W800 HTTPS連接失敗的調試方法

發布於 2024-09-25 17:40:17

使用W800連接https的服務器時,如果遇到連接失敗的問題,可以按如下方式排查。
在demo/wm_demo.h裡打開DEMO_CONSOLE、DEMO_CONNECT_NET和DEMO_HTTP宏定義,http demo也支持https的url。編譯後下載運行固件。
發送t-connect("ssid","password")命令連接網絡。
發送t-httpget("https://www.baidu.com/")連接https服務器,為了便於說明問題,此處假設連接失敗。
當返回連接失敗時,嘗試如下調試方法。
1.打開mbedtls的調試信息,在src/app/mbedtls/include/mbedtls/config.h文件中的第1883行,打開MBEDTLS_DEBUG_C的宏定義,編譯後下載執行,此時可以看到整個連接過程的mbedtls相關的log信息,看是否是在ssl握手階段失敗。
如果是在ssl握手階段失敗,通常是由於client端提供的加密套件與server端不匹配造成的,通過如下log可以看出W800默認只提供了7種加密套件,如果遇到服務器都不支持這7種就會返回握手失敗。

[CMD]t-httpget
Location: https://www.baidu.com/
HTTP Client v1.0

  . Seeding the random number generator... ok
  . Connecting to tcp... ok
  . Setting up the SSL/TLS structure... ok
  . Performing the SSL/TLS handshake...../../../../../../../src/app/mbedtls/library/ssl_tls.c:6850: => handshake
../../../../../../../src/app/mbedtls/library/ssl_cli.c:3400: client state: 0
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2574: => flush output
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2586: <= flush output
../../../../../../../src/app/mbedtls/library/ssl_cli.c:3400: client state: 1
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2574: => flush output
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2586: <= flush output
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0777: => write client hello
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0815: client hello, max version: [3:3]
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0706: client hello, current time: 3436
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0824: dumping 'client hello, random bytes' (32 bytes)
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0824: 0000:  00 00 0d 6c 29 d8 4c 7b 7b 46 1d 34 1b 88 2b 87  ...l).L{{F.4..+.
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0824: 0010:  97 dc c5 9b a2 4a 45 f1 97 91 12 fb 5b 82 3c f7  .....JE.....[.<.
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0877: client hello, session id len.: 0
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0878: dumping 'client hello, session id' (0 bytes)
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 009d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 003d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0035
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 009c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 003c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 002f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 000a
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0937: client hello, got 7 ciphersuites (excluding SCSVs)

2.還是在config.h文件裡,打開更多種類的加密套件。如下打開後編譯再次運行,可以看到加密套件變成了151個。
line 495 MBEDTLS_CIPHER_NULL_CIPHER
line 529 MBEDTLS_ENABLE_WEAK_CIPHERSUITES
line 630 MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
line 661 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
line 681 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
line 706 MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
line 767 MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
line 792 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
line 816 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
line 840 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
line 864 MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
line 883 MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
line 1818 MBEDTLS_CCM_C
line 1933 MBEDTLS_DHM_C
line 1964 MBEDTLS_ECDSA_C
line 1983 MBEDTLS_ECJPAKE_C
line 1804 MBEDTLS_CAMELLIA_C

