Topic: SSL version error -326, TLS Connect Error: record layer version error
Using WolfSLL 5.3.1 since a few time on a STM32F411CE using the Arduino IDE and followed most of the instructions widely available. After spending some time i got success to setup a connection to gpsgadget.buienradar.nl, this works reliable.
Now I would like to report abuse port scanners to api.abuseipdb.com.
But the connection setup couldn't pass the setup the TLS connection.
I have checked by SSLlabs if api.abuseipdb.com supports the encryption on TLSv1.2, SSL cipher suite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 which is also used by gpsgadget.buienradar.nl and it should do.
Anyone any idea? I've read another post here on the forum about error -326, that was due an invalid header of the server. But i couldn't image that a server from a professional service still is not patched.
But the log from api.abuseipdb.com shows:
Memory usage after loading ctx:
Heap end at: 0x20008C98
Stack Ptr end at: 0x2001E9E8
Estimated Free RAM: 99984 wolfSSL ctx get: success
10:54:50 wolfSSLlog: 2, wolfSSL Entering wolfSSL_CTX_set_verify-> connecting to api.abuseipdb.com... Took: 57ms
Connected, continue to setup TLS to: api.abuseipdb.com
10:54:50 wolfSSLlog: 2, wolfSSL Entering SSL_new
10:54:50 wolfSSLlog: 3, wolfSSL Leaving SSL_new, return 0
Memory usage after getting SSL object:
Heap end at: 0x20008C98
Stack Ptr end at: 0x2001E9E8
Estimated Free RAM: 97684
10:54:50 wolfSSLlog: 2, wolfSSL Entering SSL_connect()
10:54:50 wolfSSLlog: 2, wolfSSL Entering SendClientHello
10:54:50 wolfSSLlog: 1, Adding signature algorithms extension
10:54:50 wolfSSLlog: 1, growing output buffer
10:54:50 wolfSSLlog: 1, Signature Algorithms extension to write
10:54:50 wolfSSLlog: 1, Point Formats extension to write
10:54:50 wolfSSLlog: 1, Supported Groups extension to write
10:54:50 wolfSSLlog: 1, Data to send
10:54:50 wolfSSLlog: 1, 16 03 03 00 65 01 00 00 61 03 03 83 46 65 2f 5c |....e...a...Fe/\
10:54:50 wolfSSLlog: 1, 44 16 5f b3 89 26 de 0b 6b a2 06 7e a7 9a 55 22 |D._..&..k..~..U"
10:54:50 wolfSSLlog: 1, 01 b0 22 f4 7e a2 66 c4 08 6f ba 00 00 14 c0 2b |..".~.f..o.....+
10:54:50 wolfSSLlog: 1, c0 2f c0 27 c0 23 c0 0a c0 09 c0 08 c0 14 c0 13 |./.'.#..........
10:54:50 wolfSSLlog: 1, c0 12 01 00 00 24 00 0d 00 0c 00 0a 04 03 02 03 |.....$..........
10:54:50 wolfSSLlog: 1, 08 04 04 01 02 01 00 0b 00 02 01 00 00 0a 00 0a |................
10:54:50 wolfSSLlog: 1, 00 08 00 19 00 18 00 17 00 15 |..........
10:54:50 wolfSSLlog: 1, SendBuffered() => 1 byte(s) message success
10:54:50 wolfSSLlog: 1, Shrinking output buffer
10:54:50 wolfSSLlog: 3, wolfSSL Leaving SendClientHello, return 0
10:54:50 wolfSSLlog: 1, ssl.c connect state: CLIENT_HELLO_SENT
10:54:50 wolfSSLlog: 1, Data received
10:54:50 wolfSSLlog: 1, 15 03 01 00 02 |.....
10:54:50 wolfSSLlog: 1, SSL version error
10:54:50 wolfSSLlog: 2, wolfSSL Entering SendAlert
10:54:51 wolfSSLlog: 1, growing output buffer
10:54:51 wolfSSLlog: 1, Data to send
10:54:51 wolfSSLlog: 1, 15 03 03 00 02 02 46 |......F
10:54:51 wolfSSLlog: 1, SendBuffered() => 1 byte(s) message success
10:54:51 wolfSSLlog: 1, Shrinking output buffer
10:54:51 wolfSSLlog: 3, wolfSSL Leaving SendAlert, return 0
10:54:51 wolfSSLlog: 0, wolfSSL error occurred, error = -326
10:54:51 wolfSSLlog: 2, wolfSSL Entering SSL_get_error
10:54:51 wolfSSLlog: 3, wolfSSL Leaving SSL_get_error, return -326
10:54:51 wolfSSLlog: 2, wolfSSL Entering wolfSSL_ERR_error_string_n
10:54:51 wolfSSLlog: 2, wolfSSL Entering ERR_error_string
ERROR: Report2AbuseIPDB; TLS Connect Error: record layer version error
10:54:51 wolfSSLlog: 2, wolfSSL Entering SSL_shutdown()
10:54:51 wolfSSLlog: 3, wolfSSL Leaving SSL_shutdown(), return -1
cleanup TLS connection
10:54:51 wolfSSLlog: 2, wolfSSL Entering SSL_free
10:54:51 wolfSSLlog: 1, Free'ing client ssl
10:54:51 wolfSSLlog: 1, CTX ref count not 0 yet, no free
10:54:51 wolfSSLlog: 3, wolfSSL Leaving SSL_free, return 0
SSL object cleared
10:54:51 wolfSSLlog: 2, wolfSSL Entering SSL_CTX_free
10:54:51 wolfSSLlog: 1, CTX ref count down to 0, doing full free
10:54:51 wolfSSLlog: 2, wolfSSL Entering wolfSSL_CertManagerFree
10:54:51 wolfSSLlog: 3, wolfSSL Leaving SSL_CTX_free, return 0