sdk-5.2: mbedtls_open library bug

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
AxLi_1746341
Level 7
Level 7
10 comments on KBA 5 comments on KBA First comment on KBA

I found httpbin snip fails to connect server in FreeRTOS+debug build.

And then I trace to below problem: (with some of my debug print)

[18:31:04:726] Resolving IP address of www.httpbin.org␍␊

[18:31:04:980] www.httpbin.org is at 54.197.228.226␍␊

[18:31:05:019] Connecting to www.httpbin.org␍␊

[18:31:05:349] [mbedtls_ssl_handshake_client_step()] : [3399] : TLS Handshake state : 0 ␍␊

[18:31:05:385] #RET=0␍␊

[18:31:05:385] [mbedtls_ssl_handshake_client_step()] : [3399] : TLS Handshake state : 1 ␍␊

[18:31:05:385] #RET=0␍␊

[18:31:05:385] [mbedtls_ssl_handshake_client_step()] : [3399] : TLS Handshake state : 2 ␍␊

[18:31:05:719] #RET=0␍␊

[18:31:05:723] [mbedtls_ssl_handshake_client_step()] : [3399] : TLS Handshake state : 3 ␍␊

[18:31:05:980] #RET=0␍␊

[18:31:05:983] [mbedtls_ssl_handshake_client_step()] : [3399] : TLS Handshake state : 4 ␍␊

[18:31:06:236] [mbedtls_ssl_handshake_client_step()] : [3465] : Parse MBEDTLS_SSL_SERVER_KEY_EXCHANGE DONE : 0 ␍␊

[18:31:06:248] #RET=0␍␊

[18:31:06:248] [mbedtls_ssl_handshake_client_step()] : [3399] : TLS Handshake state : 5 ␍␊

[18:31:06:278] [mbedtls_ssl_handshake_client_step()] : [3472] : Parse MBEDTLS_SSL_CERTIFICATE_REQUEST DONE : 0 ␍␊

[18:31:06:278] #RET=0␍␊

[18:31:06:278] [mbedtls_ssl_handshake_client_step()] : [3399] : TLS Handshake state : 6 ␍␊

[18:31:06:278] ssl_parse_server_hello_done: Begin ret=134523681 ssl->record_read=1␍␊

[18:31:06:278] ssl_parse_server_hello_done: End ret=134523681␍␊

[18:31:06:278] [mbedtls_ssl_handshake_client_step()] : [3479] : Parse MBEDTLS_SSL_SERVER_HELLO_DONE DONE : 134523681 ␍␊

[18:31:06:293] #RET=134523681␍␊

[18:31:06:293] failed␍␊

[18:31:06:293]   ! mbedtls_ssl_handshake returned -0x804ab21␍␊

[18:31:06:305] netconn_connect start_tls=4␍␊

[18:31:06:305] Discon failed to connect to serve␍rConnected to www.httpbin.org␍␊

[18:31:06:313] Connected to www.httpbin.org␊

[18:31:06:323] erver: 4␍␊

So obviously, the returned error is the valure of uninitialized ret variable in

ssl_parse_server_hello_done(). (ret=134523681 is 0x804ab21 in hex)

I don't think init ret to 0 is a correct fix, I'm not expert in this part,

maybe someone from cypress can take a look and provide the fix.

I'm also wondering if Cypress can upgrade the mbedTLS from v2.4.0 to v2.6.0 (latest stable version).

1 Solution

Issue is not observed in WICED SDK 6.0.

View solution in original post

4 Replies