tls vs (sntp vs sntp) #2042

nwf · 2017-07-14T04:00:50Z

While attempting to debug #1707, I was getting mysterious "please start SNTP first" errors. This was confusing, because I am starting SNTP, via sntp.sync(), and even waiting for the all-clear from the callback. Imagine my surprise to discover that the "please start SNTP first" comes from an entirely duplicate implementation of SNTP inside LwIP which, through some closed-source that I cannot trace in libmain.a, is backing mbedtls's notion of the current time (via the time() function), rather than the RTC, yielding "certificate in the future" errors.

Expected behavior

sntp.sync() should set every part of the system's idea of the time.

Actual behavior

There are at least two confused brains inside this thing.

As a hackish workaround, I defined LUA_USE_MODULES_RTCTIME and redefined MBEDTLS_PLATFORM_TIME_MACRO to a function which knows how to get the time from the RTC and removed app/include/lwip/sntp.h, app/include/lwip/app/time.h, and app/lwip/core/sntp.c. This is a link error waiting to happen, but as it happens, isn't right now. ;)

This is a little tricky to get right, because in a sense it means that LUA_USE_MODULES_RTCTIME gates MBEDTLS_HAVE_TIME and such, but the right files aren't included in the right place to do that at the moment.

Possibly the better option is to eliminate app/modules/sntp.c in favor of the LwIP implementation, or to create a shim replacement for the LwIP version that uses the sntp module's internals. Note that the latter option will require a timer to tick every second and keep a software clock up to date (like the LwIP implementation) or the use of the RTC.

Alternatively, we could disable that MBEDTLS_HAVE_TIME and MBEDTLS_HAVE_TIME_DATE so that the TLS implementation does not try to check lifetimes.

The text was updated successfully, but these errors were encountered:

marcelstoer · 2017-07-14T19:40:44Z

the "please start SNTP first" comes from an entirely duplicate implementation of SNTP inside LwIP

Yep, stumbled upon this the other day as well. Thanks for the analysis.

@pjsg and/or @jmattsson could you address this?

pjsg · 2017-07-14T20:19:38Z

I'm not available to look at this for about a month (due to travel).... I'm (sort of) reluctant to switch over to using the lwip flavor of sntp as I did a bunch of work to improve timekeeping and clock tuning to get a reasonably accurate clock (when not in deep sleep).

nwf · 2017-07-14T21:45:17Z

@pjsg I think my preference would be to keep the lua SNTP module as well. Could we edit libmain.a to remove everything that (transitively) depends on the lwip SNTP module, just so there's no risk of surprising link failure later?

I think I want it to be the case that LUA_USE_MODULES_RTCTIME implies and is implied by MBEDTLS_HAVE_TIME{,_DATE}. Does that seem reasonable?

nwf · 2017-08-04T18:57:37Z

It occurs to me to explicitly reference #1707 from this report, just to keep things tidy. Absent a fix to the mbedtls time source, we don't stand a chance at validating certificate lifetimes.

marcelstoer · 2017-08-04T21:08:21Z

@nwf I agree but that's still catch 22, isn't it? If we can't establish a TLS connection we don't stand a chance at validating its certificate lifetime 😜

