为什么 nodeMCU tls mbed 库从 Pushbullet API 服务器收到错误 40(握手失败)?
Why nodeMCU tls mbed library got error 40(handshake fail) from Pushbullet API server?
我想用 Pushbullet 推送服务制作一个 nodeMCU IoT 项目。
我正在尝试制作很多相同的项目示例。
我的项目与下面的例子几乎相同。
nodemcu-pushbullet-notification
看似很简单,却遇到了意想不到的困难
HTTPS 握手失败,出现错误 40。错误 40 表示收到警告消息。为什么 nodeMCU 从 Pushbullet 收到警报消息 API? 是 mbed tls 库的限制吗?还是我被滥用了?
请问有没有人解释下tls的日志?
WiFi connection established, IP address: 192.168.43.246
HTTP client: hostname=api.pushbullet.com
HTTP client: port=443
HTTP client: method=POST
HTTP client: path=/v2/pushes
HTTP client: DNS request
HTTP client: DNS pending
HTTP client: DNS found api.pushbullet.com 172.217.31.147
client handshake start.
espconn_mbedtls.c 667, type[certificate],length[846]
TLS<2> (heap=19408): ssl_tls.c:6850 => handshake
TLS<2> (heap=19408): ssl_cli.c:3400 client state: 0
TLS<2> (heap=19408): ssl_tls.c:2574 => flush output
TLS<2> (heap=19408): ssl_tls.c:2586 <= flush output
TLS<2> (heap=19408): ssl_cli.c:3400 client state: 1
TLS<2> (heap=19408): ssl_tls.c:2574 => flush output
TLS<2> (heap=19408): ssl_tls.c:2586 <= flush output
TLS<2> (heap=19408): ssl_cli.c:777 => write client hello
TLS<3> (heap=19408): ssl_cli.c:815 client hello, max version: [3:3]
TLS<3> (heap=19408): ssl_cli.c:824 dumping 'client hello, random bytes' (32 bytes)
TLS<3> (heap=19408): ssl_cli.c:824 0000: 4d 19 c2 f3 ab 90 2f 31 19 16 4d 45 ff 45 af cb M...../1..ME.E..
TLS<3> (heap=19408): ssl_cli.c:824 0010: 38 eb cc 0d c3 2a 1d 4c 2a b5 eb df 10 6e d1 4d 8....*.L*....n.M
TLS<3> (heap=19408): ssl_cli.c:877 client hello, session id len.: 0
TLS<3> (heap=19408): ssl_cli.c:878 dumping 'client hello, session id' (0 bytes)
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c02c
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c030
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 009f
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0ad
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c09f
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c024
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c028
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 006b
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c00a
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c014
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 0039
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0af
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0a3
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c087
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c08b
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c07d
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c073
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c077
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 00c4
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 0088
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c02b
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c02f
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 009e
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0ac
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c09e
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c023
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c027
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 0067
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c009
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c013
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 0033
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0ae
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0a2
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c086
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c08a
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c07c
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c072
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c076
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 00be
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 0045
TLS<3> (heap=19408): ssl_cli.c:937 client hello, got 40 ciphersuites (excluding SCSVs)
TLS<3> (heap=19408): ssl_cli.c:946 adding EMPTY_RENEGOTIATION_INFO_SCSV
TLS<3> (heap=19408): ssl_cli.c:995 client hello, compress len.: 1
TLS<3> (heap=19408): ssl_cli.c:997 client hello, compress alg.: 0
TLS<3> (heap=19408): ssl_cli.c:189 client hello, adding signature_algorithms extension
TLS<3> (heap=19408): ssl_cli.c:274 client hello, adding supported_elliptic_curves extension
TLS<3> (heap=19408): ssl_cli.c:339 client hello, adding supported_point_formats extension
TLS<3> (heap=19408): ssl_cli.c:453 client hello, adding max_fragment_length extension
TLS<3> (heap=19408): ssl_cli.c:521 client hello, adding encrypt_then_mac extension
TLS<3> (heap=19408): ssl_cli.c:555 client hello, adding extended_master_secret extension
TLS<3> (heap=19408): ssl_cli.c:588 client hello, adding session ticket extension
TLS<3> (heap=19408): ssl_cli.c:1074 client hello, total extension length: 65
TLS<2> (heap=19408): ssl_tls.c:2867 => write record
TLS<3> (heap=19408): ssl_tls.c:3013 output record: msgtype = 22, version = [3:2], msglen = 192
TLS<4> (heap=19408): ssl_tls.c:3016 dumping 'output record sent to network' (197 bytes)
TLS<4> (heap=19408): ssl_tls.c:3016 0000: 16 03 02 00 c0 01 00 00 bc 03 03 4d 19 c2 f3 ab ...........M....
