openssl (dtls) messages are not processed

[vincent-iQontrol]

When we try to read a value like: await client.put('Json', payload: payload); messages are comming in network/coap_network_openssl.dart in the _dtlsConnection?.received.listen part, but only if I add a delay before the listener like this:

await Future.delayed(Duration(milliseconds: 2000)); _dtlsConnection?.received.listen( (final frame) { final message = CoapMessage.fromUdpPayload(Uint8Buffer()..addAll(frame)); eventBus.fire(CoapMessageReceivedEvent(message, address));

The problem is that it looks like the messages are not pushed to the eventBus because there is nothing coming in on the net/endpoint.dart void _receiveMessage(final CoapMessageReceivedEvent event) {

Resulting in a CoAP encountered an exception: CoapRequestTimeoutException: Request timed out after 2 retransmits. message

[vincent-iQontrol]

@JKRhb I found the routing issue with the eventbus, namespace wasn't passed into coap_inetwork.dart:

case DtlsBackend.OpenSsl:
            return CoapNetworkUDPOpenSSL(
              address,
              port ?? config.defaultSecurePort,
              bindAddress ?? defaultBindAddress,
              verify: config.dtlsVerify,
              withTrustedRoots: config.dtlsWithTrustedRoots,
              ciphers: config.dtlsCiphers,
              namespace: namespace,
              rootCertificates: config.rootCertificates,
            );

[JKRhb]

Oh, very good catch! Do you want to create a PR for fixing the issue? :) Or should I update #146?

[vincent-iQontrol]

I did a PR

[JKRhb]

@vincent-iQontrol Thank you once again for resolving the issue :) Did you also require changes to the dtls package by the way? Or does it work with the version currently available from pub.dev?

[JKRhb]

@vincent-iQontrol FYI: In OpenSSL 3.2, a new BIO method will be introduced, which should resolve the issues with the fragmented handshake messages (which will make it unnecessary to limit the number of ciphers). That should probably make things a lot easier :)

[vincent-iQontrol]

@vincent-iQontrol Thank you once again for resolving the issue :) Did you also require changes to the dtls package by the way? Or does it work with the version currently available from pub.dev?

No changes necessary in dtls package at the moment

[vincent-iQontrol]

@JKRhb do you know where I can find pre-compiled openssl files for android? I need libssl.so and libcrypto.so Thank you in advanced.

[JKRhb]

After doing a quick research, I haven't been able to find precompiled binaries so far :/ Did you have any luck in the meantime?

Otherwise, there is at least a Flutter plugin for libcrypto: https://pub.dev/packages/flutter_openssl_crypto For libssl, however, there does not seem to be one :/

For tinydtls, I created dart_tinydtls_libs which provides binaries for all platforms – maybe we could also do something similar for OpenSSL?

[vincent-iQontrol]

@JKRhb thank you for your reply. I did found some binaries but they crashed the app with the following error: null pointer dereference SSL_CTX_set_verify

A separated plugin for openssl binaries would be nice I think. This makes the dtls feature for the coap package easier to use.

[JKRhb]

@JKRhb thank you for your reply. I did found some binaries but they crashed the app with the following error: null pointer dereference SSL_CTX_set_verify

Hmm, from which OpenSSL version are the binaries? Have you set dtlsVerify to true? And are you using the version from https://github.com/shamblett/coap/pull/149?

[vincent-iQontrol]

@JKRhb thank you for your reply. I did found some binaries but they crashed the app with the following error: null pointer dereference SSL_CTX_set_verify

Hmm, from which OpenSSL version are the binaries? Have you set dtlsVerify to true? And are you using the version from #149?

The binaries where from here: https://github.com/PurpleI2P/OpenSSL-for-Android-Prebuilt the openssl-1.1.1k-clang version with dtlsVerify to false (which is needed)

[vincent-iQontrol]

I have compiled my own openssl libs for android and it's working now! Version 1.1.1

[JKRhb]

@shamblett I think this issue can probably also be closed by the way :) Unless you've experienced any more issues, @vincent-iQontrol?

[vincent-iQontrol]

Yes this can be closed!

[JKRhb]

Yes this can be closed!

Great, thank you for your feedback! :)