Initial commit for nodemcu#2225 . Replay patches from Espressif's repository at https://github.com/espressif/ESP8266_NONOS_SDK between tags v2.1.0 and v2.2.0: 0001-sync-from-ccca00f2.patch Superseded by existing changes, but lines reordered in app/driver/key.c to minimize divergences. 0002-sync-from-3f38ad5a.patch Upstream files only 0003-Update-links.patch Not meaningful to NodeMCU 0004-sync-from-01990ad0.patch 0005-sync-from-cdf6877d.patch Upstream files only 0006-sync-from-f29e744c.patch Upstream files only, user_interface.h override non-conflicting 0009-feat-lwip-Move-lwip-source-code-to-third_party-folde.patch Merged change to lwip/app/espconn_udp.c; rest is just moves or appears to not apply. 0010-feat-mbedtls-Add-mbedtls-source-code-in-third_party-.patch Does not apply; we use our own mbedtls 0011-added-C-support.patch Merged to Makefile 0012-feat-mbedtls-Rebuild-libmbedtls.patch Already applied 0013-fix-at-Fix-some-bugs-of-AT.patch Upstream files only 0014-feat-err_t-Redefine-err_t-to-s32_t.patch Merged to app/include/arch/cc.h and ./app/include/lwip/app/espconn.h; the rest is upstream files. 0015-fix-wpa-Fix-wpa-wpa2-ptk-gtk-reinstallation-vulnerab.patch 0016-fix-wifi-Remove-group-key-entry-before-connecting-to.patch 0017-feat-lib-Remove-time-function-in-libmain.patch Upstream files only 0018-feat-espconn-Modification-for-espconn.patch Merged to app/include/lwip/app/espconn.h, app/include/lwip/app/espconn_tcp.h, app/lwip/app/espconn.c, app/lwip/app/espconn_tcp.c 0019-feat-at-Use-new-espconn_recv-to-fix-tcp-server-issue.patch 0020-feat-examples-Update-mqtt-demo-and-auto-bin-generate.patch Upstream files only 0021-wifi-Add-scan-threshold-and-dwell-time.patch 0022-feat-wifi-Add-country-code-API.patch 0023-feat-wifi-Record-more-information-of-scanned-ap.patch Upstream files only, user_interface.h override non-conflicting 0024-fix-example-Fix-IoT_Demo-user-sector-error.patch Upstream files only 0025-fix-lwip-Fix-sequence-number-error-of-RST-ACK.patch Merged app/lwip/core/tcp_in.c 0026-fix-mbedtls-Fix-memory-leak.patch Merged app/mbedtls/app/lwIPSocket.c 0027-fix-mbedtls-Fix-call-send-callback-function-failed.patch Merged app/mbedtls/app/espconn_mbedtls.c 0028-feat-Add-USE_OPTIMIZE_PRINTF-in-third_party-Makefile.patch Merged app/Makefile 0029-fix-api-Fix-ets_delay_us-declaration.patch Upstream files only, osapi.h override non-conflicting 0030-fix-wifi-Remove-max_tx_power-in-wifi_country_t-in-li.patch 0031-fix-wifi-Fix-softAP-wrong-behavior-after-call-system.patch 0032-fix-wifi-bugfix-of-scan-fail-after-connected-if-max-.patch 0033-feat-at-Enable-scan-time-scan-type-and-add-scan-resu.patch 0034-feat-at-Add-command-AT-CWCOUNTRY.patch 0035-fix-at-Fix-that-AT-CIPSTART-causes-busy-if-the-serve.patch Upstream files only 0036-feat-mbedtls-Speed-up-mbedtls-handshake-process.patch Merged app/mbedtls/app/espconn_mbedtls.c 0037-fix-api-Fix-os_calloc-declaration.patch Merged app/include/lwip/mem.h; sdk-overrides/include/mem.h non-conflicting. 0038-fix-mbedtls-Fix-disconnect-callback-function-never-b.patch Merged app/mbedtls/app/espconn_mbedtls.c; minor revision to logic in 6576af9. Whitespace fixes. 0039-feat-at-Add-country-code-start-channel-in-AT-CWCOUNT.patch 0040-fix-net80211-Fix-Null-pointer-in-ieee80211_rfid_locp.patch Upstream files only 0041-feat-wifi-Add-new-esp_init_data_default-v08-bin.patch Upstream files only, but impacts Makefile 0042-fix-mbedtls-Fix-load-cert-fail-when-the-private-key-.patch Merged app/mbedtls/app/espconn_mbedtls.c 0043-fix-wifi-The-start-channel-can-be-any-valid-channel.patch 0044-fix-wifi-Fix-scan-do-not-start-after-connect.patch 0045-feat-wifi-Add-keep-connection-for-station-to-keep-co.patch 0046-feat-at-Update-AT-version-to-1.6.0.0.patch 0047-fix-at-Fix-GSLP-too-long-time.patch 0048-fix-at-Fix-the-message-is-incorrect-when-creating-UD.patch 0049-feat-at-Add-AT-CIPSERVERMAXCONN.patch Upstream files only 0050-feat-system-Add-softap-distributes-station-ip-event.patch Upstream files only, user_interface.h override non-conflicting 0051-feat-example-Use-libmbedtls.a-instead-of-libssl.a-in.patch Upstream files only 0052-feat-mesh-Remove-mesh-support.patch Upstream files only, but go ahead and remove comment from ld/nodemcu.ld. 0053-fix-example-Fix-forget-to-add-integer-parameter-when.patch Upstream files only 0054-fix-mbedtls-Fix-reconnect_callback-is-not-triggered-.patch Merged app/mbedtls/app/espconn_mbedtls.c 0055-feat-at-Add-AT-SYSMSG-to-enable-some-report-informat.patch 0056-fix-at-Fix-the-incorrect-link-id-when-client-connect.patch 0057-fix-at-Fix-the-bug-that-it-should-be-error-when-the-.patch 0058-fix-smartconfig-Fix-the-smartconfig-scan-time-issue.patch 0059-fix-lwip-Fix-the-bug-of-lwip-output.patch Upstream files only 0060-fix-lwip-Fix-the-length-of-TCP-data-in-one-packet-is.patch 0061-fix-lwip-Fix-send-TCP-data-with-two-or-more-pbuf.patch Merged app/lwip/core/tcp_out.c 0062-fix-wifi-Fix-assert-happen-when-smartconfig-start-th.patch Upstream files only 0063-fix-mbedtls-Fix-memory-leak-when-ESP8266-as-SSL-TLS-.patch Merged app/mbedtls/app/espconn_mbedtls.c 0064-fix-mbedtls-Fix-already-freed-and-exception-bug-when.patch Merged app/mbedtls/app/lwIPSocket.c 0065-fix-at-Fix-bug-that-there-is-no-result-when-sending-.patch 0066-feat-example-Add-AT-bin-version.patch 0067-feat-version-Update-version-to-2.2.0-and-add-version.patch 0068-feat-bin-Update-AT-bin-for-SDK-2.2.0.patch Upstream files only Apply local changes to build: app/include/lwip/app/espconn.h pulls changes (and license decl) from upstream SDK. Makefile is altered to use this file ahead of the SDK's. Remove lwip's sntp support, since it was never really wired in anyway. See nodemcu#2042 for more information. Patch Makefile to strip time.o, the consumer of lwip's sntp functionality, from libmain.a, resulting in much easier-to-understand error messages. This has consequences for mbedtls. The simplest thing to do, which is, impressively, not a change in behavior, is to completely disable TLS certificate time validation; a later patch can optionally couple this to RTCTIME support. Similarly, it happens that the sqlite3 import was calling time(), but this was not going to work out well for it. Just stub it out to always return unix timestamp 0, as would have happened anyway. Changes unprocessed: 0007-sync-from-080c37e1.patch 0008-feat-lib-Compile-some-libraries-with-ffunction-secti.patch These two make changes to the linker script; perhaps they are worth porting over, but I have not done so here. This is build-tested (ADC, BIT, COLOR_UTILS, CRON, CRYPTO, DHT, ENCODER, FILE, GPIO, HTTP, I2C, MQTT, NET, NODE, OW, PCM, PERF, PWM, RTCFIFO, RTCMEM, RTCTIME, SNTP, SPI, SQLITE3, STRUCT, TLS, TMR, UART, WIFI, WS2812, WS2812_EFFECTS) and boots, but only limited run-time testing has been performed. Testing done does, however, include having made a few TLS connections through the HTTP module, so things are not hopelessly broken, at the very least.

