|
From: | address@hidden |
Subject: | Re: [lwip-users] mbedtls |
Date: | Wed, 19 Feb 2020 14:03:55 +0100 (CET) |
Hello,
guess we are struggling with the same issue. I am using a TIVA TM4C129 Cortex M4 processor with 256K RAM. I can see that you connection also sometimes drops with an alert 2/46. I have activated the mbedTLS debugging and can see that this always happens after unsuccessfully trying to allocate a buffer of 16kByte. I have now reduced the number of connections down to 4 - although my webpages contain a lot of _javascript_ so that the browser tries to open more than 10 connections. But this is no issue. TCP will just not send an ACK on the received SYN, so the browser tries again later. For me this solved at least this issue. There are still others. As Mario said on your other thread: it seems it is a long way to go to optimize all.
Klaus
-----Original-Nachricht-----
Betreff: Re: [lwip-users] mbedtls
Datum: 2020-02-19T12:42:36+0100
Von: "Trampas Stern" <address@hidden>
An: "Mailing list for lwIP users" <address@hidden>
What processor do you have, do you have enough RAM?
How do you turn off DEBUG problem occurs?
When the browser downloads each file, a new connection is made, which
consumes RAM. Process httpd for a permanent connection which is only
one handshake.
wt., 18 lut 2020 o 21:48 Trampas Stern <address@hidden> napisał(a):
>
> Right now the interface sometimes works and sometimes does not not. I have not found the issue, maybe some one can point me in the right direction?
>
> Thanks
> Trampas
>
> ssl_tls.c 8936: => free
> ssl_tls.c 9001: <= free
> ethernet.c 313: Network up IP=192.168.168.156
> tcp_out.c 1097: tcp_enqueue_flags: queueing 6562:6563 (0x12)
> tcp_out.c 1546: tcp_output_segment: 6562:6562
> tcp_out.c 1097: tcp_enqueue_flags: queueing 6614:6615 (0x12)
> tcp_out.c 1546: tcp_output_segment: 6614:6614
> httpd.c 2804: http_accept 20454be0 / 0
> tcp_out.c 1268: tcp_output: nothing to send (0)
> ssl_tls.c 8086: => handshake
> ssl_srv.c 4261: server state: 0
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 4261: server state: 1
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 1213: => parse client hello
> ssl_tls.c 2538: => fetch input
> ssl_tls.c 2699: in_left: 0, nb_want: 5
> ssl_tls.c 2723: in_left: 0, nb_want: 5
> ssl_tls.c 2744: <= fetch input
> ssl_srv.c 1257: client hello v3, message type: 22
> ssl_srv.c 1266: client hello v3, message len.: 512
> ssl_srv.c 1269: client hello v3, protocol version: [3:1]
> ssl_tls.c 2538: => fetch input
> ssl_tls.c 2699: in_left: 5, nb_want: 517
> ssl_tls.c 2723: in_left: 5, nb_want: 517
> ssl_tls.c 2744: <= fetch input
> ssl_srv.c 1369: client hello v3, handshake type: 1
> ssl_srv.c 1378: client hello v3, handshake len.: 508
> ssl_srv.c 1830: unknown extension found: 19018 (ignoring)
> ssl_srv.c 1800: found extended master secret extension
> ssl_srv.c 1713: found renegotiation extension
> ssl_srv.c 1740: found supported elliptic curves extension
> ssl_srv.c 1748: found supported point formats extension
> ssl_srv.c 377: point format selected: 0
> ssl_srv.c 1810: found session ticket extension
> ssl_srv.c 1820: found alpn extension
> ssl_srv.c 1830: unknown extension found: 5 (ignoring)
> ssl_srv.c 1726: found signature_algorithms extension
> ssl_srv.c 267: client hello v3, signature_algorithm ext: match sig 4 and hash 6
> ssl_srv.c 249: client hello v3, signature_algorithm ext unknown sig alg encoding 4
> ssl_srv.c 267: client hello v3, signature_algorithm ext: match sig 1 and hash 6
> ssl_srv.c 267: client hello v3, signature_algorithm ext: match sig 4 and hash 7
> ssl_srv.c 249: client hello v3, signature_algorithm ext unknown sig alg encoding 5
> ssl_srv.c 267: client hello v3, signature_algorithm ext: match sig 1 and hash 7
> ssl_srv.c 249: client hello v3, signature_algorithm ext unknown sig alg encoding 6
> ssl_srv.c 267: client hello v3, signature_algorithm ext: match sig 1 and hash 8
> ssl_srv.c 272: client hello v3, signature_algorithm ext: hash alg 4 not supported
> ssl_srv.c 1830: unknown extension found: 18 (ignoring)
> ssl_srv.c 1830: unknown extension found: 51 (ignoring)
> ssl_srv.c 1830: unknown extension found: 45 (ignoring)
> ssl_srv.c 1830: unknown extension found: 43 (ignoring)
> ssl_srv.c 1830: unknown extension found: 27 (ignoring)
> ssl_srv.c 1830: unknown extension found: 35466 (ignoring)
> ssl_srv.c 1830: unknown extension found: 21 (ignoring)
> ssl_srv.c 822: trying ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
