使用W800连接https的服务器时,如果遇到连接失败的问题,可以按如下方式排查。
在demo/wm_demo.h里打开DEMO_CONSOLE、DEMO_CONNECT_NET和DEMO_HTTP宏定义,http demo也支持https的url。编译后下载运行固件。
发送t-connect("ssid","password")命令连接网络。
发送t-httpget("https://www.baidu.com/")连接https服务器,为了便于说明问题,此处假设连接失败。
当返回连接失败时,尝试如下调试方法。
1.打开mbedtls的调试信息,在src/app/mbedtls/include/mbedtls/config.h文件中的第1883行,打开MBEDTLS_DEBUG_C的宏定义,编译后下载执行,此时可以看到整个连接过程的mbedtls相关的log信息,看是否是在ssl握手阶段失败。
如果是在ssl握手阶段失败,通常是由于client端提供的加密套件与server端不匹配造成的,通过如下log可以看出W800默认只提供了7种加密套件,如果遇到服务器都不支持这7种就会返回握手失败。
[CMD]t-httpget
Location: https://www.baidu.com/
HTTP Client v1.0
. Seeding the random number generator... ok
. Connecting to tcp... ok
. Setting up the SSL/TLS structure... ok
. Performing the SSL/TLS handshake...../../../../../../../src/app/mbedtls/library/ssl_tls.c:6850: => handshake
../../../../../../../src/app/mbedtls/library/ssl_cli.c:3400: client state: 0
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2574: => flush output
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2586: <= flush output
../../../../../../../src/app/mbedtls/library/ssl_cli.c:3400: client state: 1
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2574: => flush output
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2586: <= flush output
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0777: => write client hello
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0815: client hello, max version: [3:3]
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0706: client hello, current time: 3436
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0824: dumping 'client hello, random bytes' (32 bytes)
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0824: 0000: 00 00 0d 6c 29 d8 4c 7b 7b 46 1d 34 1b 88 2b 87 ...l).L{{F.4..+.
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0824: 0010: 97 dc c5 9b a2 4a 45 f1 97 91 12 fb 5b 82 3c f7 .....JE.....[.<.
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0877: client hello, session id len.: 0
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0878: dumping 'client hello, session id' (0 bytes)
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 009d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 003d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0035
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 009c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 003c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 002f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 000a
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0937: client hello, got 7 ciphersuites (excluding SCSVs)
2.还是在config.h文件里,打开更多种类的加密套件。如下打开后编译再次运行,可以看到加密套件变成了151个。
line 495 MBEDTLS_CIPHER_NULL_CIPHER
line 529 MBEDTLS_ENABLE_WEAK_CIPHERSUITES
line 630 MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
line 661 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
line 681 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
line 706 MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
line 767 MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
line 792 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
line 816 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
line 840 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
line 864 MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
line 883 MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
line 1818 MBEDTLS_CCM_C
line 1933 MBEDTLS_DHM_C
line 1964 MBEDTLS_ECDSA_C
line 1983 MBEDTLS_ECJPAKE_C
line 1804 MBEDTLS_CAMELLIA_C
[CMD]t-httpget
Location: https://www.baidu.com/
HTTP Client v1.0
. Seeding the random number generator... ok
. Connecting to tcp... ok
. Setting up the SSL/TLS structure... ok
. Performing the SSL/TLS handshake...../../../../../../../src/app/mbedtls/library/ssl_tls.c:6850: => handshake
../../../../../../../src/app/mbedtls/library/ssl_cli.c:3400: client state: 0
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2574: => flush output
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2586: <= flush output
../../../../../../../src/app/mbedtls/library/ssl_cli.c:3400: client state: 1
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2574: => flush output
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2586: <= flush output
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0777: => write client hello
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0815: client hello, max version: [3:3]
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0706: client hello, current time: 4995
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0824: dumping 'client hello, random bytes' (32 bytes)
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0824: 0000: 00 00 13 83 8f 7b 1d ed 70 1c e4 7c 68 c6 fc 73 .....{..p..|h..s
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0824: 0010: 7f 0d 10 7e 85 3f f0 c7 c7 fe 94 d5 40 fd 89 47 ...~.?......@..G
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0877: client hello, session id len.: 0
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0878: dumping 'client hello, session id' (0 bytes)
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c02c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c030
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 009f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0ad
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c09f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c024
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c028
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 006b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c00a
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c014
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0039
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0af
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a3
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c087
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c08b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c07d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c073
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c077
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00c4
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0088
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c02b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c02f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 009e
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0ac
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c09e
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c023
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c027
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0067
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c009
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c013
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0033
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0ae
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a2
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c086
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c08a
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c07c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c072
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c076
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00be
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0045
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00ab
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a7
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c038
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b3
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c036
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0091
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c091
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c09b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c097
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0ab
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00aa
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a6
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c037
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b2
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c035
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0090
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c090
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c096
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c09a
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0aa
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 009d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c09d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 003d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0035
