"Bad file number" error when server closes the connection

[lucasssvaz]

Board

Any with Wi-Fi

Device Description

Tested using ESP32 And ESP32-S3 devkits.

Hardware Configuration

Button with PD on GPIO 35 or change GPIO in the example to the BOOT button.

Version

latest master (checkout manually)

IDE Name

Arduino IDE

Operating System

Linux

Flash frequency

40MHz

PSRAM enabled

no

Upload speed

115200

Description

When the server closes the connection and mbedtls notifies it using MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY, many setSocketOption(): fail on 0, errno: 9, "Bad file number" errors happen. It appears to be caused when checking connection with WiFiClientSecure::connected() (needs confirmation, haven't checked too deeply). It doesn't affect the functionality of the code but expected behavior is for the function to return false and not throw errors.

Sketch

Example from #9103

Debug Message

[  1227][V][esp32-hal-uart.c:396] uartBegin(): UART0 baud(115200) Mode(800001c) rxPin(3) txPin(1)
[  1236][V][esp32-hal-uart.c:482] uartBegin(): UART0 not installed. Starting installation
[  1246][V][esp32-hal-uart.c:527] uartBegin(): UART0 initialization done.
[  1362][V][esp32-hal-periman.c:229] perimanSetBusDeinit(): Deinit function for type GPIO (1) successfully set to 0x4016b9d8
[  1374][V][esp32-hal-periman.c:154] perimanSetPinBus(): Pin 0 successfully set to type GPIO (1) with bus 0x1
TOFU pegged to fingerprint: SHA256=d8:d4:da:06:9f:44:48:53:f1:32:0c:8d:80:d0:94:9f:f6:38:f1:28:a4:63:a4:0e:df:ec:4b:3d:10:2b:9f:75
Note: You can check this fingerprint by going to the URL
<https://www.howsmyssl.com> and then click on the lock icon.

Attempting to connect to SSID: Vaz_2.4GHz
[  1421][D][WiFiGeneric.cpp:1055] _eventCallback(): Arduino Event: 0 - WIFI_READY
[  1492][V][WiFiGeneric.cpp:345] _arduino_event_cb(): STA Started
[  1494][V][WiFiGeneric.cpp:98] set_esp_interface_ip(): Configuring Station static IP: 0.0.0.0, MASK: 0.0.0.0, GW: 0.0.0.0
[  1511][D][WiFiGeneric.cpp:1055] _eventCallback(): Arduino Event: 2 - STA_START
.[  1689][V][WiFiGeneric.cpp:360] _arduino_event_cb(): STA Connected: SSID: Vaz_2.4GHz, BSSID: 84:0b:bb:29:c2:20, Channel: 1, Auth: WPA2_PSK
[  1702][D][WiFiGeneric.cpp:1055] _eventCallback(): Arduino Event: 4 - STA_CONNECTED
[  1750][V][WiFiGeneric.cpp:374] _arduino_event_cb(): STA Got New IP:192.168.15.39
[  1757][D][WiFiGeneric.cpp:1055] _eventCallback(): Arduino Event: 7 - STA_GOT_IP
[  1765][D][WiFiGeneric.cpp:1119] _eventCallback(): STA IP: 192.168.15.39, MASK: 255.255.255.0, GW: 192.168.15.1
Connected to Vaz_2.4GHz
Trying to connect to a server; using TOFU details from the eeprom
[  2561][V][ssl_client.cpp:61] start_ssl_client(): Free internal heap before TLS 252864
[  2569][V][ssl_client.cpp:67] start_ssl_client(): Starting socket
[  3925][V][ssl_client.cpp:145] start_ssl_client(): Seeding the random number generator
[  3934][V][ssl_client.cpp:154] start_ssl_client(): Setting up the SSL/TLS structure...
[  3942][D][ssl_client.cpp:175] start_ssl_client(): WARNING: Skipping SSL Verification. INSECURE!
[  3951][V][ssl_client.cpp:256] start_ssl_client(): Setting hostname for TLS session...
[  3959][V][ssl_client.cpp:271] start_ssl_client(): Performing the SSL/TLS handshake...
[  4744][V][ssl_client.cpp:292] start_ssl_client(): Verifying peer X.509 certificate...
[  4752][V][ssl_client.cpp:300] start_ssl_client(): Certificate verified.
[  4758][V][ssl_client.cpp:315] start_ssl_client(): Free internal heap after TLS 209024
All well - you are talking to the same server as
when you set up TOFU. So we can now do a GET.


