Skip to content

Commit

Permalink
fix(dns): Config for dynamic DNS sorting so AF_UNSPEC works in IPv6-o…
Browse files Browse the repository at this point in the history
…nly network

This fix adds a KConfig option to enable the LWIP dynamic DNS selection,
based on the addresses available on the device, allowing a device
with both IPv4 and IPv6 enabled to work in any network configuration,
including IPv4-only, IPv6-only, and dual-stack.

The example is also updated with instructions to turn on TLS and DNS logging,
and example output updated to show the IPv4 and IPv6 addresses being used.
  • Loading branch information
sgryphon committed Mar 13, 2024
1 parent 28fd76e commit 2e3bcc8
Show file tree
Hide file tree
Showing 6 changed files with 169 additions and 27 deletions.
10 changes: 10 additions & 0 deletions components/lwip/Kconfig
Original file line number Diff line number Diff line change
Expand Up @@ -1104,6 +1104,16 @@ menu "LWIP"
help
This option allows you to config dns fallback server address.

config LWIP_DNS_DYNAMIC_SORT
bool "Dynamically sort DNS results"
default n
help
Dynamically sorts DNS results by available source addresses (based on RFC 6724).
This allows a device to return results based on the current network
and work across IPv4-only, IPv6-only, and dual-stack networks.
If this option is disabled, DNS results have a static preference for IPv4,
which will work in most cases but fails for some network configurations

endmenu # DNS

config LWIP_BRIDGEIF_MAX_PORTS
Expand Down
2 changes: 1 addition & 1 deletion components/lwip/lwip
Submodule lwip updated 1 files
+27 −0 src/api/netdb.c
10 changes: 10 additions & 0 deletions components/lwip/port/include/lwipopts.h
Original file line number Diff line number Diff line change
Expand Up @@ -499,6 +499,16 @@ static inline uint32_t timeout_from_offered(uint32_t lease, uint32_t min)
#define LWIP_DNS_SUPPORT_MDNS_QUERIES 0
#endif

/**
* LWIP_DNS_DYNAMIC_SORT==1: Dynamically sorts DNS results by available source addresses.
* This option is set via menuconfig.
*/
#ifdef CONFIG_LWIP_DNS_DYNAMIC_SORT
#define LWIP_DNS_DYNAMIC_SORT 1
#else
#define LWIP_DNS_DYNAMIC_SORT 0
#endif

/*
---------------------------------
---------- UDP options ----------
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -460,6 +460,16 @@ menu "Example Connection Configuration"
Note that the dhcpv6 client has to be started using dhcp6_enable_stateless(netif);
Note that the stateful address autoconfiguration is not supported.

config LWIP_DNS_DYNAMIC_SORT
bool "Dynamically sort DNS results"
default y
help
Dynamically sorts DNS results by available source addresses (based on RFC 6724).
This allows a device to return results based on the current network
and work across IPv4-only, IPv6-only, and dual-stack networks.
If this option is disabled, DNS results have a static preference for IPv4,
which will work in most cases but fails for some network configurations

endif


Expand Down
161 changes: 135 additions & 26 deletions examples/protocols/https_request/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,14 @@ Before project configuration and build, be sure to set the correct chip target u
```
idf.py menuconfig
```

Open the project configuration menu (`idf.py menuconfig`) to configure Wi-Fi or Ethernet. See "Establishing Wi-Fi or Ethernet Connection" section in [examples/protocols/README.md](../../README.md) for more details.

For additional logging of TLS and DNS, in project configuration:

* `Component config` -> `Log output` -> `Maximum log verbosity`, select `Debug`
* `Component config` -> `LWIP` -> `Enable LWIP Debug` -> `Enable DNS debug messages`, enable

#### Configuring Client Session Tickets

Note: This example has client session tickets enabled by default.
Expand All @@ -54,36 +60,139 @@ See the Getting Started Guide for full steps to configure and use ESP-IDF to bui

## Example Output

Run on a dual-stack network with DNS64/NAT64 available, and with DNS logging turned on.

At the time of the first check the device has an IPv4 global address, but only link-local IPv6, so even though DNS64 returns both IPv4 and IPv6 addresses, the IPv4 address is used as it has a matching scope.

