我想使用Pushbullet推送服务创建一个nodeMCU IoT项目。 我正在尝试制作许多相同的项目示例。
我的项目几乎与下面的示例相同。
nodemcu-pushbullet-notification
这看起来很简单,但是我遇到了意外的困难。
HTTPS握手失败,错误40。错误40表示收到警报消息。为什么nodeMCU从Pushbullet API收到警报消息?这是mbed tls库的限制吗?还是我滥用?
我可以请任何人解释以下tls日志吗?
WiFi connection established, IP address: 192.168.43.246
HTTP client: hostname=api.pushbullet.com
HTTP client: port=443
HTTP client: method=POST
HTTP client: path=/v2/pushes
HTTP client: DNS request
HTTP client: DNS pending
HTTP client: DNS found api.pushbullet.com 172.217.31.147
client handshake start.
espconn_mbedtls.c 667, type[certificate],length[846]
TLS<2> (heap=19408): ssl_tls.c:6850 => handshake
TLS<2> (heap=19408): ssl_cli.c:3400 client state: 0
TLS<2> (heap=19408): ssl_tls.c:2574 => flush output
TLS<2> (heap=19408): ssl_tls.c:2586 <= flush output
TLS<2> (heap=19408): ssl_cli.c:3400 client state: 1
TLS<2> (heap=19408): ssl_tls.c:2574 => flush output
TLS<2> (heap=19408): ssl_tls.c:2586 <= flush output
TLS<2> (heap=19408): ssl_cli.c:777 => write client hello
TLS<3> (heap=19408): ssl_cli.c:815 client hello, max version: [3:3]
TLS<3> (heap=19408): ssl_cli.c:824 dumping 'client hello, random bytes' (32 bytes)
TLS<3> (heap=19408): ssl_cli.c:824 0000: 4d 19 c2 f3 ab 90 2f 31 19 16 4d 45 ff 45 af cb M...../1..ME.E..
TLS<3> (heap=19408): ssl_cli.c:824 0010: 38 eb cc 0d c3 2a 1d 4c 2a b5 eb df 10 6e d1 4d 8....*.L*....n.M
TLS<3> (heap=19408): ssl_cli.c:877 client hello, session id len.: 0
TLS<3> (heap=19408): ssl_cli.c:878 dumping 'client hello, session id' (0 bytes)
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c02c
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c030
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 009f
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0ad
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c09f
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c024
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c028
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 006b
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c00a
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c014
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 0039
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0af
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0a3
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c087
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c08b
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c07d
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c073
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c077
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 00c4
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 0088
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c02b
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c02f
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 009e
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0ac
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c09e
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c023
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c027
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 0067
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c009
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c013
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 0033
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0ae
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0a2
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c086
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c08a
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c07c
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c072
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c076
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 00be
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 0045
TLS<3> (heap=19408): ssl_cli.c:937 client hello, got 40 ciphersuites (excluding SCSVs)
TLS<3> (heap=19408): ssl_cli.c:946 adding EMPTY_RENEGOTIATION_INFO_SCSV
TLS<3> (heap=19408): ssl_cli.c:995 client hello, compress len.: 1
TLS<3> (heap=19408): ssl_cli.c:997 client hello, compress alg.: 0
TLS<3> (heap=19408): ssl_cli.c:189 client hello, adding signature_algorithms extension
TLS<3> (heap=19408): ssl_cli.c:274 client hello, adding supported_elliptic_curves extension
TLS<3> (heap=19408): ssl_cli.c:339 client hello, adding supported_point_formats extension
TLS<3> (heap=19408): ssl_cli.c:453 client hello, adding max_fragment_length extension
TLS<3> (heap=19408): ssl_cli.c:521 client hello, adding encrypt_then_mac extension
TLS<3> (heap=19408): ssl_cli.c:555 client hello, adding extended_master_secret extension
TLS<3> (heap=19408): ssl_cli.c:588 client hello, adding session ticket extension
TLS<3> (heap=19408): ssl_cli.c:1074 client hello, total extension length: 65
TLS<2> (heap=19408): ssl_tls.c:2867 => write record
TLS<3> (heap=19408): ssl_tls.c:3013 output record: msgtype = 22, version = [3:2], msglen = 192
TLS<4> (heap=19408): ssl_tls.c:3016 dumping 'output record sent to network' (197 bytes)
TLS<4> (heap=19408): ssl_tls.c:3016 0000: 16 03 02 00 c0 01 00 00 bc 03 03 4d 19 c2 f3 ab ...........M....
TLS<4> (heap=19408): ssl_tls.c:3016 0010: 90 2f 31 19 16 4d 45 ff 45 af cb 38 eb cc 0d c3 ./1..ME.E..8....
TLS<4> (heap=19408): ssl_tls.c:3016 0020: 2a 1d 4c 2a b5 eb df 10 6e d1 4d 00 00 52 c0 2c *.L*....n.M..R.,
TLS<4> (heap=19408): ssl_tls.c:3016 0030: c0 30 00 9f c0 ad c0 9f c0 24 c0 28 00 6b c0 0a .0.......$.(.k..
TLS<4> (heap=19408): ssl_tls.c:3016 0040: c0 14 00 39 c0 af c0 a3 c0 87 c0 8b c0 7d c0 73 ...9.........}.s
TLS<4> (heap=19408): ssl_tls.c:3016 0050: c0 77 00 c4 00 88 c0 2b c0 2f 00 9e c0 ac c0 9e .w.....+./......