> ssl_srv.c 720: ciphersuite requires certificate
> ssl_srv.c 731: candidate certificate chain, certificate
> ssl_srv.c 793: selected certificate chain, certificate
> ssl_srv.c 2001: selected ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
> ssl_srv.c 2035: <= parse client hello
> ssl_srv.c 4261: server state: 2
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 2419: => write server hello
> ssl_srv.c 2453: server hello, chosen version: [3:3]
> ssl_srv.c 2462: server hello, current time: 4294967295
> ssl_srv.c 2550: server hello, session id len.: 32
> ssl_srv.c 2553: no session has been resumed
> ssl_srv.c 2560: server hello, chosen ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
> ssl_srv.c 2562: server hello, compress alg.: 0x00
> ssl_srv.c 2172: server hello, secure renegotiation extension
> ssl_srv.c 2123: server hello, adding extended master secret extension
> ssl_srv.c 2243: server hello, supported_point_formats extension
> ssl_srv.c 2621: server hello, total extension length: 15
> ssl_tls.c 3186: => write handshake message
> ssl_tls.c 3345: => write record
> ssl_tls.c 3425: output record: msgtype = 22, version = [3:3], msglen = 91
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2776: message length: 96, out_left: 96
> tcp_out.c 428: tcp_write(pcb=20454788, data="" len=96, apiflags=1)
> tcp_out.c 691: tcp_write: queueing 6615:6711
> ssl_tls.c 2809: <= flush output
> ssl_tls.c 3478: <= write record
> ssl_tls.c 3322: <= write handshake message
> ssl_srv.c 2640: <= write server hello
> ssl_srv.c 4261: server state: 3
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_tls.c 5331: => write certificate
> ssl_tls.c 5383: own certificate
> ssl_tls.c 3186: => write handshake message
> ssl_tls.c 3345: => write record
> ssl_tls.c 3425: output record: msgtype = 22, version = [3:3], msglen = 595
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2776: message length: 600, out_left: 600
> tcp_out.c 428: tcp_write(pcb=20454788, data="" len=600, apiflags=1)
> ssl_tls.c 2809: <= flush output
> ssl_tls.c 3478: <= write record
> ssl_tls.c 3322: <= write handshake message
> ssl_tls.c 5435: <= write certificate
> ssl_srv.c 4261: server state: 4
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 3273: => write server key exchange
> ssl_srv.c 3051: ECDHE curve: secp384r1
> ssl_srv.c 3140: pick hash algorithm 6 for signing
> ssl_tls.c 3186: => write handshake message
> ssl_tls.c 3345: => write record
> ssl_tls.c 3425: output record: msgtype = 22, version = [3:3], msglen = 180
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2776: message length: 185, out_left: 185
> tcp_out.c 428: tcp_write(pcb=20454788, data="" len=185, apiflags=1)
> ssl_tls.c 2809: <= flush output
> ssl_tls.c 3478: <= write record
> ssl_tls.c 3322: <= write handshake message
> ssl_srv.c 3357: <= write server key exchange
> ssl_srv.c 4261: server state: 5
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 2685: => write certificate request
> ssl_tls.c 3186: => write handshake message
> ssl_tls.c 3345: => write record
> ssl_tls.c 3425: output record: msgtype = 22, version = [3:3], msglen = 19
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2776: message length: 24, out_left: 24
> tcp_out.c 428: tcp_write(pcb=20454788, data="" len=24, apiflags=1)
> ssl_tls.c 2809: <= flush output
> ssl_tls.c 3478: <= write record
> ssl_tls.c 3322: <= write handshake message
> ssl_srv.c 2835: <= write certificate request
> ssl_srv.c 4261: server state: 6
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 3365: => write server hello done
> ssl_tls.c 3186: => write handshake message
> ssl_tls.c 3345: => write record
> ssl_tls.c 3425: output record: msgtype = 22, version = [3:3], msglen = 4
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2776: message length: 9, out_left: 9
> tcp_out.c 428: tcp_write(pcb=20454788, data="" len=9, apiflags=1)
> ssl_tls.c 2809: <= flush output
> ssl_tls.c 3478: <= write record
> ssl_tls.c 3322: <= write handshake message
> ssl_srv.c 3393: <= write server hello done
> ssl_srv.c 4261: server state: 7
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_tls.c 5657: => parse certificate
> ssl_tls.c 4313: => read record
> ssl_tls.c 2538: => fetch input
> ssl_tls.c 2699: in_left: 0, nb_want: 5
> ssl_tls.c 2723: in_left: 0, nb_want: 5
> ssl_tls.c 8096: <= handshake
> tcp_out.c 1546: tcp_output_segment: 6615:7529
> tcp_out.c 1268: tcp_output: nothing to send (0)
> tcp_out.c 1097: tcp_enqueue_flags: queueing 6667:6668 (0x12)
