ESP32 + Signing fails after xxx msg as result of memory leak
-
MySensors Version: 2.3.2 (and prior versions)
Hardware: ESP32Summary of Issue: ESP32 in combination with signing enabled will result in signing failure after fixed number of messages (signing events).
Detailed description:
I was performing some benchmark tests with different boards in combination with MY_SECURITY_SIMPLE_PASSWD enabled to analyse the impact on message delays (responsiveness). During these tests with an ESP32 (esp32doit-devkit-v1)
I experienced that the first set of messages were going all OK, but after a while I stopped receiving messages at the controller.Diving deeper into the problem I found:
- The ESP32 was at fault - resetting the device was sufficient to get things running again (for a while)
- The problem occurs for both ESP32 configured as Gateway or Node
- It fails repeatably after the same number of messages after a restart of the ESP32 (and the number of successful messages is sketch dependent - e.g. after 520 messages for my GW sketch and 725 messages for my test node).
Solution:
quite some steps of debugging later I found that the signing was failing and the root cause appeared to be a memory leak at:MyCryptoESP32.cpp in the SHA256 and the SHA256HMAC functions, which perform a
mbedtls_md_init(&ctx);, but no call tombedtls_md_free(&ctx);is present to clear the internal structure created at the end of the function.
After addingmbedtls_md_free(&ctx);at the end of both SHA256 and SHA256HMAC functions the bug appears to be solved (I stopped testing after 133.000 successful messages :grin: ).Another point I noticed in my debugging quest is that I also think I spotted a small "typo" in MySigning.cpp in the signerInternalProcessNonceRequest function.
In the debug message it reports the SGN:NCE:XMT,TO=xxx, where for xxx now themsg.getSender()is being used, but I suppose that should bemsg.getDestination(), i.e. the location (= target Node) TO which the nonce is send.I initially wanted to try and make (my first) pull request with this fix, but got stranded at the CLA agreement for now (I don't know if my employer will agree to all the terms in the agreement on the patent licensing stuff and legal stuff is not my strong suit).
Hope this solution will in the meantime help other MySensors users using an ESP32 and also have signing enabled.
-
MySensors Version: 2.3.2 (and prior versions)
Hardware: ESP32Summary of Issue: ESP32 in combination with signing enabled will result in signing failure after fixed number of messages (signing events).
Detailed description:
I was performing some benchmark tests with different boards in combination with MY_SECURITY_SIMPLE_PASSWD enabled to analyse the impact on message delays (responsiveness). During these tests with an ESP32 (esp32doit-devkit-v1)
I experienced that the first set of messages were going all OK, but after a while I stopped receiving messages at the controller.Diving deeper into the problem I found:
- The ESP32 was at fault - resetting the device was sufficient to get things running again (for a while)
- The problem occurs for both ESP32 configured as Gateway or Node
- It fails repeatably after the same number of messages after a restart of the ESP32 (and the number of successful messages is sketch dependent - e.g. after 520 messages for my GW sketch and 725 messages for my test node).
Solution:
quite some steps of debugging later I found that the signing was failing and the root cause appeared to be a memory leak at:MyCryptoESP32.cpp in the SHA256 and the SHA256HMAC functions, which perform a
mbedtls_md_init(&ctx);, but no call tombedtls_md_free(&ctx);is present to clear the internal structure created at the end of the function.
After addingmbedtls_md_free(&ctx);at the end of both SHA256 and SHA256HMAC functions the bug appears to be solved (I stopped testing after 133.000 successful messages :grin: ).Another point I noticed in my debugging quest is that I also think I spotted a small "typo" in MySigning.cpp in the signerInternalProcessNonceRequest function.
In the debug message it reports the SGN:NCE:XMT,TO=xxx, where for xxx now themsg.getSender()is being used, but I suppose that should bemsg.getDestination(), i.e. the location (= target Node) TO which the nonce is send.I initially wanted to try and make (my first) pull request with this fix, but got stranded at the CLA agreement for now (I don't know if my employer will agree to all the terms in the agreement on the patent licensing stuff and legal stuff is not my strong suit).
Hope this solution will in the meantime help other MySensors users using an ESP32 and also have signing enabled.
@Technovation good find. I am not familiar with the esp32 implementation of signing though. Not sure who has implemented it as using a TLS API is not anything I have been involved with. But as it is in git, hit blame will probably lead you to which developer to approach :)
-
MySensors Version: 2.3.2 (and prior versions)
Hardware: ESP32Summary of Issue: ESP32 in combination with signing enabled will result in signing failure after fixed number of messages (signing events).
Detailed description:
I was performing some benchmark tests with different boards in combination with MY_SECURITY_SIMPLE_PASSWD enabled to analyse the impact on message delays (responsiveness). During these tests with an ESP32 (esp32doit-devkit-v1)
I experienced that the first set of messages were going all OK, but after a while I stopped receiving messages at the controller.Diving deeper into the problem I found:
- The ESP32 was at fault - resetting the device was sufficient to get things running again (for a while)
- The problem occurs for both ESP32 configured as Gateway or Node
- It fails repeatably after the same number of messages after a restart of the ESP32 (and the number of successful messages is sketch dependent - e.g. after 520 messages for my GW sketch and 725 messages for my test node).
Solution:
quite some steps of debugging later I found that the signing was failing and the root cause appeared to be a memory leak at:MyCryptoESP32.cpp in the SHA256 and the SHA256HMAC functions, which perform a
mbedtls_md_init(&ctx);, but no call tombedtls_md_free(&ctx);is present to clear the internal structure created at the end of the function.
After addingmbedtls_md_free(&ctx);at the end of both SHA256 and SHA256HMAC functions the bug appears to be solved (I stopped testing after 133.000 successful messages :grin: ).Another point I noticed in my debugging quest is that I also think I spotted a small "typo" in MySigning.cpp in the signerInternalProcessNonceRequest function.
In the debug message it reports the SGN:NCE:XMT,TO=xxx, where for xxx now themsg.getSender()is being used, but I suppose that should bemsg.getDestination(), i.e. the location (= target Node) TO which the nonce is send.I initially wanted to try and make (my first) pull request with this fix, but got stranded at the CLA agreement for now (I don't know if my employer will agree to all the terms in the agreement on the patent licensing stuff and legal stuff is not my strong suit).
Hope this solution will in the meantime help other MySensors users using an ESP32 and also have signing enabled.
@Technovation It take the blame :)
Thanks for reporting, PR submitted.(The debug message is correct; msg contains the incoming nonce request => the sender is the recipient of the nonce response)
-
@Technovation It take the blame :)
Thanks for reporting, PR submitted.(The debug message is correct; msg contains the incoming nonce request => the sender is the recipient of the nonce response)
@tekka thanks for submitting the PR.
No blaming needed :slightly_smiling_face: , just happy that there are people like you that contribute to this nice project. -
do you think this is similar issue: https://forum.mysensors.org/topic/11861/gateway-fails-with-tsf-msg-sign-verify-fail-after-period-of-time ?
-
actually it is :) thanks a lot :)