TLS<4> (heap=19408): ssl_tls.c:3016 0060: c0 23 c0 27 00 67 c0 09 c0 13 00 33 c0 ae c0 a2 .#.'.g.....3....
TLS<4> (heap=19408): ssl_tls.c:3016 0070: c0 86 c0 8a c0 7c c0 72 c0 76 00 be 00 45 00 ff .....|.r.v...E..
TLS<4> (heap=19408): ssl_tls.c:3016 0080: 01 00 00 41 00 0d 00 16 00 14 06 03 06 01 05 03 ...A............
TLS<4> (heap=19408): ssl_tls.c:3016 0090: 05 01 04 03 04 01 03 03 03 01 02 03 02 01 00 0a ................
TLS<4> (heap=19408): ssl_tls.c:3016 00a0: 00 0c 00 0a 00 18 00 1b 00 17 00 16 00 1a 00 0b ................
TLS<4> (heap=19408): ssl_tls.c:3016 00b0: 00 02 01 00 00 01 00 01 04 00 16 00 00 00 17 00 ................
TLS<4> (heap=19408): ssl_tls.c:3016 00c0: 00 00 23 00 00 ..#..
TLS<2> (heap=19408): ssl_tls.c:2574 => flush output
TLS<2> (heap=19408): ssl_tls.c:2593 message length: 197, out_left: 197
TLS<2> (heap=17864): ssl_tls.c:2599 ssl->f_send() returned 197 (-0xffffff3b)
TLS<2> (heap=17864): ssl_tls.c:2626 <= flush output
TLS<2> (heap=17864): ssl_tls.c:3025 <= write record
TLS<2> (heap=17864): ssl_cli.c:1100 <= write client hello
TLS<2> (heap=17864): ssl_cli.c:3400 client state: 2
TLS<2> (heap=17864): ssl_tls.c:2574 => flush output
TLS<2> (heap=17864): ssl_tls.c:2586 <= flush output
TLS<2> (heap=17864): ssl_cli.c:1493 => parse server hello
TLS<2> (heap=17864): ssl_tls.c:3904 => read record
TLS<2> (heap=17864): ssl_tls.c:2358 => fetch input
TLS<2> (heap=17864): ssl_tls.c:2516 in_left: 0, nb_want: 5
TLS<2> (heap=17864): ssl_tls.c:2540 in_left: 0, nb_want: 5
TLS<2> (heap=17864): ssl_tls.c:6860 <= handshake
TLS<2> (heap=19408): ssl_tls.c:6850 => handshake
TLS<2> (heap=19408): ssl_cli.c:3400 client state: 2
TLS<2> (heap=19408): ssl_tls.c:2574 => flush output
TLS<2> (heap=19408): ssl_tls.c:2586 <= flush output
TLS<2> (heap=19408): ssl_cli.c:1493 => parse server hello
TLS<2> (heap=19408): ssl_tls.c:3904 => read record
TLS<2> (heap=19408): ssl_tls.c:2358 => fetch input
TLS<2> (heap=19408): ssl_tls.c:2516 in_left: 0, nb_want: 5
TLS<2> (heap=19408): ssl_tls.c:2540 in_left: 0, nb_want: 5
TLS<2> (heap=19408): ssl_tls.c:2541 ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
TLS<2> (heap=19408): ssl_tls.c:2561 <= fetch input
TLS<4> (heap=19408): ssl_tls.c:3654 dumping 'input record header' (5 bytes)
TLS<4> (heap=19408): ssl_tls.c:3654 0000: 15 03 01 00 02 .....
TLS<3> (heap=19408): ssl_tls.c:3663 input record: msgtype = 21, version = [3:1], msglen = 2
TLS<2> (heap=19408): ssl_tls.c:2358 => fetch input
TLS<2> (heap=19408): ssl_tls.c:2516 in_left: 5, nb_want: 7
TLS<2> (heap=19408): ssl_tls.c:2540 in_left: 5, nb_want: 7
TLS<2> (heap=19408): ssl_tls.c:2541 ssl->f_recv(_timeout)() returned 2 (-0xfffffffe)
TLS<2> (heap=19408): ssl_tls.c:2561 <= fetch input
TLS<4> (heap=19408): ssl_tls.c:3833 dumping 'input record from network' (7 bytes)
TLS<4> (heap=19408): ssl_tls.c:3833 0000: 15 03 01 00 02 02 28 ......(
TLS<2> (heap=19408): ssl_tls.c:4246 got an alert message, type: [2:40]
TLS<1> (heap=19408): ssl_tls.c:4254 is a fatal alert message (msg 40)
TLS<1> (heap=19408): ssl_tls.c:3922 mbedtls_ssl_read_record_layer() returned -30592 (-0x7780)
TLS<1> (heap=19408): ssl_cli.c:1500 mbedtls_ssl_read_record() returned -30592 (-0x7780)
TLS<2> (heap=19408): ssl_tls.c:6860 <= handshake
client handshake failed!
Reason:[-0x7780]
答案 0 :(得分:1)
Pushbullet使用带有https://www.ssllabs.com/ssltest/analyze.html?d=api.pushbullet.com的SSL证书。可以在NodeMCU TLS documentation上进行证书分析。
Espressif SDK不支持{{3}} SNI。
Espressif提供的TLS胶不提供与TLS SNI的接口。因此,不应期望NodeMCU TLS可与需要使用SNI的端点一起使用,而SNI是Internet中越来越多的一部分...