TLS<4> (heap=19408): ssl_tls.c:3016 0010: 90 2f 31 19 16 4d 45 ff 45 af cb 38 eb cc 0d c3 ./1..ME.E..8....
TLS<4> (heap=19408): ssl_tls.c:3016 0020: 2a 1d 4c 2a b5 eb df 10 6e d1 4d 00 00 52 c0 2c *.L*....n.M..R.,
TLS<4> (heap=19408): ssl_tls.c:3016 0030: c0 30 00 9f c0 ad c0 9f c0 24 c0 28 00 6b c0 0a .0.......$.(.k..
TLS<4> (heap=19408): ssl_tls.c:3016 0040: c0 14 00 39 c0 af c0 a3 c0 87 c0 8b c0 7d c0 73 ...9.........}.s
TLS<4> (heap=19408): ssl_tls.c:3016 0050: c0 77 00 c4 00 88 c0 2b c0 2f 00 9e c0 ac c0 9e .w.....+./......
TLS<4> (heap=19408): ssl_tls.c:3016 0060: c0 23 c0 27 00 67 c0 09 c0 13 00 33 c0 ae c0 a2 .#.'.g.....3....
TLS<4> (heap=19408): ssl_tls.c:3016 0070: c0 86 c0 8a c0 7c c0 72 c0 76 00 be 00 45 00 ff .....|.r.v...E..
TLS<4> (heap=19408): ssl_tls.c:3016 0080: 01 00 00 41 00 0d 00 16 00 14 06 03 06 01 05 03 ...A............
TLS<4> (heap=19408): ssl_tls.c:3016 0090: 05 01 04 03 04 01 03 03 03 01 02 03 02 01 00 0a ................
TLS<4> (heap=19408): ssl_tls.c:3016 00a0: 00 0c 00 0a 00 18 00 1b 00 17 00 16 00 1a 00 0b ................
TLS<4> (heap=19408): ssl_tls.c:3016 00b0: 00 02 01 00 00 01 00 01 04 00 16 00 00 00 17 00 ................
TLS<4> (heap=19408): ssl_tls.c:3016 00c0: 00 00 23 00 00 ..#..
TLS<2> (heap=19408): ssl_tls.c:2574 => flush output
TLS<2> (heap=19408): ssl_tls.c:2593 message length: 197, out_left: 197
TLS<2> (heap=17864): ssl_tls.c:2599 ssl->f_send() returned 197 (-0xffffff3b)
TLS<2> (heap=17864): ssl_tls.c:2626 <= flush output
TLS<2> (heap=17864): ssl_tls.c:3025 <= write record
TLS<2> (heap=17864): ssl_cli.c:1100 <= write client hello
TLS<2> (heap=17864): ssl_cli.c:3400 client state: 2
TLS<2> (heap=17864): ssl_tls.c:2574 => flush output
TLS<2> (heap=17864): ssl_tls.c:2586 <= flush output
TLS<2> (heap=17864): ssl_cli.c:1493 => parse server hello
TLS<2> (heap=17864): ssl_tls.c:3904 => read record
TLS<2> (heap=17864): ssl_tls.c:2358 => fetch input
TLS<2> (heap=17864): ssl_tls.c:2516 in_left: 0, nb_want: 5
TLS<2> (heap=17864): ssl_tls.c:2540 in_left: 0, nb_want: 5
TLS<2> (heap=17864): ssl_tls.c:6860 <= handshake
TLS<2> (heap=19408): ssl_tls.c:6850 => handshake
TLS<2> (heap=19408): ssl_cli.c:3400 client state: 2
TLS<2> (heap=19408): ssl_tls.c:2574 => flush output
TLS<2> (heap=19408): ssl_tls.c:2586 <= flush output
TLS<2> (heap=19408): ssl_cli.c:1493 => parse server hello
TLS<2> (heap=19408): ssl_tls.c:3904 => read record
TLS<2> (heap=19408): ssl_tls.c:2358 => fetch input
TLS<2> (heap=19408): ssl_tls.c:2516 in_left: 0, nb_want: 5
TLS<2> (heap=19408): ssl_tls.c:2540 in_left: 0, nb_want: 5
TLS<2> (heap=19408): ssl_tls.c:2541 ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
TLS<2> (heap=19408): ssl_tls.c:2561 <= fetch input
TLS<4> (heap=19408): ssl_tls.c:3654 dumping 'input record header' (5 bytes)
TLS<4> (heap=19408): ssl_tls.c:3654 0000: 15 03 01 00 02 .....