> tcp_out.c 1546: tcp_output_segment: 6667:6667
> tcp_out.c 1268: tcp_output: nothing to send (0)
> tcp_out.c 1268: tcp_output: nothing to send (0)
> tcp_out.c 1268: tcp_output: nothing to send (0)
> tcp_out.c 1268: tcp_output: nothing to send (0)
> ssl_tls.c 8086: => handshake
> ssl_srv.c 4261: server state: 7
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_tls.c 5657: => parse certificate
> ssl_tls.c 4313: => read record
> ssl_tls.c 2538: => fetch input
> ssl_tls.c 2699: in_left: 0, nb_want: 5
> ssl_tls.c 2723: in_left: 0, nb_want: 5
> ssl_tls.c 2744: <= fetch input
> ssl_tls.c 4058: input record: msgtype = 21, version = [3:3], msglen = 2
> ssl_tls.c 2538: => fetch input
> ssl_tls.c 2699: in_left: 5, nb_want: 7
> ssl_tls.c 2723: in_left: 5, nb_want: 7
> ssl_tls.c 2744: <= fetch input
> ssl_tls.c 5172: got an alert message, type: [2:46]
> ssl_tls.c 5180: is a fatal alert message (msg 46)
> ssl_tls.c 8096: <= handshake
> ERROR: altcp_tls_mbedtls.c 283: mbedtls_ssl_handshake failed: -0x7780
> httpd.c 2599: http_err: Connection closed., pcb: 20454be0
> tcp_out.c 1097: tcp_enqueue_flags: queueing 7529:7530 (0x1)
> ssl_tls.c 8936: => free
> ssl_tls.c 9001: <= free
> tcp_out.c 1546: tcp_output_segment: 7529:7529
> tcp_out.c 1268: tcp_output: nothing to send (0)
> tcp_out.c 2056: tcp_output: sending ACK for 2844114649
> httpd.c 2804: http_accept 20454c0c / 0
> tcp_out.c 1268: tcp_output: nothing to send (0)
> ssl_tls.c 8086: => handshake
> ssl_srv.c 4261: server state: 0
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 4261: server state: 1
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 1213: => parse client hello
> ssl_tls.c 2538: => fetch input
> ssl_tls.c 2699: in_left: 0, nb_want: 5
> ssl_tls.c 2723: in_left: 0, nb_want: 5
> ssl_tls.c 2744: <= fetch input
> ssl_srv.c 1257: client hello v3, message type: 22
> ssl_srv.c 1266: client hello v3, message len.: 512
> ssl_srv.c 1269: client hello v3, protocol version: [3:1]
> ssl_tls.c 2538: => fetch input
> ssl_tls.c 2699: in_left: 5, nb_want: 517
> ssl_tls.c 2723: in_left: 5, nb_want: 517
> ssl_tls.c 2744: <= fetch input
> ssl_srv.c 1369: client hello v3, handshake type: 1
> ssl_srv.c 1378: client hello v3, handshake len.: 508
> ssl_srv.c 1830: unknown extension found: 47802 (ignoring)
> ssl_srv.c 1800: found extended master secret extension
> ssl_srv.c 1713: found renegotiation extension
> ssl_srv.c 1740: found supported elliptic curves extension
> ssl_srv.c 1748: found supported point formats extension
> ssl_srv.c 377: point format selected: 0
> ssl_srv.c 1810: found session ticket extension
> ssl_srv.c 1820: found alpn extension
> ssl_srv.c 1830: unknown extension found: 5 (ignoring)
> ssl_srv.c 1726: found signature_algorithms extension
> ssl_srv.c 267: client hello v3, signature_algorithm ext: match sig 4 and hash 6
> ssl_srv.c 249: client hello v3, signature_algorithm ext unknown sig alg encoding 4
> ssl_srv.c 267: client hello v3, signature_algorithm ext: match sig 1 and hash 6
> ssl_srv.c 267: client hello v3, signature_algorithm ext: match sig 4 and hash 7
> ssl_srv.c 249: client hello v3, signature_algorithm ext unknown sig alg encoding 5
> ssl_srv.c 267: client hello v3, signature_algorithm ext: match sig 1 and hash 7
> ssl_srv.c 249: client hello v3, signature_algorithm ext unknown sig alg encoding 6
> ssl_srv.c 267: client hello v3, signature_algorithm ext: match sig 1 and hash 8
> ssl_srv.c 272: client hello v3, signature_algorithm ext: hash alg 4 not supported
> ssl_srv.c 1830: unknown extension found: 18 (ignoring)
> ssl_srv.c 1830: unknown extension found: 51 (ignoring)
> ssl_srv.c 1830: unknown extension found: 45 (ignoring)
> ssl_srv.c 1830: unknown extension found: 43 (ignoring)
> ssl_srv.c 1830: unknown extension found: 27 (ignoring)
> ssl_srv.c 1830: unknown extension found: 43690 (ignoring)
> ssl_srv.c 1830: unknown extension found: 21 (ignoring)
> ssl_srv.c 822: trying ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
> ssl_srv.c 720: ciphersuite requires certificate
> ssl_srv.c 731: candidate certificate chain, certificate
> ssl_srv.c 793: selected certificate chain, certificate
> ssl_srv.c 2001: selected ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
> ssl_srv.c 2035: <= parse client hello
> ssl_srv.c 4261: server state: 2
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 2419: => write server hello
> ssl_srv.c 2453: server hello, chosen version: [3:3]
> ssl_srv.c 2462: server hello, current time: 4294967295
