안녕하세요 TLS 을 참고로 포팅후 테스트중에 있습니다.
서버세팅에는 문제가 없는듯한데 계속 ssl->f_recv(_timeout)() returned 0 (-0x0000)
타임아웃이 되면서 TLS connect 가 하지를 못하네요. 어디가 문제인지 가늠을 못하겠습니다.
config.h 와 스택사이즈를 조절하였음에도 현상은 동일합니다.
[SOCKET]After getSn_CR()
init connect ret = 1 sn = 0
. Performing the SSL/TLS handshake…=> handshake
handshake: 536992008
client state: 0
=> flush output
<= flush output
handshake: 536992008
client state: 1
=> flush output
<= flush output
=> write client hello
client hello, max version: [3:3]
dumping ‘client hello, random bytes’ (32 bytes)
0000: cb 4e 3e a4 39 a1 32 11 92 4f 3b d8 2e ae 01 02 .N>.9.2…O;…
0010: f7 9f 85 b8 f0 c8 18 e1 ab 10 e9 ce c9 47 60 cc …G`.
client hello, session id len.: 0
dumping ‘client hello, session id’ (0 bytes)
client hello, add ciphersuite: 009c
client hello, add ciphersuite: 003d
client hello, add ciphersuite: 009d
client hello, add ciphersuite: c028
client hello, add ciphersuite: c013
client hello, add ciphersuite: c02f
client hello, got 6 ciphersuites (excluding SCSVs)
adding EMPTY_RENEGOTIATION_INFO_SCSV
client hello, compress len.: 1
client hello, compress alg.: 0
client hello, adding signature_algorithms extension
client hello, adding supported_elliptic_curves extension
client hello, adding supported_point_formats extension
client hello, total extension length: 56
=> write record
output record: msgtype = 22, version = [3:3], msglen = 115
=> flush output
message length: 120, out_left: 120
Port:[0]/Send(120) :
ssl->f_send() returned 120 (-0xffffff88)
<= flush output
<= write record
<= write client hello
handshake: 536992008
client state: 2
=> flush output
<= flush output
=> parse server hello
=> read record
=> fetch input
in_left: 0, nb_want: 5
SOCK_IO_MODE : 0x0000
Port:[0]/Recv(5)[0]:
in_left: 0, nb_want: 5
ssl->f_recv(_timeout)() returned 0 (-0x0000)
22 line = 2431
mbedtls_ssl_fetch_input() returned -29312 (-0x7280)
mbedtls_ssl_read_record_layer() returned -29312 (-0x7280)
mbedtls_ssl_read_record() returned -29312 (-0x7280)
<= handshake
- failed*
- ! mbedtls_ssl_handshake returned -29312: SSL - The connection indicated an EOF*
=====
서버에 등록한 인증서의 정보는 다음과 같습니다.
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
** Protocol : TLSv1.2**
** Cipher : ECDHE-RSA-AES256-GCM-SHA384**
** Session-ID: 59D32182C1610C2E26C57ABC0D2F8A84E5FF52CF14196A58A5EC7CDF9229BA57**
** Session-ID-ctx:**
** Master-Key: 707C70A3EE9E14A5B4B582B2142BC44402BDBD3CCC8BDDF3AE88EACD5077ABB920F01C830C10BA598B240878FECCA82E**
** Key-Arg : None**
** PSK identity: None**
** PSK identity hint: None**
** SRP username: None**
** Start Time: 1620291535**
** Timeout : 300 (sec)**
** Verify return code: 20 (unable to get local issuer certificate)**
—
