W800 HTTPS 连接失败的调试方法

发布于 2024-09-25 17: 40: 17

使用 W800 连接 https 的服务器时, 如果遇到连接失败的问题, 可以按如下方式排查.
在 demo/wm_demo. h 里打开 DEMO_CONSOLE, DEMO_CONNECT_NET 和 DEMO_HTTP 宏定义, http demo 也支持 https 的 url. 编译后下载运行固件.
发送 t-connect ("ssid", "password") 命令连接网络.
发送 t-httpget ("https: //www. baidu. com/") 连接 https 服务器, 为了便于说明问题, 此处假设连接失败.
当返回连接失败时, 尝试如下调试方法.
1. 打开 mbedtls 的调试信息, 在 src/app/mbedtls/include/mbedtls/config. h 文件中的第 1883 行, 打开 MBEDTLS_DEBUG_C 的宏定义, 编译后下载执行, 此时可以看到整个连接过程的 mbedtls 相关的 log 信息, 看是否是在 ssl 握手阶段失败.
如果是在 ssl 握手阶段失败, 通常是由于 client 端提供的加密套件与 server 端不匹配造成的, 通过如下 log 可以看出 W800 默认只提供了 7 种加密套件, 如果遇到服务器都不支持这 7 种就会返回握手失败.

[CMD]t-httpget
Location:  https: //www. baidu. com/
HTTP Client v1. 0

  .  Seeding the random number generator. . .  ok
  .  Connecting to tcp. . .  ok
  .  Setting up the SSL/TLS structure. . .  ok
  .  Performing the SSL/TLS handshake. . . . . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 6850:  =  handshake
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 3400:  client state:  0
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2574:  =  flush output
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2586:   = flush output
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 3400:  client state:  1
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2574:  =  flush output
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2586:   = flush output
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0777:  =  write client hello
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0815:  client hello,  max version:  [3: 3]
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0706:  client hello,  current time:  3436
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0824:  dumping 'client hello,  random bytes'  (32 bytes) 
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0824:  0000:   00 00 0d 6c 29 d8 4c 7b 7b 46 1d 34 1b 88 2b 87  . . . l) . L{{F. 4. . +. 
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0824:  0010:   97 dc c5 9b a2 4a 45 f1 97 91 12 fb 5b 82 3c f7  . . . . . JE. . . . . [.  . 
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0877:  client hello,  session id len. :  0
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0878:  dumping 'client hello,  session id'  (0 bytes) 
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  009d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  003d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0035
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  009c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  003c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  002f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  000a
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0937:  client hello,  got 7 ciphersuites  (excluding SCSVs) 

2. 还是在 config. h 文件里, 打开更多种类的加密套件. 如下打开后编译再次运行, 可以看到加密套件变成了 151 个.
line 495 MBEDTLS_CIPHER_NULL_CIPHER
line 529 MBEDTLS_ENABLE_WEAK_CIPHERSUITES
line 630 MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
line 661 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
line 681 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
line 706 MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
line 767 MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
line 792 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
line 816 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
line 840 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
line 864 MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
line 883 MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
line 1818 MBEDTLS_CCM_C
line 1933 MBEDTLS_DHM_C
line 1964 MBEDTLS_ECDSA_C
line 1983 MBEDTLS_ECJPAKE_C
line 1804 MBEDTLS_CAMELLIA_C