By the time of the second check, the device has received IPv6 RA (router advertisement) prefixes and configured IPv6 addresses. Both addresses have matching scopes and labels, so DNS precedence rules use the IPv6 NAT64 address.

```
I (5634) example_connect: - IPv4 address: 192.168.194.219
I (5634) example_connect: - IPv6 address: fe80:0000:0000:0000:266f:28ff:fe80:2c74, type: ESP_IP6_ADDR_IS_LINK_LOCAL
I (5644) example: Start https_request example
I (5654) example: https_request using crt bundle
W (6514) wifi:<ba-add>idx:1 (ifx:0, ee:6d:19:60:f6:0e), tid:4, ssn:0, winSize:64
I (7074) esp-x509-crt-bundle: Certificate validated
I (9384) example: Connection established...
I (9384) example: 107 bytes written
I (9384) example: Reading HTTP response...
I (843) example_connect: Connecting to Astral...
I (843) example_connect: Waiting for IP(s)
I (3263) wifi:new:<1,0>, old:<1,0>, ap:<255,255>, sta:<1,0>, prof:1
I (3513) wifi:state: init -> auth (b0)
I (3523) wifi:state: auth -> assoc (0)
I (3543) wifi:state: assoc -> run (10)
I (3553) wifi:connected with Astral, aid = 7, channel 1, BW20, bssid = c0:56:27:73:4b:14
I (3553) wifi:security: WPA2-PSK, phy: bgn, rssi: -58
I (3553) wifi:pm start, type: 1
I (3553) wifi:dp: 1, bi: 102400, li: 3, scale listen interval from 307200 us to 307200 us
I (3583) wifi:dp: 2, bi: 102400, li: 4, scale listen interval from 307200 us to 409600 us
I (3583) wifi:AP's beacon interval = 102400 us, DTIM period = 2
I (4633) example_connect: Got IPv6 event: Interface "example_netif_sta" address: fe80:0000:0000:0000:0a3a:f2ff:fe65:db28, type: ESP_IP6_ADDR_IS_LINK_LOCAL
I (5063) esp_netif_handlers: example_netif_sta ip: 192.168.1.146, mask: 255.255.255.0, gw: 192.168.1.1
I (5063) example_connect: Got IPv4 event: Interface "example_netif_sta" address: 192.168.1.146
I (5073) example_common: Connected to example_netif_sta
I (5073) example_common: - IPv4 address: 192.168.1.146,
I (5083) example_common: - IPv6 address: fe80:0000:0000:0000:0a3a:f2ff:fe65:db28, type: ESP_IP6_ADDR_IS_LINK_LOCAL
I (5093) example: Updating time from NVS
I (5103) example: Start https_request example
I (5103) example: https_request using crt bundle
D (5103) esp-tls: host:www.howsmyssl.com: strlen 17
dns_enqueue: "www.howsmyssl.com": use DNS entry 0
dns_enqueue: "www.howsmyssl.com": use DNS pcb 0
I (5123) main_task: Returned from app_main()
dns_send: dns_servers[0] "www.howsmyssl.com": request
sending DNS request ID 22389 for name "www.howsmyssl.com" to server 0
dns_recv: "www.howsmyssl.com": response = 64:ff9b:0:0:0:0:2247:2dc8
dns_enqueue: "www.howsmyssl.com": use DNS entry 1
dns_enqueue: "www.howsmyssl.com": use DNS pcb 0
dns_send: dns_servers[0] "www.howsmyssl.com": request
sending DNS request ID 50477 for name "www.howsmyssl.com" to server 0
dns_recv: "www.howsmyssl.com": response = 34.71.45.200
dns_select: selecting from 2 candidates
dns_select: precedence labels flags 0x0013, ipv6 scopes flags 0x0004, ipv4 scopes flags 0x4004
dns_select: rule 2, cand_0 scope (14) match 0, cand_1 scope (14) match 1
D (5233) esp-tls: [sock=54] Resolved IPv4 address: 34.71.45.200
D (5243) esp-tls: [sock=54] Connecting to server. HOST: www.howsmyssl.com/a/check, Port: 443
D (5643) esp-tls: handshake in progress...
I (6103) esp-x509-crt-bundle: Certificate validated
dns_tmr: dns_check_entries
dns_tmr: dns_check_entries
I (7383) example: Connection established...
I (7393) example: 106 bytes written
I (7393) example: Reading HTTP response...
I (7633) example_connect: Got IPv6 event: Interface "example_netif_sta" address: 2407:8800:bc61:1340:0a3a:f2ff:fe65:db28, type: ESP_IP6_ADDR_IS_GLOBAL
I (7633) example_connect: Got IPv6 event: Interface "example_netif_sta" address: fd7c:e25e:67e8:0040:0a3a:f2ff:fe65:db28, type: ESP_IP6_ADDR_IS_UNIQUE_LOCAL
dns_tmr: dns_check_entries
HTTP/1.1 200 OK
Content-Length: 2091
Access-Control-Allow-Origin: *
Connection: close
Content-Length: 2545
Content-Type: application/json
Date: Tue, 07 Sep 2021 08:30:00 GMT
Strict-Transport-Security: max-age=631138519; includeSubdomains; preload
{"given_cipher_suites":["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_DHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_CCM","TLS_DHE_RSA_WITH_AES_256_CCM","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_AES_
