sdk-5.2: mbedtls_open library bug

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
AxLi_1746341
Level 7
Level 7
10 comments on KBA 5 comments on KBA First comment on KBA

I found httpbin snip fails to connect server in FreeRTOS+debug build.

And then I trace to below problem: (with some of my debug print)

[18:31:04:726] Resolving IP address of www.httpbin.org␍␊

[18:31:04:980] www.httpbin.org is at 54.197.228.226␍␊

[18:31:05:019] Connecting to www.httpbin.org␍␊

[18:31:05:349] [mbedtls_ssl_handshake_client_step()] : [3399] : TLS Handshake state : 0 ␍␊

[18:31:05:385] #RET=0␍␊

[18:31:05:385] [mbedtls_ssl_handshake_client_step()] : [3399] : TLS Handshake state : 1 ␍␊

[18:31:05:385] #RET=0␍␊

[18:31:05:385] [mbedtls_ssl_handshake_client_step()] : [3399] : TLS Handshake state : 2 ␍␊

[18:31:05:719] #RET=0␍␊

[18:31:05:723] [mbedtls_ssl_handshake_client_step()] : [3399] : TLS Handshake state : 3 ␍␊

[18:31:05:980] #RET=0␍␊

[18:31:05:983] [mbedtls_ssl_handshake_client_step()] : [3399] : TLS Handshake state : 4 ␍␊

[18:31:06:236] [mbedtls_ssl_handshake_client_step()] : [3465] : Parse MBEDTLS_SSL_SERVER_KEY_EXCHANGE DONE : 0 ␍␊

[18:31:06:248] #RET=0␍␊

[18:31:06:248] [mbedtls_ssl_handshake_client_step()] : [3399] : TLS Handshake state : 5 ␍␊

[18:31:06:278] [mbedtls_ssl_handshake_client_step()] : [3472] : Parse MBEDTLS_SSL_CERTIFICATE_REQUEST DONE : 0 ␍␊

[18:31:06:278] #RET=0␍␊

[18:31:06:278] [mbedtls_ssl_handshake_client_step()] : [3399] : TLS Handshake state : 6 ␍␊

[18:31:06:278] ssl_parse_server_hello_done: Begin ret=134523681 ssl->record_read=1␍␊

[18:31:06:278] ssl_parse_server_hello_done: End ret=134523681␍␊

[18:31:06:278] [mbedtls_ssl_handshake_client_step()] : [3479] : Parse MBEDTLS_SSL_SERVER_HELLO_DONE DONE : 134523681 ␍␊

[18:31:06:293] #RET=134523681␍␊

[18:31:06:293] failed␍␊

[18:31:06:293]   ! mbedtls_ssl_handshake returned -0x804ab21␍␊

[18:31:06:305] netconn_connect start_tls=4␍␊

[18:31:06:305] Discon failed to connect to serve␍rConnected to www.httpbin.org␍␊

[18:31:06:313] Connected to www.httpbin.org␊

[18:31:06:323] erver: 4␍␊

So obviously, the returned error is the valure of uninitialized ret variable in

ssl_parse_server_hello_done(). (ret=134523681 is 0x804ab21 in hex)

I don't think init ret to 0 is a correct fix, I'm not expert in this part,

maybe someone from cypress can take a look and provide the fix.

I'm also wondering if Cypress can upgrade the mbedTLS from v2.4.0 to v2.6.0 (latest stable version).

1 Solution

Issue is not observed in WICED SDK 6.0.

View solution in original post

4 Replies
GauravS_31
Moderator
Moderator
Moderator
10 questions asked 250 solutions authored 250 sign-ins

I could not reproduce this issue when I tested snip.httpbin_org using the build statement snip.httpbin_org-BCM943438WCD1-FreeRTOS-LwIP-debug download download_apps. Can you explain how you reproduced the issue?

0 Likes

If you read my post you should be able to know the problem is returning

uninitialized local variable.

If the uninitialized local variable is happend to 0, you won't hit this issue.

You can probably explictly init it to some random value e.g. 1234 then you

can 100% hit this problem.

0 Likes

Issue was reproduced after enabling the macro MBEDTLS_DEBUG_C and building as snip.httpbin_org-BCM943438WCD1-debug download download_apps. I raised a ticket on the same.

0 Likes

Issue is not observed in WICED SDK 6.0.