[CMD]t-httpget
Location:  https: //www. baidu. com/
HTTP Client v1. 0

  .  Seeding the random number generator. . .  ok
  .  Connecting to tcp. . .  ok
  .  Setting up the SSL/TLS structure. . .  ok
  .  Performing the SSL/TLS handshake. . . . . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 6850:  =  handshake
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 3400:  client state:  0
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2574:  =  flush output
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2586:   = flush output
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 3400:  client state:  1
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2574:  =  flush output
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2586:   = flush output
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0777:  =  write client hello
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0815:  client hello,  max version:  [3: 3]
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0706:  client hello,  current time:  4995
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0824:  dumping 'client hello,  random bytes'  (32 bytes) 
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0824:  0000:   00 00 13 83 8f 7b 1d ed 70 1c e4 7c 68 c6 fc 73  . . . . . {. . p. . |h. . s
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0824:  0010:   7f 0d 10 7e 85 3f f0 c7 c7 fe 94 d5 40 fd 89 47  . . . ~. ? . . . . . . @. . G
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0877:  client hello,  session id len. :  0
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0878:  dumping 'client hello,  session id'  (0 bytes) 
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c02c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c030
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  009f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c0ad
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c09f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c024
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c028
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  006b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c00a
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c014
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0039
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c0af
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c0a3
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c087
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c08b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c07d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c073
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c077
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00c4
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0088
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c02b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c02f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  009e
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c0ac
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c09e
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c023
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c027
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0067
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c009
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c013
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0033
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c0ae
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c0a2
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c086
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c08a
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c07c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c072
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c076
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00be
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0045
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00ab
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c0a7
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c038
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00b3
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c036
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0091
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c091
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c09b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c097
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c0ab
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00aa
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c0a6
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c037
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00b2
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c035
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0090
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c090
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c096
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c09a
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c0aa
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  009d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c09d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  003d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0035
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c032
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c02a
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c00f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c02e
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c026
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c005
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c0a1
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c07b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00c0
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0084
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c08d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c079
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c089
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c075
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  009c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c09c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  003c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  002f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c031
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c029
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c00e
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c02d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c025
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c004
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c0a0
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c07a
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00ba
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0041
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c08c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c078
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c088
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c074
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00ad
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00b7
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0095
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c093
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c099
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00ac
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00b6
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0094
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c092
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c098
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00a9
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c0a5
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00af
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  008d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c08f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c095
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c0a9
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00a8
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c0a4
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00ae
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  008c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c08e
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c094
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c0a8
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c008
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c012
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0016
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c034
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  008f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  000a
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c00d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c003
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0093
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  008b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0015
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0009
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c006
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c010
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c03b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c03a
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c039
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00b5
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00b4
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  002d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  003b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0002
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  0001
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c00b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  c001
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00b9
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00b8
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  002e
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00b1
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  00b0
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925:  client hello,  add ciphersuite:  002c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0937:  client hello,  got 151 ciphersuites  (excluding SCSVs) 

3. 如果握手成功后可以看到 server 端最后选择了 TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256.

. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1493:  =  parse server hello
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 3904:  =  read record
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2358:  =  fetch input
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2516:  in_left:  0,  nb_want:  5
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2540:  in_left:  0,  nb_want:  5
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2541:  ssl- f_recv (_timeout)  ()  returned 5  (-0xfffffffb) 
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2561:   = fetch input
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 3663:  input record:  msgtype = 22,  version = [3: 3],  msglen = 87
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2358:  =  fetch input
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2516:  in_left:  5,  nb_want:  92
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2540:  in_left:  5,  nb_want:  92
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2541:  ssl- f_recv (_timeout)  ()  returned 87  (-0xffffffa9) 
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2561:   = fetch input
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 3265:  handshake message:  msglen = 87,  type = 2,  hslen = 87
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 3937:   = read record
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1573:  dumping 'server hello,  version'  (2 bytes) 
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1573:  0000:   03 03                                            . . 
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1598:  server hello,  current time:  1727255022
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1604:  dumping 'server hello,  random bytes'  (32 bytes) 
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1604:  0000:   66 f3 d1 ee b1 01 cb 7e a1 69 ad 22 b2 de f7 62  f. . . . . . ~. i. ". . . b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1604:  0010:   28 c8 dc 38 13 f4 7b 1a 0c 1b f5 92 4a 7a ba 07   (. . 8. . {. . . . . Jz. . 
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1684:  server hello,  session id len. :  32
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1685:  dumping 'server hello,  session id'  (32 bytes) 
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1685:  0000:   6c bb 70 2a 16 b8 dd a1 06 e0 e2 a3 40 a1 3e b8  l. p*. . . . . . . . @.  . 
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1685:  0010:   f7 c3 d5 c1 65 64 7c 0a 82 09 6f 47 e9 2b 3e e0  . . . . ed|. . . oG. + . 
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1723:  no session has been resumed
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1725:  server hello,  chosen ciphersuite:  c02f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1726:  server hello,  compress alg. :  0
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1758:  server hello,  chosen ciphersuite:  TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1775:  server hello,  total extension length:  11
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1795:  found renegotiation extension
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1874:  found supported_point_formats extension
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1964:   = parse server hello

4. 在 src/app/mbedtls/library/ssl_ciphersuites. c 里面的 ciphersuite_definitions 里找到该套件的相关宏定义, 然后在 config. h 里把上一步打开的多余的宏定义再关闭即可. 因为打开的加密套件越多, 编译的固件越大. 这里需要保留的宏定义为 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED.

#if defined (MBEDTLS_GCM_C) 
    { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,  "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256", 
      MBEDTLS_CIPHER_AES_128_GCM,  MBEDTLS_MD_SHA256,  MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 
      MBEDTLS_SSL_MAJOR_VERSION_3,  MBEDTLS_SSL_MINOR_VERSION_3, 
      MBEDTLS_SSL_MAJOR_VERSION_3,  MBEDTLS_SSL_MINOR_VERSION_3, 
      0 }, 
#endif /* MBEDTLS_GCM_C */

5. 如果上述尝试后还是连接失败可以在问答社区发帖求助, 具体问题具体分析.

1 条评论

发布
问题