gil.

from arduinowebsockets.

gilmaimon avatar gilmaimon commented on June 26, 2024

So, let's see.
I'm using Arduino IDE 1.8.7 and version 1.0.1 of esp32 libraries (looking in board manager, there is also 1.02 which I will try in a moment).
With the correct CA, logs:

[D][WiFiGeneric.cpp:342] _eventCallback(): Event: 0 - WIFI_READY
18:09:11.252 -> [D][WiFiGeneric.cpp:342] _eventCallback(): Event: 2 - STA_START
18:09:11.252 -> .[D][WiFiGeneric.cpp:342] _eventCallback(): Event: 4 - STA_CONNECTED
.[D][WiFiGeneric.cpp:342] _eventCallback(): Event: 7 - STA_GOT_IP
18:09:12.318 -> [D][WiFiGeneric.cpp:385] _eventCallback(): STA IP: 10.0.0.22, MASK: 255.255.255.0, GW: 10.0.0.138
[V][ssl_client.cpp:53] start_ssl_client(): Free internal heap before TLS 288372
18:09:13.267 -> [V][ssl_client.cpp:55] start_ssl_client(): Starting socket
[V][ssl_client.cpp:88] start_ssl_client(): Seeding the random number generator
18:09:13.680 -> [V][ssl_client.cpp:97] start_ssl_client(): Setting up the SSL/TLS structure...
18:09:13.680 -> [V][ssl_client.cpp:110] start_ssl_client(): Loading CA cert
18:09:13.680 -> [V][ssl_client.cpp:175] start_ssl_client(): Setting hostname for TLS session...
18:09:13.680 -> [V][ssl_client.cpp:190] start_ssl_client(): Performing the SSL/TLS handshake...
[V][ssl_client.cpp:211] start_ssl_client(): Verifying peer X.509 certificate...
18:09:14.194 -> [V][ssl_client.cpp:220] start_ssl_client(): Certificate verified.
18:09:14.194 -> [V][ssl_client.cpp:235] start_ssl_client(): Free internal heap after TLS 247604
18:09:14.194 -> [E][WiFiClient.cpp:264] setOption(): 9
18:09:14.194 -> [V][ssl_client.cpp:274] send_ssl_data(): Writing HTTP request...
Connnection Opened
18:09:14.398 -> [V][ssl_client.cpp:274] send_ssl_data(): Writing HTTP request...
18:09:14.398 -> [V][ssl_client.cpp:274] send_ssl_data(): Writing HTTP request...
18:09:14.398 -> [V][ssl_client.cpp:274] send_ssl_data(): Writing HTTP request...
18:09:14.398 -> [V][ssl_client.cpp:274] send_ssl_data(): Writing HTTP request...
18:09:14.398 -> [V][ssl_client.cpp:274] send_ssl_data(): Writing HTTP request...
Got Message: Hello Server
18:09:14.601 -> Got a Pong!
[V][ssl_client.cpp:274] send_ssl_data(): Writing HTTP request...
18:09:44.694 -> [V][ssl_client.cpp:274] send_ssl_data(): Writing HTTP request...
18:09:44.694 -> Got a Ping!
...

With no CA:

[D][WiFiGeneric.cpp:342] _eventCallback(): Event: 0 - WIFI_READY
18:12:51.976 -> [D][WiFiGeneric.cpp:342] _eventCallback(): Event: 2 - STA_START
..[D][WiFiGeneric.cpp:342] _eventCallback(): Event: 4 - STA_CONNECTED
.[D][WiFiGeneric.cpp:342] _eventCallback(): Event: 7 - STA_GOT_IP
18:12:54.114 -> [D][WiFiGeneric.cpp:385] _eventCallback(): STA IP: 10.0.0.22, MASK: 255.255.255.0, GW: 10.0.0.138
[V][ssl_client.cpp:53] start_ssl_client(): Free internal heap before TLS 288208
18:12:55.031 -> [V][ssl_client.cpp:55] start_ssl_client(): Starting socket
[V][ssl_client.cpp:88] start_ssl_client(): Seeding the random number generator
18:12:55.768 -> [V][ssl_client.cpp:97] start_ssl_client(): Setting up the SSL/TLS structure...
18:12:55.768 -> [I][ssl_client.cpp:151] start_ssl_client(): WARNING: Use certificates for a more secure communication!
18:12:55.768 -> [V][ssl_client.cpp:175] start_ssl_client(): Setting hostname for TLS session...
18:12:55.768 -> [V][ssl_client.cpp:190] start_ssl_client(): Performing the SSL/TLS handshake...
[V][ssl_client.cpp:211] start_ssl_client(): Verifying peer X.509 certificate...
18:12:56.276 -> [V][ssl_client.cpp:220] start_ssl_client(): Certificate verified.
18:12:56.276 -> [V][ssl_client.cpp:235] start_ssl_client(): Free internal heap after TLS 247692
18:12:56.276 -> [E][WiFiClient.cpp:264] setOption(): 9
18:12:56.276 -> [V][ssl_client.cpp:274] send_ssl_data(): Writing HTTP request...
Connnection Opened
18:12:56.480 -> [V][ssl_client.cpp:274] send_ssl_data(): Writing HTTP request...
18:12:56.480 -> [V][ssl_client.cpp:274] send_ssl_data(): Writing HTTP request...
18:12:56.480 -> [V][ssl_client.cpp:274] send_ssl_data(): Writing HTTP request...
18:12:56.480 -> [V][ssl_client.cpp:274] send_ssl_data(): Writing HTTP request...
18:12:56.480 -> [V][ssl_client.cpp:274] send_ssl_data(): Writing HTTP request...
Got Message: Hello Server
18:12:56.679 -> Got a Pong!
[V][ssl_client.cpp:274] send_ssl_data(): Writing HTTP request...
18:13:26.786 -> [V][ssl_client.cpp:274] send_ssl_data(): Writing HTTP request...
18:13:26.786 -> Got a Ping!
...

Really the only diff in the logs is that when you pass a CACert, this code gets executed, which prints the log:

[V][ssl_client.cpp:110] start_ssl_client(): Loading CA cert

And when no CACert is present, this code gets executed which led me to this PR

Looks like since that PR, the ESP32 libraries support Self-Signed Certificates. I had no idea that was a thing, now I do know.

Overall, looks like this behavior is as intended, and yet it is better and safer to provider a certificate.
For completeness I also updated the esp32 libraries to version 1.0.2 (latest) and everything still worked the same.

Best wishes,
Gil.

from arduinowebsockets.

adelin-mcbsoft avatar adelin-mcbsoft commented on June 26, 2024

So - just to be sure I got it right - if you don't provide a CA, it does secure the communication with the existing public certificates of the host, yet it does not verify if it's a valid one - right ?

from arduinowebsockets.

gilmaimon avatar gilmaimon commented on June 26, 2024

Yes, looks like it does some kind of verification

from arduinowebsockets.

adelin-mcbsoft avatar adelin-mcbsoft commented on June 26, 2024

Cool! Thanks Gil, another dilemma (and hopefully the last one) solved.

(Offtopic, I may have one more though - but it's currently under investigation... I have a situation where ESP disconnects for some (yet - unknown) reason, and doesn't want to client.connect back until reset. But it's still under investigation, may not be related to the library).

Anyway, once again, thanks a lot for your support! Means a lot for me and my project, and hopefully it will pay off (for both of us) someday.

Wish you all the best and a great weekend (at least what's left of it),

Best,
A.

from arduinowebsockets.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.