[CMD]t-httpget
Location: https://www.baidu.com/
HTTP Client v1.0

  . Seeding the random number generator... ok
  . Connecting to tcp... ok
  . Setting up the SSL/TLS structure... ok
  . Performing the SSL/TLS handshake...../../../../../../../src/app/mbedtls/library/ssl_tls.c:6850: => handshake
../../../../../../../src/app/mbedtls/library/ssl_cli.c:3400: client state: 0
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2574: => flush output
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2586: <= flush output
../../../../../../../src/app/mbedtls/library/ssl_cli.c:3400: client state: 1
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2574: => flush output
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2586: <= flush output
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0777: => write client hello
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0815: client hello, max version: [3:3]
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0706: client hello, current time: 4995
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0824: dumping 'client hello, random bytes' (32 bytes)
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0824: 0000:  00 00 13 83 8f 7b 1d ed 70 1c e4 7c 68 c6 fc 73  .....{..p..|h..s
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0824: 0010:  7f 0d 10 7e 85 3f f0 c7 c7 fe 94 d5 40 fd 89 47  ...~.?......@..G
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0877: client hello, session id len.: 0
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0878: dumping 'client hello, session id' (0 bytes)
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c02c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c030
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 009f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0ad
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c09f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c024
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c028
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 006b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c00a
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c014
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0039
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0af
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a3
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c087
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c08b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c07d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c073
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c077
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00c4
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0088
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c02b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c02f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 009e
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0ac
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c09e
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c023
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c027
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0067
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c009
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c013
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0033
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0ae
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a2
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c086
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c08a
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c07c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c072
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c076
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00be
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0045
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00ab
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a7
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c038
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b3
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c036
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0091
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c091
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c09b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c097
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0ab
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00aa
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a6
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c037
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b2
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c035
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0090
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c090
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c096
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c09a
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0aa
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 009d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c09d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 003d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0035
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c032
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c02a
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c00f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c02e
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c026
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c005
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a1
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c07b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00c0
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0084
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c08d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c079
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c089
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c075
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 009c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c09c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 003c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 002f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c031
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c029
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c00e
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c02d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c025
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c004
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a0
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c07a
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00ba
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0041
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c08c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c078
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c088
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c074
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00ad
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b7
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0095
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c093
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c099
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00ac
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b6
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0094
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c092
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c098
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00a9
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a5
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00af
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 008d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c08f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c095
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a9
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00a8
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a4
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00ae
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 008c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c08e
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c094
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c0a8
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c008
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c012
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0016
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c034
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 008f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 000a
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c00d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c003
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0093
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 008b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0015
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0009
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c006
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c010
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c03b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c03a
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c039
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b5
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b4
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 002d
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 003b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0002
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 0001
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c00b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: c001
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b9
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b8
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 002e
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b1
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 00b0
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0925: client hello, add ciphersuite: 002c
../../../../../../../src/app/mbedtls/library/ssl_cli.c:0937: client hello, got 151 ciphersuites (excluding SCSVs)

3.如果握手成功後可以看到server端最後選擇了TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256。

../../../../../../../src/app/mbedtls/library/ssl_cli.c:1493: => parse server hello
../../../../../../../src/app/mbedtls/library/ssl_tls.c:3904: => read record
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2358: => fetch input
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2516: in_left: 0, nb_want: 5
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2540: in_left: 0, nb_want: 5
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2541: ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2561: <= fetch input
../../../../../../../src/app/mbedtls/library/ssl_tls.c:3663: input record: msgtype = 22, version = [3:3], msglen = 87
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2358: => fetch input
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2516: in_left: 5, nb_want: 92
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2540: in_left: 5, nb_want: 92
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2541: ssl->f_recv(_timeout)() returned 87 (-0xffffffa9)
../../../../../../../src/app/mbedtls/library/ssl_tls.c:2561: <= fetch input
../../../../../../../src/app/mbedtls/library/ssl_tls.c:3265: handshake message: msglen = 87, type = 2, hslen = 87
../../../../../../../src/app/mbedtls/library/ssl_tls.c:3937: <= read record
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1573: dumping 'server hello, version' (2 bytes)
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1573: 0000:  03 03                                            ..
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1598: server hello, current time: 1727255022
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1604: dumping 'server hello, random bytes' (32 bytes)
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1604: 0000:  66 f3 d1 ee b1 01 cb 7e a1 69 ad 22 b2 de f7 62  f......~.i."...b
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1604: 0010:  28 c8 dc 38 13 f4 7b 1a 0c 1b f5 92 4a 7a ba 07  (..8..{.....Jz..
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1684: server hello, session id len.: 32
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1685: dumping 'server hello, session id' (32 bytes)
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1685: 0000:  6c bb 70 2a 16 b8 dd a1 06 e0 e2 a3 40 a1 3e b8  l.p*........@.>.
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1685: 0010:  f7 c3 d5 c1 65 64 7c 0a 82 09 6f 47 e9 2b 3e e0  ....ed|...oG.+>.
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1723: no session has been resumed
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1725: server hello, chosen ciphersuite: c02f
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1726: server hello, compress alg.: 0
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1758: server hello, chosen ciphersuite: TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1775: server hello, total extension length: 11
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1795: found renegotiation extension
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1874: found supported_point_formats extension
../../../../../../../src/app/mbedtls/library/ssl_cli.c:1964: <= parse server hello

4.在src/app/mbedtls/library/ssl_ciphersuites.c裡面的ciphersuite_definitions裡找到該套件的相關宏定義,然後在config.h裡把上一步打開的多餘的宏定義再關閉即可。因為打開的加密套件越多,編譯的固件越大。這裡需要保留的宏定義為MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED。

#if defined(MBEDTLS_GCM_C)
    { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
      0 },
#endif /* MBEDTLS_GCM_C */

5.如果上述嘗試後還是連接失敗可以在問答社區發帖求助,具體問題具體分析。

1 條評論

發布
問題