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c032
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c02a
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c00f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c02e
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c026
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c005
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a1
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c07b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00c0
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0084
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c08d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c079
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c089
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c075
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 009c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c09c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 003c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 002f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c031
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c029
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c00e
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c02d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c025
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c004
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a0
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c07a
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00ba
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0041
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c08c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c078
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c088
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c074
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00ad
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b7
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0095
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c093
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c099
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00ac
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b6
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0094
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c092
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c098
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00a9
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a5
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00af
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 008d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c08f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c095
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a9
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00a8
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a4
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00ae
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 008c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c08e
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c094
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a8
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c008
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c012
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0016
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c034
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 008f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 000a
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c00d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c003
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0093
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 008b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0015
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0009
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c006
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c010
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c03b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c03a
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c039
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b5
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b4
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 002d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 003b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0002
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0001
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c00b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c001
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b9
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b8
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 002e
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b1
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b0
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 002c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0937: client hello, got 151 ciphersuites (excluding SCSVs)
3.如果握手成功后可以看到server端最后选择了TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256。
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1493: => parse server hello
../../../../../../../src/app/mbedtls/library/ssl_tls.c:3904: => read record
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2358: => fetch input
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2516: in_left: 0, nb_want: 5
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2540: in_left: 0, nb_want: 5
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2541: ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2561: <= fetch input
../../../../../../../src/app/mbedtls/library/ssl_tls.c:3663: input record: msgtype = 22, version = [3:3], msglen = 87
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2358: => fetch input
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2516: in_left: 5, nb_want: 92
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2540: in_left: 5, nb_want: 92
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2541: ssl->f_recv(_timeout)() returned 87 (-0xffffffa9)
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2561: <= fetch input
../../../../../../../src/app/mbedtls/library/ssl_tls.c:3265: handshake message: msglen = 87, type = 2, hslen = 87
../../../../../../../src/app/mbedtls/library/ssl_tls.c:3937: <= read record
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1573: dumping 'server hello, version' (2 bytes)
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1573: 0000: 03 03 ..
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1598: server hello, current time: 1727255022
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1604: dumping 'server hello, random bytes' (32 bytes)
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1604: 0000: 66 f3 d1 ee b1 01 cb 7e a1 69 ad 22 b2 de f7 62 f......~.i."...b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1604: 0010: 28 c8 dc 38 13 f4 7b 1a 0c 1b f5 92 4a 7a ba 07 (..8..{.....Jz..
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1684: server hello, session id len.: 32
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1685: dumping 'server hello, session id' (32 bytes)
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1685: 0000: 6c bb 70 2a 16 b8 dd a1 06 e0 e2 a3 40 a1 3e b8 l.p*........@.>.
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1685: 0010: f7 c3 d5 c1 65 64 7c 0a 82 09 6f 47 e9 2b 3e e0 ....ed|...oG.+>.
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1723: no session has been resumed
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1725: server hello, chosen ciphersuite: c02f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1726: server hello, compress alg.: 0
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1758: server hello, chosen ciphersuite: TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1775: server hello, total extension length: 11
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1795: found renegotiation extension
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1874: found supported_point_formats extension
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1964: <= parse server hello
4.在src/app/mbedtls/library/ssl_ciphersuites.c里面的ciphersuite_definitions里找到该套件的相关宏定义,然后在config.h里把上一步打开的多余的宏定义再关闭即可。因为打开的加密套件越多,编译的固件越大。这里需要保留的宏定义为MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED。
#if defined(MBEDTLS_GCM_C)
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif /* MBEDTLS_GCM_C */
5.如果上述尝试后还是连接失败可以在问答社区发帖求助,具体问题具体分析。
define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
打开这个宏定义涂鸦MQTT平台终于连上了
ssl_tls.c:3922: mbedtls_ssl_read_record_layer() returned -30592 (-0x7780)