EHS6 transparent sockets with TLS | Telit Cinterion IoT Developer Community
February 20, 2018 - 4:44pm, 2310 views
Hi,
We have an embedded device where we're using an EHS6 modem (REVISION 03.001 / A-REVISION 00.000.31) to upload relatively large files (~20 mb). Using FTP works but is very slow due to the limitations of the SISW calls, so I'm trying to use transparent sockets with a custom protocol instead. This seems to work well for transparent sockets without TLS, but I'm having a lot of trouble with TLS enabled (using a socktcps:// URL).
The problem is that the modem doesn't seem to send any data until it receives data back from the server. You can write data to the serial interface but nothing appears at the server end until the server sends at least one byte back. Then the modem will send whatever it has in its internal buffer but won't send any new data until the server sends something back again.
For testing I've got it connecting to an openssl s_server, and sending a simple message in a loop. I can see it connecting, but it doesn't send the message until I press enter or type something with ^D in the s_server window. Then it sends however many messages it's buffered since I last did anything. Using netcat as a server and connecting with a socktcp:// URL works just like I'd expect - messages arrive without the server sending any data back.
Is this expected behaviour? Is there a configuration setting I'm missing? I'm using ;timer=20 as part of the URL but I'm waiting minutes for the data to arrive at the server.
Hello,
As I understand it is not working correctly with one server while it is working fine with the other. So maybe it has something to do with Nagle's algorithm which you configure with timer parameter. Have you tried other servers with TLS and it always fails? If you owe the test server it would be a good idea to grab a pcap trace but maybe it would be hard to decode the packets because of TLS.
There are updates for your firmware - you could also test.
Regards,
Bartłomiej
Hi, thank you for your reply.
All the testing has been done on the same server, I'm just swapping between using openssl s_server and netcat for with TLS and without. I've also tried connecting to a public HTTPS server and sending a minimal GET request with the same result (the modem reports via AT^SISI that the bytes of the request have been sent and acknowledged, but the server doesn't respond).
I've got some pcap traces as you suggested - what's the best way to send them to you? They seem to show exactly what I'm seeing - no data arrives at the server until the server sends some, then the queued data arrives very shortly afterwards. Without TLS, it all arrives as soon as it's written to the modem.
How can I go about trying the firmware updates?
Thanks,
Jonathan
Hello,
I have sent you newer firmware by email. Please check if there is any difference.
So in your test the data are sent according to SISI command while nothing is sent according to pcap trace on the server side..
It is a little bit strange what you write about GET and public HTTPS servers - it would mean that it should not be possible to read any website. I've been doing HTTPS GET connections many ***** and it was always possible to get reply form server, as I remember. Correction - I've been using non-transparent mode for this.
Anyway please try the new firmware to test if there is a different behavior in your scenario.
Best regards,
Bartłomiej
With some modifications to our devices and some help from our distributor we've now been able to upgrade the EHS6 firmware to A-REVISION 00.000.55 on a few of our devices, and it fixes the problem. Everything now works as expected with socket connections over SSL.
Thanks,
Jonathan
Thanks for the update.
Regards,
Bartłomiej