TLS<3> (heap=19408): ssl_tls.c:3663 input record: msgtype = 21, version = [3:1], msglen = 2
TLS<2> (heap=19408): ssl_tls.c:2358 => fetch input
TLS<2> (heap=19408): ssl_tls.c:2516 in_left: 5, nb_want: 7
TLS<2> (heap=19408): ssl_tls.c:2540 in_left: 5, nb_want: 7
TLS<2> (heap=19408): ssl_tls.c:2541 ssl->f_recv(_timeout)() returned 2 (-0xfffffffe)
TLS<2> (heap=19408): ssl_tls.c:2561 <= fetch input
TLS<4> (heap=19408): ssl_tls.c:3833 dumping 'input record from network' (7 bytes)
TLS<4> (heap=19408): ssl_tls.c:3833 0000: 15 03 01 00 02 02 28 ......(
TLS<2> (heap=19408): ssl_tls.c:4246 got an alert message, type: [2:40]
TLS<1> (heap=19408): ssl_tls.c:4254 is a fatal alert message (msg 40)
TLS<1> (heap=19408): ssl_tls.c:3922 mbedtls_ssl_read_record_layer() returned -30592 (-0x7780)
TLS<1> (heap=19408): ssl_cli.c:1500 mbedtls_ssl_read_record() returned -30592 (-0x7780)
TLS<2> (heap=19408): ssl_tls.c:6860 <= handshake
client handshake failed!
Reason:[-0x7780]
Pushbullet 使用 SSL 证书 SNI. A certificate analysis is available at https://www.ssllabs.com/ssltest/analyze.html?d=api.pushbullet.com。
根据 NodeMCU TLS documentation Espressif SDK 不支持 SNI。
The TLS glue provided by Espressif provides no interface to TLS SNI. As such, NodeMCU TLS should not be expected to function with endpoints requiring the use of SNI, which is a growing fraction of the Internet...
我想用 Pushbullet 推送服务制作一个 nodeMCU IoT 项目。 我正在尝试制作很多相同的项目示例。
我的项目与下面的例子几乎相同。
nodemcu-pushbullet-notification
看似很简单,却遇到了意想不到的困难
HTTPS 握手失败,出现错误 40。错误 40 表示收到警告消息。为什么 nodeMCU 从 Pushbullet 收到警报消息 API? 是 mbed tls 库的限制吗?还是我被滥用了?
请问有没有人解释下tls的日志?
WiFi connection established, IP address: 192.168.43.246
HTTP client: hostname=api.pushbullet.com
HTTP client: port=443
HTTP client: method=POST
HTTP client: path=/v2/pushes
HTTP client: DNS request
HTTP client: DNS pending
HTTP client: DNS found api.pushbullet.com 172.217.31.147
client handshake start.
espconn_mbedtls.c 667, type[certificate],length[846]
TLS<2> (heap=19408): ssl_tls.c:6850 => handshake
TLS<2> (heap=19408): ssl_cli.c:3400 client state: 0
TLS<2> (heap=19408): ssl_tls.c:2574 => flush output
TLS<2> (heap=19408): ssl_tls.c:2586 <= flush output
TLS<2> (heap=19408): ssl_cli.c:3400 client state: 1
TLS<2> (heap=19408): ssl_tls.c:2574 => flush output
TLS<2> (heap=19408): ssl_tls.c:2586 <= flush output
TLS<2> (heap=19408): ssl_cli.c:777 => write client hello
TLS<3> (heap=19408): ssl_cli.c:815 client hello, max version: [3:3]
TLS<3> (heap=19408): ssl_cli.c:824 dumping 'client hello, random bytes' (32 bytes)
TLS<3> (heap=19408): ssl_cli.c:824 0000: 4d 19 c2 f3 ab 90 2f 31 19 16 4d 45 ff 45 af cb M...../1..ME.E..
