I’m using lib mbedtls 2.13.0, I currently have an issue that function mbedtls_ssl_write return 0 (success on write) without verifying ACK packet from the receiver. I tried to shut down network connection on my device and mbedtls_ssl_write also return 0.
It’s kinda strange because I have chose TCP protocol MBEDTLS_NET_PROTO_TCP when connecting with mbedtls_net_connect.
What am I doing wrong? If mbedtls_ssl_write couldn’t handle the verifying ACK, how should I resolve it manually?
* \return The (non-negative) number of bytes actually written if
* successful (may be less than \p len).
So, if you the functions returned 0, then it doesn’t mean it’s a success on write, but the number of bytes written.
Please enable logs to understand why the function returns 0.
Note that Mbed TLS is a TLS stack, and doesn’t handle the TCP stack messages.
Have you verified with a network sniffer such as wireshark that ACK is indeed not received?
Regards,
Mbed TLS Team member
Ron
If mbedtls_ssl_write returns bytes that written then how should I differ these cases:
Something went wrong and 0 bytes was written.
Device’s network shut down. (I enabled debug mod with mbedtls_ssl_conf_dbg and mbedtls_debug_set_threshold but there is no error log in this case, only 0 is returned as above case).
Device doesn’t receive ACK from host at all. (I met this situation once but I haven’t managed to reproduce the case but I wonder what is the expected behavior for this case?)
In this case you should be getting an error code, not 0
Device’s network shut down. (I enabled debug mod with mbedtls_ssl_conf_dbg and mbedtls_debug_set_threshold but there is no error log in this case, only 0 is returned as above case).
Can you trace where the 0 is returned from? Is it from your bio write callback or from the Mbed TLS code?
Device doesn’t receive ACK from host at all. (I met this situation once but I haven’t managed to reproduce the case but I wonder what is the expected behavior for this case?)
Again, this is in the TCP stack. You should probably look at your bio callback implementations.
Again, this is in the TCP stack. You should probably look at your bio callback implementations.
Sorry for the misunderstanding, I use mbedtls_net_send and mbedtls_net_recv, which are packed within mbedtls package, as callback functions to send/receive packet.
Can you trace where the 0 is returned from? Is it from your bio write callback or from the Mbed TLS code?
My bad, the 0 returned is from another wrapper. The correct behavior is:
I disconnect my device’s network.
Then I try to send a PING packet with 2 bytes data.
The result is that mbedtls_ssl_write returns 2 bytes were written.
Therefore, maybe something wrong with mbedtls_net_send because it doesn’t fire any complaint about missing ACK?
Or mbedtls_ssl_write doesn’t handle errors returned by mbedtls_net_send and I have to handle it by myself?
Edit: I just figured out that mbedtls_net_send uses write, which only returns byte that written into OS kernel. Seem like I have to implement an acknowledgement mechanism on app-level to verify whether the server side receive my message or not.
Edit : I just figured out that mbedtls_net_send uses write , which only returns byte that written into OS kernel. Seem like I have to implement an acknowledgement mechanism on app-level to verify whether the server side receive my message or not.
Yes, this is what I was trying to explain, sorry for not explaining correct.
Regards,
Ron