> ssl_srv.c 2550: server hello, session id len.: 32
> ssl_srv.c 2553: no session has been resumed
> ssl_srv.c 2560: server hello, chosen ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
> ssl_srv.c 2562: server hello, compress alg.: 0x00
> ssl_srv.c 2172: server hello, secure renegotiation extension
> ssl_srv.c 2123: server hello, adding extended master secret extension
> ssl_srv.c 2243: server hello, supported_point_formats extension
> ssl_srv.c 2621: server hello, total extension length: 15
> ssl_tls.c 3186: => write handshake message
> ssl_tls.c 3345: => write record
> ssl_tls.c 3425: output record: msgtype = 22, version = [3:3], msglen = 91
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2776: message length: 96, out_left: 96
> tcp_out.c 428: tcp_write(pcb=204546ec, data="" len=96, apiflags=1)
> tcp_out.c 691: tcp_write: queueing 6668:6764
> ssl_tls.c 2809: <= flush output
> ssl_tls.c 3478: <= write record
> ssl_tls.c 3322: <= write handshake message
> ssl_srv.c 2640: <= write server hello
> ssl_srv.c 4261: server state: 3
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_tls.c 5331: => write certificate
> ssl_tls.c 5383: own certificate
> ssl_tls.c 3186: => write handshake message
> ssl_tls.c 3345: => write record
> ssl_tls.c 3425: output record: msgtype = 22, version = [3:3], msglen = 595
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2776: message length: 600, out_left: 600
> tcp_out.c 428: tcp_write(pcb=204546ec, data="" len=600, apiflags=1)
> ssl_tls.c 2809: <= flush output
> ssl_tls.c 3478: <= write record
> ssl_tls.c 3322: <= write handshake message
> ssl_tls.c 5435: <= write certificate
> ssl_srv.c 4261: server state: 4
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 3273: => write server key exchange
> ssl_srv.c 3051: ECDHE curve: secp384r1
> ssl_srv.c 3140: pick hash algorithm 6 for signing
> ssl_tls.c 3186: => write handshake message
> ssl_tls.c 3345: => write record
> ssl_tls.c 3425: output record: msgtype = 22, version = [3:3], msglen = 180
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2776: message length: 185, out_left: 185
> tcp_out.c 428: tcp_write(pcb=204546ec, data="" len=185, apiflags=1)
> ssl_tls.c 2809: <= flush output
> ssl_tls.c 3478: <= write record
> ssl_tls.c 3322: <= write handshake message
> ssl_srv.c 3357: <= write server key exchange
> ssl_srv.c 4261: server state: 5
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 2685: => write certificate request
> ssl_tls.c 3186: => write handshake message
> ssl_tls.c 3345: => write record
> ssl_tls.c 3425: output record: msgtype = 22, version = [3:3], msglen = 19
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2776: message length: 24, out_left: 24
> tcp_out.c 428: tcp_write(pcb=204546ec, data="" len=24, apiflags=1)
> ssl_tls.c 2809: <= flush output
> ssl_tls.c 3478: <= write record
> ssl_tls.c 3322: <= write handshake message
> ssl_srv.c 2835: <= write certificate request
> ssl_srv.c 4261: server state: 6
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 3365: => write server hello done
> ssl_tls.c 3186: => write handshake message
> ssl_tls.c 3345: => write record
> ssl_tls.c 3425: output record: msgtype = 22, version = [3:3], msglen = 4
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2776: message length: 9, out_left: 9
> tcp_out.c 428: tcp_write(pcb=204546ec, data="" len=9, apiflags=1)
> ssl_tls.c 2809: <= flush output
> ssl_tls.c 3478: <= write record
> ssl_tls.c 3322: <= write handshake message
> ssl_srv.c 3393: <= write server hello done
> ssl_srv.c 4261: server state: 7
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_tls.c 5657: => parse certificate
> ssl_tls.c 4313: => read record
> ssl_tls.c 2538: => fetch input
> ssl_tls.c 2699: in_left: 0, nb_want: 5
> ssl_tls.c 2723: in_left: 0, nb_want: 5
> ssl_tls.c 8096: <= handshake
> tcp_out.c 1546: tcp_output_segment: 6668:7582
> tcp_out.c 1268: tcp_output: nothing to send (0)
> tcp_out.c 1268: tcp_output: nothing to send (0)
> tcp_out.c 1268: tcp_output: nothing to send (0)
> tcp_out.c 1546: tcp_output_segment: 6562:6562
> tcp_out.c 1268: tcp_output: nothing to send (0)
> ssl_tls.c 8086: => handshake
> ssl_srv.c 4261: server state: 7
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_tls.c 5657: => parse certificate
> ssl_tls.c 4313: => read record
> ssl_tls.c 2538: => fetch input
> ssl_tls.c 2699: in_left: 0, nb_want: 5
> ssl_tls.c 2723: in_left: 0, nb_want: 5
> ssl_tls.c 2744: <= fetch input
> ssl_tls.c 4058: input record: msgtype = 21, version = [3:3], msglen = 2
