libcurl2rtt包使用DNS问题

发布于 2020-06-18 09:15:44
Hello 各位RTT的大神指教一下:
1.移植的libcurl2rtt包,dns服务总是过不了,直接ping www.rt-thread.com都能通.
msh />curl --verbose -k --capath ./ https://www.rt-thread.com/service/rt-thread.txt
* timeout on name lookup is not supported
* Curl_ipv4_resolve_r failed for www.rt-thread.com
* Couldn't resolve host 'www.rt-thread.com'
* Closing connection 0
curl: (6) Couldn't resolve host 'www.rt-thread.com'

msh />ping www.rt-thread.com
60 bytes from 118.31.15.152 icmp_seq=0 ttl=49 time=60 ms
60 bytes from 118.31.15.152 icmp_seq=1 ttl=49 time=30 ms
60 bytes from 118.31.15.152 icmp_seq=2 ttl=49 time=30 ms
60 bytes from 118.31.15.152 icmp_seq=3 ttl=49 time=30 ms



查看更多

关注者
0
被浏览
355
4 个回答
liu2guang
liu2guang 认证专家 2020-06-18
在qemu中测试,证书DIGICERT_ROOT_CA.cer放到 ./ 目录下调用 curl --verbose -k --capath ./ 是没有问题的。你试试qemu跑把
111.png
aozima
aozima 2020-06-18
拒绝白嫖,拒绝键盘侠!
楼主这里好像是dns解析不出来,还没到证书那阶段。
芋圆源钰
芋圆源钰 2020-06-19
liu2guang 发表于 2020-6-18 12:52
在qemu中测试,证书DIGICERT_ROOT_CA.cer放到 ./ 目录下调用 curl --verbose -k --capath ./ https://www.r ...


谢谢你的回复,
1.我这里是DNS解析不了.
2.你图里面执行时加了-k参数是跳过证书了额.
芋圆源钰
芋圆源钰 2020-06-19
aozima 发表于 2020-6-18 15:15
楼主这里好像是dns解析不出来,还没到证书那阶段。


是的呢,直接ping www.rt-thread.com都能正常解析.
不清楚是否这个包的那个配置有问题.还请指教.
芋圆源钰
芋圆源钰 2020-07-01
    本帖最后由 aozima 于 2020-7-1 21:17 编辑


查了一周,还是老老实实跟代码发先就是一个宏的问题.
+++ b/source/ekernel/subsys/net/rt-thread/net_tools/netutils-master/libcurl2rtt-latest/curl/curl_config.h
@@ -30,7 +30,7 @@
#define HAVE_FCNTL_O_NONBLOCK 1

/* Define to 1 if you have the gethostbyname_r function. */
-#define HAVE_GETHOSTBYNAME_R 1
+//#define HAVE_GETHOSTBYNAME_R 1


注释后测试已正常:
msh />curl --verbose -k --capath ./
* timeout on name lookup is not supported
* Trying 118.31.15.152:443...
* TCP_NODELAY set
* Connected to www.rt-thread.com () port 443 (#0)
* mbedTLS: Connecting to www.rt-thread.com:443
* mbedTLS: Set min SSL version to TLS 1.0
* mbedTLS: Handshake complete, cipher is TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
* Dumping cert info:
* cert. version : 3
* serial number : 06:43:FD:59:D0:4D:C8:94:2F:54:BA:AF:82:55:72:0E
* issuer name : C=US, O=DigiCert Inc, OU=www.digicert.com, CN=Encryption Everywhere DV TLS CA - G1
* subject name : CN=www.rt-thread.com
* issued on : 2020-06-21 00:00:00
* expires on : 2021-06-22 12:00:00
* signed using : RSA with SHA-256
* RSA key size : 2048 bits
* basic constraints : CA=false
* subject alt name : www.rt-thread.com, rt-thread.com
* key usage : Digital Signature, Key Encipherment
* ext key usage : TLS Web Server Authentication, TLS Web Client Authentication

* SSL connected
> GET /service/rt-thread.txt HTTP/1.1
> Host: www.rt-thread.com
> User-Agent: curl/7.67.0-DEV
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Server: nginx/1.10.3 (Ubuntu)
< Date: Wed, 01 Jul 2020 07:50:41 GMT
< Content-Type: text/plain
< Content-Length: 267
< Connection: keep-alive
< Last-Modified: Tue, 18 Sep 2018 03:55:48 GMT
< ETag: "10b-5761d43d95900"
< Accept-Ranges: bytes
< Vary: Accept-Encoding
<
RT-Thread is an open source IoT operating system from China, which has strong scalability: from a tiny kernel running on a tiny core, for example ARM Cortex-M0, or Cortex-M3/4/7, to a rich feature system running on MIPS32, ARM Cortex-A8, ARM Cortex-A9 DualCore etc.

发现一个新问题:
直接用ip地址代替rt-thread.com出现301返回码?
msh />curl --verbose -k --capath ./ https://118.31.15.152/service/rt-thread.txt
* timeout on name lookup is not supported
* Trying 118.31.15.152:443...
* TCP_NODELAY set
* Connected to 118.31.15.152 () port 443 (#0)
* mbedTLS: Connecting to 118.31.15.152:443
* mbedTLS: Set min SSL version to TLS 1.0
* mbedTLS: Handshake complete, cipher is TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
* Dumping cert info:
* cert. version : 3
* serial number : 09:2F:6D:AE:96:EC:D7:D0:24:55:D2:F5:64:20:50:23
* issuer name : C=US, O=DigiCert Inc, OU=www.digicert.com, CN=RapidSSL RSA CA 2018
* subject name : CN=*.rt-thread.org
* issued on : 2020-06-05 00:00:00
* expires on : 2021-06-05 12:00:00
* signed using : RSA with SHA-256
* RSA key size : 2048 bits
* basic constraints : CA=false
* subject alt name : *.rt-thread.org, rt-thread.org
* key usage : Digital Signature, Key Encipherment
* ext key usage : TLS Web Server Authentication, TLS Web Client Authentication

* SSL connected
> GET /service/rt-thread.txt HTTP/1.1
> Host: 118.31.15.152
> User-Agent: curl/7.67.0-DEV
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Server: nginx/1.10.3 (Ubuntu)
< Date: Wed, 01 Jul 2020 07:43:17 GMT
< Content-Type: text/html
< Content-Length: 194
< Connection: keep-alive
< Location: https://www.rt-thread.org/service/rt-thread.txt
< Strict-Transport-Security: max-age=1800; includeSubdomains; preload
<

301 Moved Permanently

301 Moved Permanently



nginx/1.10.3 (Ubuntu)



* Connection #0 to host 118.31.15.152 left intact
aozima
aozima 2020-07-01
拒绝白嫖,拒绝键盘侠!
发现一个新问题:
直接用ip地址代替rt-thread.com出现301返回码?


记得别的贴子和你说了,https的SNI问题

撰写答案

请登录后再发布答案,点击登录

发布
问题

分享
好友

手机
浏览

扫码手机浏览