256_CBC_SHA384","TLS_DHE_RSA_WITH_AES_256_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","TLS_DHE_RSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8","TLS_DHE_RSA_WITH_AES_256_CCM_8","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_DHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CCM","TLS_DHE_RSA_WITH_AES_128_CCM","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","TLS_DHE
_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","TLS_DHE_RSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_ECDSA
_WITH_AES_128_CCM_8","TLS_DHE_RSA_WITH_AES_128_CCM_8","TLS_RSA_WITH_AES_256_GCM_SHA384","TLS_RSA_WITH_AES_256_CCM","TLS_RSA_WITH_AES_256_CBC_SHA256","TLS_RSA_WITH_AES_256_CBC_SHA","TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384","TLS_ECDH_RSA_WITH_AES_256_CBC_SHA","TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA","TLS_RSA_WITH_AES_256_CCM_8","TLS_RSA_WITH_AES_128_GCM_SHA256","TLS_RSA_WITH_AES_128_CCM","TLS_RS
A_WITH_AES_128_CBC_SHA256","TLS_RSA_WITH_AES_128_CBC_SHA","TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDH_RSA_WITH_AES_128_CBC_SHA","TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA","TLS_RSA_WITH_AES_128_CCM_8","TLS_EMPTY_RENEGOTIATION_INFO_SCSV"],"ephemeral_keys_supported":true,"session_ticket_supported":true,"tls_compression_supported":false,"unknown_cipher_suite_supported":false,"beast_vuln":fal
se,"able_to_detect_n_minus_one_splitting":false,"insecure_cipher_suites":{},"tls_version":"TLS 1.2","rating":"Probably Okay"}
I (10204) example: connection closed
I (10204) example: 10...
I (11204) example: 9...
I (12204) example: 8...
I (13204) example: 7...
I (14204) example: 6...
I (15204) example: 5...
I (16204) example: 4...
Vary: Accept-Encoding
Date: Tue, 27 Feb 2024 22:11:22 GMT
{"given_cipher_suites":["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_CCM","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_
CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8","TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CCM","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_RSA_WITH_AE
S_128_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8","TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH
dns_tmr: dns_check_entries
_ARIA_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256","TLS_RSA_WITH_AES_256_GCM_SHA384","TLS_RSA_WITH_AES_256_CCM","TLS_RSA_WITH_AES_256_CBC_SHA256","TLS_RSA_WITH_AES_256_CBC_SHA","TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384","TLS_ECDH_RSA_WITH_AES_256_CBC_SHA","TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA","TLS_RSA_WITH_AES_256_CCM_8","TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384","TLS_ECDH_RSA_WIT
H_ARIA_256_GCM_SHA384","TLS_RSA_WITH_ARIA_256_GCM_SHA384","TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384","TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384","TLS_RSA_WITH_ARIA_256_CBC_SHA384","TLS_RSA_WITH_AES_128_GCM_SHA256","TLS_RSA_WITH_AES_128_CCM","TLS_RSA_WITH_AES_128_CBC_SHA256","TLS_RSA_WITH_AES_128_CBC_SHA","TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDH_RSA_WITH_AES_128_CBC_SHA","TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDH_ECDS
A_WITH_AES_128_CBC_SHA","TLS_RSA_WITH_AES_128_CCM_8","TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256","TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256","TLS_RSA_WITH_ARIA_128_GCM_SHA256","TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256","TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256","TLS_RSA_WITH_ARIA_128_CBC_SHA256","TLS_EMPTY_RENEGOTIATION_INFO_SCSV"],"ephemeral_keys_supported":true,"session_ticket_supported":true,"tls_compression_supported":false,"unknown_cipher_suite_supported":false,"beast_vuln":false,"able_to_detect_n_minus_one_spl
itting":false,"insecure_cipher_suites":{},"tls_version":"TLS 1.2","rating":"Probably Okay"}
I (9463) example: connection closed
I (9473) example: 10...
dns_tmr: dns_check_entries
I (10473) example: 9...
dns_tmr: dns_check_entries
I (11473) example: 8...
dns_tmr: dns_check_entries
I (12473) example: 7...
dns_tmr: dns_check_entries
I (13473) example: 6...
dns_tmr: dns_check_entries
I (14473) example: 5...