> ssl_tls.c 2538: => fetch input
> ssl_tls.c 2699: in_left: 5, nb_want: 7
> ssl_tls.c 2723: in_left: 5, nb_want: 7
> ssl_tls.c 2744: <= fetch input
> ssl_tls.c 5172: got an alert message, type: [2:46]
> ssl_tls.c 5180: is a fatal alert message (msg 46)
> ssl_tls.c 8096: <= handshake
> ERROR: altcp_tls_mbedtls.c 283: mbedtls_ssl_handshake failed: -0x7780
> httpd.c 2599: http_err: Connection closed., pcb: 20454c0c
> tcp_out.c 1097: tcp_enqueue_flags: queueing 7582:7583 (0x1)
> ssl_tls.c 8936: => free
> ssl_tls.c 9001: <= free
> tcp_out.c 1546: tcp_output_segment: 7582:7582
> tcp_out.c 1268: tcp_output: nothing to send (0)
> tcp_out.c 1268: tcp_output: nothing to send (0)
> tcp_out.c 2056: tcp_output: sending ACK for 2982664725
> httpd.c 2804: http_accept 20454be0 / 0
> tcp_out.c 1268: tcp_output: nothing to send (0)
> ssl_tls.c 8086: => handshake
> ssl_srv.c 4261: server state: 0
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 4261: server state: 1
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 1213: => parse client hello
> ssl_tls.c 2538: => fetch input
> ssl_tls.c 2699: in_left: 0, nb_want: 5
> ssl_tls.c 2723: in_left: 0, nb_want: 5
> ssl_tls.c 2744: <= fetch input
> ssl_srv.c 1257: client hello v3, message type: 22
> ssl_srv.c 1266: client hello v3, message len.: 512
> ssl_srv.c 1269: client hello v3, protocol version: [3:1]
> ssl_tls.c 2538: => fetch input
> ssl_tls.c 2699: in_left: 5, nb_want: 517
> ssl_tls.c 2723: in_left: 5, nb_want: 517
> ssl_tls.c 2744: <= fetch input
> ssl_srv.c 1369: client hello v3, handshake type: 1
> ssl_srv.c 1378: client hello v3, handshake len.: 508
> ssl_srv.c 1830: unknown extension found: 39578 (ignoring)
> ssl_srv.c 1800: found extended master secret extension
> ssl_srv.c 1713: found renegotiation extension
> ssl_srv.c 1740: found supported elliptic curves extension
> ssl_srv.c 1748: found supported point formats extension
> ssl_srv.c 377: point format selected: 0
> ssl_srv.c 1810: found session ticket extension
> ssl_srv.c 1820: found alpn extension
> ssl_srv.c 1830: unknown extension found: 5 (ignoring)
> ssl_srv.c 1726: found signature_algorithms extension
> ssl_srv.c 267: client hello v3, signature_algorithm ext: match sig 4 and hash 6
> ssl_srv.c 249: client hello v3, signature_algorithm ext unknown sig alg encoding 4
> ssl_srv.c 267: client hello v3, signature_algorithm ext: match sig 1 and hash 6
> ssl_srv.c 267: client hello v3, signature_algorithm ext: match sig 4 and hash 7
> ssl_srv.c 249: client hello v3, signature_algorithm ext unknown sig alg encoding 5
> ssl_srv.c 267: client hello v3, signature_algorithm ext: match sig 1 and hash 7
> ssl_srv.c 249: client hello v3, signature_algorithm ext unknown sig alg encoding 6
> ssl_srv.c 267: client hello v3, signature_algorithm ext: match sig 1 and hash 8
> ssl_srv.c 272: client hello v3, signature_algorithm ext: hash alg 4 not supported
> ssl_srv.c 1830: unknown extension found: 18 (ignoring)
> ssl_srv.c 1830: unknown extension found: 51 (ignoring)
> ssl_srv.c 1830: unknown extension found: 45 (ignoring)
> ssl_srv.c 1830: unknown extension found: 43 (ignoring)
> ssl_srv.c 1830: unknown extension found: 27 (ignoring)
> ssl_srv.c 1830: unknown extension found: 56026 (ignoring)
> ssl_srv.c 1830: unknown extension found: 21 (ignoring)
> ssl_srv.c 822: trying ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
> ssl_srv.c 720: ciphersuite requires certificate
> ssl_srv.c 731: candidate certificate chain, certificate
> ssl_srv.c 793: selected certificate chain, certificate
> ssl_srv.c 2001: selected ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
> ssl_srv.c 2035: <= parse client hello
> ssl_srv.c 4261: server state: 2
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 2419: => write server hello
> ssl_srv.c 2453: server hello, chosen version: [3:3]
> ssl_srv.c 2462: server hello, current time: 4294967295
> ssl_srv.c 2550: server hello, session id len.: 32
> ssl_srv.c 2553: no session has been resumed
> ssl_srv.c 2560: server hello, chosen ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
> ssl_srv.c 2562: server hello, compress alg.: 0x00
> ssl_srv.c 2172: server hello, secure renegotiation extension
> ssl_srv.c 2123: server hello, adding extended master secret extension
> ssl_srv.c 2243: server hello, supported_point_formats extension
> ssl_srv.c 2621: server hello, total extension length: 15
> ssl_tls.c 3186: => write handshake message
> ssl_tls.c 3345: => write record
