Skip to content

WifiClientSecure send hangs program execution on half-open socket #6997

Closed
@20162026

Description

@20162026

Board

all boards

Device Description

Hardware Configuration

Version

v2.0.4

IDE Name

PlatformIO

Operating System

Win 10

Flash frequency

40Mhz

PSRAM enabled

no

Upload speed

115200

Description

In case of half-open socket and SSL buffer overflow send_ssl_data function will hang program execution for >2hours (TCP_KEEPIDLE) until the socket connection times out.

In order to reproduce:

  1. Connect to SSL server using wificlientsecure
  2. Force halfopen socket (disconnect net cable from the router, firewall ESP traffic, kill the server without proper termination)
  3. Send >4kb data over wificlientsecure socket
  4. ESP will hand in send_ssl_data for > 2 hours until

this issue was addressed in #4424 but then got reverted by #4820

Sketch

/*platformio.ini

[env:esp32doit-devkit-v1]
    platform = espressif32
    board = esp32doit-devkit-v1
    framework = arduino
    monitor_speed = 115200
    build_flags = -DCORE_DEBUG_LEVEL=5

*/

/*

    steps to reproduce:
    1) Connect to wifi
    2) Press 2 in the serial terminal to connect to the google 443
    3) Force half-open socket (eg. disconnect the ethernet cable from the router)
    4) Press 3 couple times until ESP hangs

*/

#include <Arduino.h>
#include <WiFi.h>
#include <WiFiClientSecure.h>

#if __has_include("wifi_settings.h")
#include "wifi_settings.h"
#endif

#ifndef WIFI_SSID
#define WIFI_SSID "SSID"
#endif

#ifndef WIFI_PSW
#define WIFI_PSW "PASSOWRD"
#endif


void setup()
{
    Serial.begin(115200);
    WiFi.begin(WIFI_SSID, WIFI_PSW);
    while (WiFi.status() != WL_CONNECTED)
    {
        delay(500);
        Serial.print(".");
    }
    Serial.print("wifi connected");
}


#define SERVER_PORT 443
#define SERVER_HOST "www.google.com"
#define URI_long "/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
#define REQ_HEDERS

const uint8_t request_long[] = "GET " URI_long " HTTP/1.1\r\nHost: " SERVER_HOST REQ_HEDERS "\r\n\r\n";


WiFiClientSecure *ssl = NULL;

int init_socket()
{
    if(ssl == NULL)
        ssl = new WiFiClientSecure;
    

    if(ssl->connected())
    {
        return 0;
    }
    else
    {
        ssl->setInsecure();
        // ssl->setTimeout(1);
        ssl->connect(SERVER_HOST, SERVER_PORT);
        return ssl->connected()? 0 : -1;
    }

    return -1;
}

int https_request(const uint8_t* req, size_t req_len)
{
    if(ssl == NULL || !ssl->connected())
    {
        return -1;
    }

    unsigned long time_start = millis();
    if (!ssl->write(req, req_len))
    {
        Serial.println("request failed");
        return -1;
    }

    Serial.println("request sent");

    while(ssl->available()==0 && (millis() - time_start) < 500)
        delay(20);
    while (ssl->available())
    {
        char c = ssl->read();
        Serial.print(c);
    }

    return 0;
}


uint lastprint = 0;
void loop()
{
    int c = 0;
    while(Serial.available())
        c = Serial.read();

    if(millis()-lastprint > 5000)
    {
        lastprint = millis();
        const int socket_avail = ssl? ssl->connected() : 0;
        Serial.printf("[%u] %u\r\n", lastprint, socket_avail);
    }

    switch(c)
    {
        case '1':
            Serial.println("1");
            break;
        case '2':
            init_socket();
            break;
        case '3':
            https_request(request_long, sizeof(request_long));
            break;
    }
}

Debug Message

-

Other Steps to Reproduce

No response

I have checked existing issues, online documentation and the Troubleshooting Guide

  • I confirm I have checked existing issues, online documentation and Troubleshooting guide.

Activity

20162026

20162026 commented on Jul 16, 2022

@20162026
Author

Also correct me if I'm wrong, but isn't current implementation of WifiClientSecure setTimeout useless? As SO_SNDTIMEO and SO_RCVTIMEO (that are set using it) do not affect non blocking sockets?

mrengineer7777

mrengineer7777 commented on Jan 20, 2023

@mrengineer7777
Collaborator

@20162026 @VojtechBartoska Possibly resolved by #7351 . That PR adds a timeout for send_ssl_data().

20162026

20162026 commented on Jan 20, 2023

@20162026
Author

socket_timeout added in #7351 resolves this issue

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions

      WifiClientSecure send hangs program execution on half-open socket · Issue #6997 · espressif/arduino-esp32