TLS<3> (heap=19408): ssl_cli.c:824 0010: 38 eb cc 0d c3 2a 1d 4c 2a b5 eb df 10 6e d1 4d 8....*.L*....n.M
TLS<3> (heap=19408): ssl_cli.c:877 client hello, session id len.: 0
TLS<3> (heap=19408): ssl_cli.c:878 dumping 'client hello, session id' (0 bytes)
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c02c
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c030
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 009f
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0ad
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c09f
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c024
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c028
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 006b
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c00a
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c014
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 0039
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0af
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0a3
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c087
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c08b
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c07d
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c073
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c077
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 00c4
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 0088
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c02b
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c02f
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 009e
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0ac
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c09e
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c023
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c027
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 0067
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c009
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c013
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 0033
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0ae
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c0a2
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c086
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c08a
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c07c
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c072
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: c076
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 00be
TLS<3> (heap=19408): ssl_cli.c:925 client hello, add ciphersuite: 0045
TLS<3> (heap=19408): ssl_cli.c:937 client hello, got 40 ciphersuites (excluding SCSVs)
TLS<3> (heap=19408): ssl_cli.c:946 adding EMPTY_RENEGOTIATION_INFO_SCSV
TLS<3> (heap=19408): ssl_cli.c:995 client hello, compress len.: 1
TLS<3> (heap=19408): ssl_cli.c:997 client hello, compress alg.: 0
TLS<3> (heap=19408): ssl_cli.c:189 client hello, adding signature_algorithms extension
TLS<3> (heap=19408): ssl_cli.c:274 client hello, adding supported_elliptic_curves extension
TLS<3> (heap=19408): ssl_cli.c:339 client hello, adding supported_point_formats extension
TLS<3> (heap=19408): ssl_cli.c:453 client hello, adding max_fragment_length extension
TLS<3> (heap=19408): ssl_cli.c:521 client hello, adding encrypt_then_mac extension
TLS<3> (heap=19408): ssl_cli.c:555 client hello, adding extended_master_secret extension
TLS<3> (heap=19408): ssl_cli.c:588 client hello, adding session ticket extension
TLS<3> (heap=19408): ssl_cli.c:1074 client hello, total extension length: 65
TLS<2> (heap=19408): ssl_tls.c:2867 => write record
TLS<3> (heap=19408): ssl_tls.c:3013 output record: msgtype = 22, version = [3:2], msglen = 192
TLS<4> (heap=19408): ssl_tls.c:3016 dumping 'output record sent to network' (197 bytes)
TLS<4> (heap=19408): ssl_tls.c:3016 0000: 16 03 02 00 c0 01 00 00 bc 03 03 4d 19 c2 f3 ab ...........M....
TLS<4> (heap=19408): ssl_tls.c:3016 0010: 90 2f 31 19 16 4d 45 ff 45 af cb 38 eb cc 0d c3 ./1..ME.E..8....
TLS<4> (heap=19408): ssl_tls.c:3016 0020: 2a 1d 4c 2a b5 eb df 10 6e d1 4d 00 00 52 c0 2c *.L*....n.M..R.,
TLS<4> (heap=19408): ssl_tls.c:3016 0030: c0 30 00 9f c0 ad c0 9f c0 24 c0 28 00 6b c0 0a .0.......$.(.k..
TLS<4> (heap=19408): ssl_tls.c:3016 0040: c0 14 00 39 c0 af c0 a3 c0 87 c0 8b c0 7d c0 73 ...9.........}.s
TLS<4> (heap=19408): ssl_tls.c:3016 0050: c0 77 00 c4 00 88 c0 2b c0 2f 00 9e c0 ac c0 9e .w.....+./......
TLS<4> (heap=19408): ssl_tls.c:3016 0060: c0 23 c0 27 00 67 c0 09 c0 13 00 33 c0 ae c0 a2 .#.'.g.....3....
TLS<4> (heap=19408): ssl_tls.c:3016 0070: c0 86 c0 8a c0 7c c0 72 c0 76 00 be 00 45 00 ff .....|.r.v...E..
TLS<4> (heap=19408): ssl_tls.c:3016 0080: 01 00 00 41 00 0d 00 16 00 14 06 03 06 01 05 03 ...A............
TLS<4> (heap=19408): ssl_tls.c:3016 0090: 05 01 04 03 04 01 03 03 03 01 02 03 02 01 00 0a ................
TLS<4> (heap=19408): ssl_tls.c:3016 00a0: 00 0c 00 0a 00 18 00 1b 00 17 00 16 00 1a 00 0b ................
TLS<4> (heap=19408): ssl_tls.c:3016 00b0: 00 02 01 00 00 01 00 01 04 00 16 00 00 00 17 00 ................