> ssl_tls.c 3425: output record: msgtype = 22, version = [3:3], msglen = 91
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2776: message length: 96, out_left: 96
> tcp_out.c 428: tcp_write(pcb=20454824, data="" len=96, apiflags=1)
> tcp_out.c 691: tcp_write: queueing 6563:6659
> ssl_tls.c 2809: <= flush output
> ssl_tls.c 3478: <= write record
> ssl_tls.c 3322: <= write handshake message
> ssl_srv.c 2640: <= write server hello
> ssl_srv.c 4261: server state: 3
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_tls.c 5331: => write certificate
> ssl_tls.c 5383: own certificate
> ssl_tls.c 3186: => write handshake message
> ssl_tls.c 3345: => write record
> ssl_tls.c 3425: output record: msgtype = 22, version = [3:3], msglen = 595
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2776: message length: 600, out_left: 600
> tcp_out.c 428: tcp_write(pcb=20454824, data="" len=600, apiflags=1)
> ssl_tls.c 2809: <= flush output
> ssl_tls.c 3478: <= write record
> ssl_tls.c 3322: <= write handshake message
> ssl_tls.c 5435: <= write certificate
> ssl_srv.c 4261: server state: 4
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 3273: => write server key exchange
> ssl_srv.c 3051: ECDHE curve: secp384r1
> ssl_srv.c 3140: pick hash algorithm 6 for signing
> ssl_tls.c 3186: => write handshake message
> ssl_tls.c 3345: => write record
> ssl_tls.c 3425: output record: msgtype = 22, version = [3:3], msglen = 181
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2776: message length: 186, out_left: 186
> tcp_out.c 428: tcp_write(pcb=20454824, data="" len=186, apiflags=1)
> ssl_tls.c 2809: <= flush output
> ssl_tls.c 3478: <= write record
> ssl_tls.c 3322: <= write handshake message
> ssl_srv.c 3357: <= write server key exchange
> ssl_srv.c 4261: server state: 5
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 2685: => write certificate request
> ssl_tls.c 3186: => write handshake message
> ssl_tls.c 3345: => write record
> ssl_tls.c 3425: output record: msgtype = 22, version = [3:3], msglen = 19
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2776: message length: 24, out_left: 24
> tcp_out.c 428: tcp_write(pcb=20454824, data="" len=24, apiflags=1)
> ssl_tls.c 2809: <= flush output
> ssl_tls.c 3478: <= write record
> ssl_tls.c 3322: <= write handshake message
> ssl_srv.c 2835: <= write certificate request
> ssl_srv.c 4261: server state: 6
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_srv.c 3365: => write server hello done
> ssl_tls.c 3186: => write handshake message
> ssl_tls.c 3345: => write record
> ssl_tls.c 3425: output record: msgtype = 22, version = [3:3], msglen = 4
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2776: message length: 9, out_left: 9
> tcp_out.c 428: tcp_write(pcb=20454824, data="" len=9, apiflags=1)
> ssl_tls.c 2809: <= flush output
> ssl_tls.c 3478: <= write record
> ssl_tls.c 3322: <= write handshake message
> ssl_srv.c 3393: <= write server hello done
> ssl_srv.c 4261: server state: 7
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_tls.c 5657: => parse certificate
> ssl_tls.c 4313: => read record
> ssl_tls.c 2538: => fetch input
> ssl_tls.c 2699: in_left: 0, nb_want: 5
> ssl_tls.c 2723: in_left: 0, nb_want: 5
> ssl_tls.c 8096: <= handshake
> tcp_out.c 1546: tcp_output_segment: 6563:7478
> tcp_out.c 1268: tcp_output: nothing to send (0)
> ssl_tls.c 8086: => handshake
> ssl_srv.c 4261: server state: 7
> ssl_tls.c 2757: => flush output
> ssl_tls.c 2769: <= flush output
> ssl_tls.c 5657: => parse certificate
> ssl_tls.c 4313: => read record
> ssl_tls.c 2538: => fetch input
> ssl_tls.c 2699: in_left: 0, nb_want: 5
> ssl_tls.c 2723: in_left: 0, nb_want: 5
> ssl_tls.c 2744: <= fetch input
> ssl_tls.c 4058: input record: msgtype = 21, version = [3:3], msglen = 2
> ssl_tls.c 2538: => fetch input
> ssl_tls.c 2699: in_left: 5, nb_want: 7
> ssl_tls.c 2723: in_left: 5, nb_want: 7
> ssl_tls.c 2744: <= fetch input
> ssl_tls.c 5172: got an alert message, type: [2:46]
> ssl_tls.c 5180: is a fatal alert message (msg 46)
> ssl_tls.c 8096: <= handshake
> ERROR: altcp_tls_mbedtls.c 283: mbedtls_ssl_handshake failed: -0x7780
> httpd.c 2599: http_err: Connection closed., pcb: 20454be0
> tcp_out.c 1097: tcp_enqueue_flags: queueing 7478:7479 (0x1)
> ssl_tls.c 8936: => free
> ssl_tls.c 9001: <= free
>
> On Tue, Feb 18, 2020 at 8:54 AM Trampas Stern <address@hidden> wrote:
>>
>> I figured as much... I am slow at learning this stuff, and figured adding the note to the forum is good for next guy.