[  4766][V][ssl_client.cpp:371] send_ssl_data(): Writing HTTP request with 21 bytes...
[  4784][V][ssl_client.cpp:371] send_ssl_data(): Writing HTTP request with 2 bytes...
[  4792][V][ssl_client.cpp:371] send_ssl_data(): Writing HTTP request with 6 bytes...
[  4800][V][ssl_client.cpp:371] send_ssl_data(): Writing HTTP request with 17 bytes...
[  4809][V][ssl_client.cpp:371] send_ssl_data(): Writing HTTP request with 2 bytes...
[  4817][V][ssl_client.cpp:371] send_ssl_data(): Writing HTTP request with 17 bytes...
[  4826][V][ssl_client.cpp:371] send_ssl_data(): Writing HTTP request with 2 bytes...
[  4834][V][ssl_client.cpp:371] send_ssl_data(): Writing HTTP request with 2 bytes...
HTTP/1.0 200 OK
Access-Control-Allow-Origin: *
Content-Length: 3501
Content-Type: application/json
Strict-Transport-Security: max-age=631138519; includeSubdomains; preload
Vary: Accept-Encoding
Date: Thu, 18 Jan 2024 15:17:16 GMT

-- headers received. Payload follows


[  5105][V][ssl_client.cpp:323] stop_ssl_socket(): Cleaning SSL connection.
[  5240][E][WiFiClient.cpp:329] setSocketOption(): fail on 0, errno: 9, "Bad file number"
[  5248][E][WiFiClient.cpp:329] setSocketOption(): fail on 0, errno: 9, "Bad file number"
[  5256][E][WiFiClient.cpp:329] setSocketOption(): fail on 0, errno: 9, "Bad file number"
[  5264][E][WiFiClient.cpp:329] setSocketOption(): fail on 0, errno: 9, "Bad file number"
...
[  6094][E][WiFiClient.cpp:329] setSocketOption(): fail on 0, errno: 9, "Bad file number"
[  6102][E][WiFiClient.cpp:329] setSocketOption(): fail on 0, errno: 9, "Bad file number"
{"given_cipher_suites":["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_CCM","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8","TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384","TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CCM","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8","TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256","TLS_RSA_WITH_AES_256_GCM_SHA384","TLS_RSA_WITH_AES_256_CCM","TLS_RSA_WITH_AES_256_CBC_SHA256","TLS_RSA_WITH_AES_256_CBC_SHA","TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384","TLS_ECDH_RSA_WITH_AES_256_CBC_SHA","TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA","TLS_RSA_WITH_AES_256_CCM_8","TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384","TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256","TLS_RSA_WITH_CAMELLIA_256_CBC_SHA","TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384","TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384","TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384","TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384","TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384","TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384","TLS_RSA_WITH_ARIA_256_GCM_SHA384","TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384","TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384","TLS_RSA_WITH_ARIA_256_CBC_SHA384","TLS_RSA_WITH_AES_128_GCM_SHA256","TLS_RSA_WITH_AES_128_CCM","TLS_RSA_WITH_AES_128_CBC_SHA256","TLS_RSA_WITH_AES_128_CBC_SHA","TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDH_RSA_WITH_AES_128_CBC_SHA","TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA","TLS_RSA_WITH_AES_128_CCM_8","TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256","TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256","TLS_RSA_WITH_CAMELLIA_128_CBC_SHA","TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256","TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256","TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256","TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256","TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256","TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256","TLS_RSA_WITH_ARIA_128_GCM_SHA256","TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256","TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256","TLS_RSA_WITH_ARIA_128_CBC_SHA256","TLS_EMPTY_RENEGOTIATION_INFO_SCSV"],"ephemeral_keys_supported":true,"session_ticket_supported":true,"tls_compression_supported":false,"unknown_cipher_suite_supported":false,"beast_vuln":false,"able_to_detect_n_minus_one_splitting":false,"insecure_cipher_suites":{},"tls_version":"TLS 1.2","rating":"Probably Okay"}[  6407][E][WiFiClient.cpp:329] setSocketOption(): fail on 0, errno: 9, "Bad file number"


-- Payload ended.
[  6422][V][ssl_client.cpp:323] stop_ssl_socket(): Cleaning SSL connection.
ALL OK

[robertlipe]

There's no actual code here, but that seems like kind of expected behavior. If the other end has closed a connection, any further operation on that socket has to fail, either loudly or quietly.

We figure the error is being gnerated by

arduino-esp32/libraries/WiFi/src/WiFiClient.cpp

Line 329 in ccacb7e

log_e("fail on %d, errno: %d, \"%s\"", fd(), errno, strerror(errno));

but you didn't show whatever is calling that code. It should see setSocketOption failing, act on the failure (probably by cleaning up whatever resources were allocated, including a call to close(), and going back to an unconnected state) and carryng on or restarting or exiting or whatever it should do upon connection loss. It certainly can't continue as there's no one left to it to talk to.

You say it's not returning errors, but for that text to be shown, that method is certainly returning an error to the caller:

int WiFiClient::setSocketOption(int level, int option, const void* value, size_t len)
{
int res = setsockopt(fd(), level, option, value, len);
if(res < 0) {
log_e("fail on %d, errno: %d, "%s"", fd(), errno, strerror(errno));
}
return res;
}

It's returning an errno, not true or false as you seem to expect. This is consistent for sockopt for decades
https://pubs.opengroup.org/onlinepubs/000095399/functions/setsockopt.html