MicroPython Forum (Archive)

Please see the new forum at
https://forum.micropython.org/

Issue connecting sockets to some websites

https://forum.micropython.org/viewtopic.php?f=16&t=10437

Page 1 of 1

Issue connecting sockets to some websites

Posted: Mon May 03, 2021 2:40 am
by jphalip
Hi,

I'm using a fresh install of esp8266-1m-20210418-v1.15.bin on a ESP-01 with 1MB flash and I'm having some issues opening sockets to some websites.

Here's the basic code:

Code: Select all

def socket_connect(hostname):
    addr = socket.getaddrinfo(hostname, 443)[0][-1]
    s = socket.socket()
    s.connect(addr)
    s = ussl.wrap_socket(s, server_hostname=hostname)
    s.close()
    return True
It works fine for some sites:

Code: Select all

>>> socket_connect('www.google.com')
True
>>> socket_connect('www.yahoo.com')
True
>>> socket_connect('micropython.org')
True
However, I get at least two kinds of errors with other sites.

Here's the first error:

Code: Select all

>>> socket_connect('www.nytimes.com')
TLS buffer overflow, record size: 5176 (+5)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "<stdin>", line 26, in socket_connect
OSError: (-257, 'RECORD_OVERFLOW')
I believe this is caused by the SSL buffer being too small. In the past I was able to fix this using an AT command: "AT+CIPSSLSIZE=8192". Is it possible to do the same with MicroPython?

Here is the second error:

Code: Select all

>>> socket_connect('www.wikimedia.org')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "<stdin>", line 26, in socket_connect
OSError: -40
Is that related to the previous error? Do you know how to fix it?

Thanks!

Julien

Re: Issue connecting sockets to some websites

Posted: Sat May 08, 2021 11:53 pm
by jphalip
Just a friendly bump :)

If someone has some clues on how to address this, please let me know. Thanks!

Re: Issue connecting sockets to some websites

Posted: Sun May 09, 2021 8:24 am
by pythoncoder
SSL/TLS on ESP8266 is challenging in terms of RAM, however I don't understand the subject well enough to comment on why success is site dependent.

Re: Issue connecting sockets to some websites

Posted: Sun May 09, 2021 10:25 pm
by jphalip
Thanks for your reply.

Regarding the two issues:

1) OSError: (-257, 'RECORD_OVERFLOW')

I saw in this thread on Github that this was due to a SSL buffer overflow. So as suggested in that thread I rebuilt Micropython with "-DRT_EXTRA=8192" (Note: I'm using a ESP-01 with a 1MB flash size):

Code: Select all

docker run --rm -v $HOME:$HOME -u $UID -w $PWD larsks/esp-open-sdk make -C mpy-cross
cd ports/esp8266
docker run --rm -v $HOME:$HOME -u $UID -w $PWD larsks/esp-open-sdk make BOARD=GENERIC_1M
esptool.py -p ${PORT} erase_flash
esptool.py --port ${PORT} --baud 460800 write_flash --flash_size=detect 0 build-GENERIC_1M/firmware-combined.bin
And that indeed did fix the issue:

Code: Select all

>>> socket_connect('www.nytimes.com')
True
2) OSError: -40

I'm still having this issue. Apparently I'm not the only one, as per these issues on Github:
https://github.com/micropython/micropython/issues/6468
https://github.com/micropython/micropyt ... issues/400

Any tips on how to troubleshoot this would be very welcome. Thanks!

Re: Issue connecting sockets to some websites

Posted: Mon May 10, 2021 12:05 am
by jphalip
An update from my research:

According to this Github thread, this issue might be due to the fact that the AXTLS library doesn't support ECDHE ciphers. This makes sense as the site that's failing for me indeed uses the following:

Code: Select all

nmap --script ssl-enum-ciphers -p 443 www.wikimedia.org
Starting Nmap 7.91 ( https://nmap.org ) at 2021-05-09 17:02 PDT
Nmap scan report for www.wikimedia.org (198.35.26.96)
Host is up (0.0048s latency).
rDNS record for 198.35.26.96: text-lb.ulsfo.wikimedia.org

PORT    STATE SERVICE
443/tcp open  https
| ssl-enum-ciphers:
|   TLSv1.2:
|     ciphers:
|       TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (ecdh_x25519) - A
|       TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (ecdh_x25519) - A
|       TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (ecdh_x25519) - A
|       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (ecdh_x25519) - A
|       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (ecdh_x25519) - A
|       TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (ecdh_x25519) - A
|     compressors:
|       NULL
|     cipher preference: client
|_  least strength: A
Apparently there is an open pull request to allow using Mbed TLS instead of AXTLS.

If anyone has any further advice, or knows the status of that pull request, please let me know.

Re: Issue connecting sockets to some websites

Posted: Mon May 10, 2021 12:08 pm
by SpotlightKid
See also Damien's remark on this PR in the linked issue https://github.com/micropython/micropyt ... -690840497. I think it's unlikely that this gets merged in the current state, i.e. with mbedtls being the default. But that's just my conjecture.

Re: Issue connecting sockets to some websites

Posted: Sat Sep 04, 2021 11:17 am
by VicLuna
I'm having this problem too.

I scripted a code some month ago. It's been working almost for a year and now I've got this error

Code:

s= socket.socket()
url = "https://script.google.com/macros/s/AKfy ... Pu9wn/exec"

headers = {
'Content-Type': "application/json"
# 'cache-control': "no-cache",
# 'Postman-Token': "a5755aed-3496-4fa0-ac9f-58cc4a3005dc"
}

r=requests.post(url, json=Mostra, headers=headers)
print(r)

--------------------------------------------------
after execution
MicroPython v1.17 on 2021-09-02; ESP module with ESP8266

Type "help()" for more information.
>>> %Run -c $EDITOR_CONTENT
TLS buffer overflow, record size: 6447 (+5)
Traceback (most recent call last):
File "<stdin>", line 70, in <module>
File "urequests.py", line 120, in post
File "urequests.py", line 62, in request
OSError: (-257, 'RECORD_OVERFLOW')

What I check it's that post doen't reach api server.
On the other hand I checked with a postman post that server is available.

May you help me to solve?

Re: Issue connecting sockets to some websites

Posted: Sat Sep 18, 2021 8:20 am
by VicLuna
Hi

I've also tried this post:
r=requests.post(url, json=Mostra, headers=headers)

with this library
https://gist.github.com/SpotlightKid/86 ... equests-py

but I got same error.

TLS buffer overflow, record size: 6562 (+5)
Traceback (most recent call last):
File "<stdin>", line 70, in <module>
File "mrequest.py", line 31, in post
File "mrequest.py", line 291, in request
OSError: (-257, 'RECORD_OVERFLOW')

Any idea?

Re: Issue connecting sockets to some websites

Posted: Tue Apr 05, 2022 12:29 am
by vinzstone
VicLuna wrote:
Sat Sep 18, 2021 8:20 am
 Hi

I've also tried this post:
r=requests.post(url, json=Mostra, headers=headers)

with this library
https://gist.github.com/SpotlightKid/86 ... equests-py

but I got same error.

TLS buffer overflow, record size: 6562 (+5)
Traceback (most recent call last):
File "<stdin>", line 70, in <module>
File "mrequest.py", line 31, in post
File "mrequest.py", line 291, in request
OSError: (-257, 'RECORD_OVERFLOW')

Any idea?
Good day sir, have you managed to solve this problem? I'm facing the same thing too, im using NodeMCUV3 ESP8266.
I also used the prequest.py from SpotLightKid and i still got no luck.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/