>>
>> My next problem is that with https I am having problems transferring data. and getting http_err calls closing connections.
>>
>> ttpd.c 2792: http_accept 20453718 / 0
>> httpd.c 2792: http_accept 204536c0 / 0
>> httpd.c 2594: http_err: Connection closed.
>> httpd.c 2594: http_err: Connection closed.
>> httpd.c 2792: http_accept 204536ec / 0
>> httpd.c 2792: http_accept 20453744 / 0
>> httpd.c 2594: http_err: Connection closed.
>> httpd.c 2792: http_accept 204536c0 / 0
>> httpd.c 2692: http_recv: pcb=20453744 pbuf=204544f8 err=Ok.
>> httpd.c 2086: Received 567 bytes
>> httpd.c 2093: First pbuf
>> httpd.c 2137: CRLF received, parsing request
>> httpd.c 2144: Received GET request"
>> httpd.c 2205: Received "GET" request for URI: "/dashboard.html"
>> httpd.c 2412: Opening /dashboard.html
>> httpd.c 2414: Opening /dashboard.html
>> fs.cpp 92: reading SD /dashboard.html: 2890
>> httpd.c 2764: http_recv: data 20411e78 len 2890
>> httpd.c 1635: /dashboard.html
>> httpd.c 1636: http_send: pcb=20453744 hs=204517ec left=2890
>> httpd.c 1256: writting /dashboard.html
>> httpd.c 578: Trying to send 2890 bytes
>> httpd.c 600: Sent 2890 bytes
>> httpd.c 1697: send_data end.
>> httpd.c 2637: http_poll: pcb=20453744 hs=204517ec pcb_state=ESTABLISHED
>> httpd.c 2670: http_poll: try to send more data
>> httpd.c 1635: /dashboard.html
>> httpd.c 1636: http_send: pcb=20453744 hs=204517ec left=0
>> httpd.c 1144: bytes_left 15842
>> httpd.c 1203: Trying to read 1 bytes.
>> fs.cpp 92: reading SD /dashboard.html: 1
>> httpd.c 1225: Read 1 bytes.
>> httpd.c 1228: Sent 1
>> httpd.c 1256: writting /dashboard.html
>> httpd.c 578: Trying to send 1 bytes
>> httpd.c 600: Sent 1 bytes
>> httpd.c 1697: send_data end.
>> httpd.c 2674: tcp_output
>> httpd.c 2610: http_sent 20453744
>> httpd.c 1635: /dashboard.html
>> httpd.c 1636: http_send: pcb=20453744 hs=204517ec left=0
>> httpd.c 1144: bytes_left 15841
>> httpd.c 1203: Trying to read 2890 bytes.
>> fs.cpp 92: reading SD /dashboard.html: 2890
>> httpd.c 1225: Read 2890 bytes.
>> httpd.c 1228: Sent 2890
>> httpd.c 1256: writting /dashboard.html
>> httpd.c 578: Trying to send 2861 bytes
>> httpd.c 600: Sent 2861 bytes
>> httpd.c 1697: send_data end.
>> httpd.c 2692: http_recv: pcb=204536c0 pbuf=20455118 err=Ok.
>> httpd.c 2086: Received 434 bytes
>> httpd.c 2093: First pbuf
>> httpd.c 2137: CRLF received, parsing request
>> httpd.c 2144: Received GET request"
>> httpd.c 2205: Received "GET" request for URI: "/css/bootstrap.css"
>> httpd.c 2412: Opening /css/bootstrap.css
>> httpd.c 2414: Opening /css/bootstrap.css
>> fs.cpp 92: reading SD /css/bootstrap.css: 2890
>> httpd.c 2764: http_recv: data 20411e78 len 2890
>> httpd.c 1635: /css/bootstrap.css
>> httpd.c 1636: http_send: pcb=204536c0 hs=20452260 left=2890
>> httpd.c 1256: writting /css/bootstrap.css
>> httpd.c 578: Trying to send 2890 bytes
>> httpd.c 600: Sent 2890 bytes
>> httpd.c 1697: send_data end.