dns_tmr: dns_check_entries
I (15473) example: 4...
dns_tmr: dns_check_entries
I (16473) example: 3...
dns_tmr: dns_check_entries
I (17473) example: 2...
dns_tmr: dns_check_entries
I (18473) example: 1...
dns_tmr: dns_check_entries
I (19473) example: 0...
dns_tmr: dns_check_entries
I (20473) example: Minimum free heap size: 181364 bytes
I (20473) example: https_request using cacert_buf
D (20473) esp-tls: host:www.howsmyssl.com: strlen 17
dns_lookup: "www.howsmyssl.com": found = 64:ff9b:0:0:0:0:2247:2dc8
dns_lookup: "www.howsmyssl.com": found = 34.71.45.200
dns_select: selecting from 2 candidates
dns_select: precedence labels flags 0x2013, ipv6 scopes flags 0x4004, ipv4 scopes flags 0x4004
dns_select: rule 2, cand_0 scope (14) match 1, cand_1 scope (14) match 1
dns_select: rule 5, cand_0 label (1) match 1, cand_1 label (4) match 1
dns_select: rule 6, cand_0 precedence 40, cand_1 precedence 35
D (20513) esp-tls: [sock=54] Resolved IPv6 address: 64:FF9B::2247:2DC8
D (20523) esp-tls: [sock=54] Connecting to server. HOST: www.howsmyssl.com/a/check, Port: 443
D (20903) esp-tls: handshake in progress...
dns_tmr: dns_check_entries
dns_tmr: dns_check_entries
I (22753) example: Connection established...
I (22753) example: 106 bytes written
I (22753) example: Reading HTTP response...
dns_tmr: dns_check_entries
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Connection: close
Content-Length: 2545
Content-Type: application/json
Strict-Transport-Security: max-age=631138519; includeSubdomains; preload
Vary: Accept-Encoding
Date: Tue, 27 Feb 2024 22:11:37 GMT
{"given_cipher_suites":["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_CCM","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_
CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8","TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CCM","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_RSA_WITH_AE
S_128_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8","TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH
_ARIA_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256","TLS_RSA_WITH_AES_256_GCM_SHA384","TLS_RSA_WITH_AES_256_CCM","TLS_RSA_WITH_AES_256_CBC_SHA256","TLS_RSA_WITH_AES_256_CBC_SHA","TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384","TLS_ECDH_RSA_WITH_AES_256_CBC_SHA","TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA","TLS_RSA_WITH_AES_256_CCM_8","TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384","TLS_ECDH_RSA_WIT
H_ARIA_256_GCM_SHA384","TLS_RSA_WITH_ARIA_256_GCM_SHA384","TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384","TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384","TLS_RSA_WITH_ARIA_256_CBC_SHA384","TLS_RSA_WITH_AES_128_GCM_SHA256","TLS_RSA_WITH_AES_128_CCM","TLS_RSA_WITH_AES_128_CBC_SHA256","TLS_RSA_WITH_AES_128_CBC_SHA","TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDH_RSA_WITH_AES_128_CBC_SHA","TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDH_ECDS
A_WITH_AES_128_CBC_SHA","TLS_RSA_WITH_AES_128_CCM_8","TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256","TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256","TLS_RSA_WITH_ARIA_128_GCM_SHA256","TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256","TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256","TLS_RSA_WITH_ARIA_128_CBC_SHA256","TLS_EMPTY_RENEGOTIATION_INFO_SCSV"],"ephemeral_keys_supported":true,"session_ticket_supported":true,"tls_compression_supported":false,"unknown_cipher_suite_supported":false,"beast_vuln":false,"able_to_detect_n_minus_one_spl
itting":false,"insecure_cipher_suites":{},"tls_version":"TLS 1.2","rating":"Probably Okay"}
I (23393) example: connection closed
I (23393) example: 10...
dns_tmr: dns_check_entries
I (24393) example: 9...
```
Original file line number Diff line number Diff line change
Expand Up @@ -298,6 +298,9 @@ static void https_request_task(void *pvparameters)

void app_main(void)
{
// Enable debug logging for esp-tls (if Maximum log verbosity is set in menuconfig)
esp_log_level_set("esp-tls", ESP_LOG_DEBUG);

ESP_ERROR_CHECK(nvs_flash_init());
ESP_ERROR_CHECK(esp_netif_init());
ESP_ERROR_CHECK(esp_event_loop_create_default());
Expand Down

0 comments on commit 2e3bcc8

Please sign in to comment.