TLS<4> (heap=19408): ssl_tls.c:3016 00c0: 00 00 23 00 00 ..#..
TLS<2> (heap=19408): ssl_tls.c:2574 => flush output
TLS<2> (heap=19408): ssl_tls.c:2593 message length: 197, out_left: 197
TLS<2> (heap=17864): ssl_tls.c:2599 ssl->f_send() returned 197 (-0xffffff3b)
TLS<2> (heap=17864): ssl_tls.c:2626 <= flush output
TLS<2> (heap=17864): ssl_tls.c:3025 <= write record
TLS<2> (heap=17864): ssl_cli.c:1100 <= write client hello
TLS<2> (heap=17864): ssl_cli.c:3400 client state: 2
TLS<2> (heap=17864): ssl_tls.c:2574 => flush output
TLS<2> (heap=17864): ssl_tls.c:2586 <= flush output
TLS<2> (heap=17864): ssl_cli.c:1493 => parse server hello
TLS<2> (heap=17864): ssl_tls.c:3904 => read record
TLS<2> (heap=17864): ssl_tls.c:2358 => fetch input
TLS<2> (heap=17864): ssl_tls.c:2516 in_left: 0, nb_want: 5
TLS<2> (heap=17864): ssl_tls.c:2540 in_left: 0, nb_want: 5
TLS<2> (heap=17864): ssl_tls.c:6860 <= handshake
TLS<2> (heap=19408): ssl_tls.c:6850 => handshake
TLS<2> (heap=19408): ssl_cli.c:3400 client state: 2
TLS<2> (heap=19408): ssl_tls.c:2574 => flush output
TLS<2> (heap=19408): ssl_tls.c:2586 <= flush output
TLS<2> (heap=19408): ssl_cli.c:1493 => parse server hello
TLS<2> (heap=19408): ssl_tls.c:3904 => read record
TLS<2> (heap=19408): ssl_tls.c:2358 => fetch input
TLS<2> (heap=19408): ssl_tls.c:2516 in_left: 0, nb_want: 5
TLS<2> (heap=19408): ssl_tls.c:2540 in_left: 0, nb_want: 5
TLS<2> (heap=19408): ssl_tls.c:2541 ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
TLS<2> (heap=19408): ssl_tls.c:2561 <= fetch input
TLS<4> (heap=19408): ssl_tls.c:3654 dumping 'input record header' (5 bytes)
TLS<4> (heap=19408): ssl_tls.c:3654 0000: 15 03 01 00 02 .....
TLS<3> (heap=19408): ssl_tls.c:3663 input record: msgtype = 21, version = [3:1], msglen = 2
TLS<2> (heap=19408): ssl_tls.c:2358 => fetch input
TLS<2> (heap=19408): ssl_tls.c:2516 in_left: 5, nb_want: 7
TLS<2> (heap=19408): ssl_tls.c:2540 in_left: 5, nb_want: 7
TLS<2> (heap=19408): ssl_tls.c:2541 ssl->f_recv(_timeout)() returned 2 (-0xfffffffe)
TLS<2> (heap=19408): ssl_tls.c:2561 <= fetch input
TLS<4> (heap=19408): ssl_tls.c:3833 dumping 'input record from network' (7 bytes)
TLS<4> (heap=19408): ssl_tls.c:3833 0000: 15 03 01 00 02 02 28 ......(
TLS<2> (heap=19408): ssl_tls.c:4246 got an alert message, type: [2:40]
TLS<1> (heap=19408): ssl_tls.c:4254 is a fatal alert message (msg 40)
TLS<1> (heap=19408): ssl_tls.c:3922 mbedtls_ssl_read_record_layer() returned -30592 (-0x7780)
TLS<1> (heap=19408): ssl_cli.c:1500 mbedtls_ssl_read_record() returned -30592 (-0x7780)
TLS<2> (heap=19408): ssl_tls.c:6860 <= handshake
client handshake failed!
Reason:[-0x7780]
Pushbullet 使用 SSL 证书 SNI. A certificate analysis is available at https://www.ssllabs.com/ssltest/analyze.html?d=api.pushbullet.com。
根据 NodeMCU TLS documentation Espressif SDK 不支持 SNI。
The TLS glue provided by Espressif provides no interface to TLS SNI. As such, NodeMCU TLS should not be expected to function with endpoints requiring the use of SNI, which is a growing fraction of the Internet...