>> httpd.c 2610: http_sent 20453744
>> httpd.c 1635: /dashboard.html
>> httpd.c 1636: http_send: pcb=20453744 hs=204517ec left=29
>> httpd.c 1256: writting /dashboard.html
>> httpd.c 578: Trying to send 29 bytes
>> httpd.c 600: Sent 29 bytes
>> httpd.c 1697: send_data end.
>> httpd.c 2610: http_sent 20453744
>> httpd.c 1635: /dashboard.html
>> httpd.c 1636: http_send: pcb=20453744 hs=204517ec left=0
>> httpd.c 1144: bytes_left 12951
>> httpd.c 1203: Trying to read 2890 bytes.
>> fs.cpp 92: reading SD /dashboard.html: 2890
>> httpd.c 1225: Read 2890 bytes.
>> httpd.c 1228: Sent 2890
>> httpd.c 1256: writting /dashboard.html
>> httpd.c 578: Trying to send 2890 bytes
>> httpd.c 600: Sent 2890 bytes
>> httpd.c 1697: send_data end.
>> httpd.c 2610: http_sent 20453744
>> httpd.c 1635: /dashboard.html
>> httpd.c 1636: http_send: pcb=20453744 hs=204517ec left=0
>> httpd.c 1144: bytes_left 10061
>> httpd.c 1203: Trying to read 2890 bytes.
>> fs.cpp 92: reading SD /dashboard.html: 2890
>> httpd.c 1225: Read 2890 bytes.
>> httpd.c 1228: Sent 2890
>> httpd.c 1256: writting /dashboard.html
>> httpd.c 578: Trying to send 1432 bytes
>> httpd.c 600: Sent 1432 bytes
>> httpd.c 1697: send_data end.
>> httpd.c 2610: http_sent 20453744
>> httpd.c 1635: /dashboard.html
>> httpd.c 1636: http_send: pcb=20453744 hs=204517ec left=1458
>> httpd.c 1256: writting /dashboard.html
>> httpd.c 578: Trying to send 1458 bytes
>> httpd.c 600: Sent 1458 bytes
>> httpd.c 1697: send_data end.
>> httpd.c 2610: http_sent 20453744
>> httpd.c 1635: /dashboard.html
>> httpd.c 1636: http_send: pcb=20453744 hs=204517ec left=0
>> httpd.c 1144: bytes_left 7171
>> httpd.c 1203: Trying to read 2890 bytes.
>> fs.cpp 92: reading SD /dashboard.html: 2890
>> httpd.c 1225: Read 2890 bytes.
>> httpd.c 1228: Sent 2890
>> httpd.c 1256: writting /dashboard.html
>> httpd.c 578: Trying to send 2864 bytes
>> httpd.c 600: Sent 2864 bytes
>> httpd.c 1697: send_data end.
>> httpd.c 2610: http_sent 20453744
>> httpd.c 1635: /dashboard.html
>> httpd.c 1636: http_send: pcb=20453744 hs=204517ec left=26
>> httpd.c 1256: writting /dashboard.html
>> httpd.c 578: Trying to send 26 bytes
>> httpd.c 600: Sent 26 bytes
>> httpd.c 1697: send_data end.
>> httpd.c 2792: http_accept 20453668 / 0
>> httpd.c 2610: http_sent 20453744
>> httpd.c 1635: /dashboard.html
>> httpd.c 1636: http_send: pcb=20453744 hs=204517ec left=0
>> httpd.c 1144: bytes_left 4281
>> httpd.c 1203: Trying to read 2890 bytes.
>> fs.cpp 92: reading SD /dashboard.html: 2890
>> httpd.c 1225: Read 2890 bytes.
>> httpd.c 1228: Sent 2890
>>
>>
>> On Tue, Feb 18, 2020 at 7:32 AM Simon Goldschmidt <address@hidden> wrote:
>>>
>>> Trampas Stern wrote:
>>> > I found that chrome will not work with openssl keys generated by the comments in the code I found I had to generate different keys using the following commands.
>>> > [..]
>>>
>>> Well, the code in the comment did work at some time. I don't think I can keep up with the speed that google changes TLS handling... :-)
>>>
>>> Regards,
>>> Simon
>>>
>>> _______________________________________________
>>> lwip-users mailing list
>>> address@hidden
>>> https://lists.nongnu.org/mailman/listinfo/lwip-users
>
> _______________________________________________
> lwip-users mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/lwip-users
--
Pozdrawiam
Tomek
_______________________________________________
lwip-users mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/lwip-users
[Prev in Thread] | Current Thread | [Next in Thread] |