stale · 2019-07-21T08:21:32Z

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

nwf · 2019-07-21T09:38:52Z

That's fair, stalebot. This is still a problem, tho', so far as I know.

stale · 2020-07-16T01:40:00Z

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

nwf mentioned this issue Aug 23, 2017

Trouble connecting NodeMCU to Microsoft Azure IoT Hub #2049

Closed

stale bot added the stale label Jul 21, 2019

stale bot removed the stale label Jul 21, 2019

stale bot added the stale label Jul 16, 2020

stale bot closed this as completed Jul 30, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

tls vs (sntp vs sntp) #2042

tls vs (sntp vs sntp) #2042

nwf commented Jul 14, 2017

marcelstoer commented Jul 14, 2017

pjsg commented Jul 14, 2017

nwf commented Jul 14, 2017

nwf commented Aug 4, 2017

marcelstoer commented Aug 4, 2017

stale bot commented Jul 21, 2019

nwf commented Jul 21, 2019

stale bot commented Jul 16, 2020

tls vs (sntp vs sntp) #2042

tls vs (sntp vs sntp) #2042

Comments

nwf commented Jul 14, 2017

Expected behavior

Actual behavior

marcelstoer commented Jul 14, 2017

pjsg commented Jul 14, 2017

nwf commented Jul 14, 2017

nwf commented Aug 4, 2017

marcelstoer commented Aug 4, 2017

stale bot commented Jul 21, 2019

nwf commented Jul 21, 2019

stale bot commented Jul 16, 2020