Closed lprot closed 6 years ago
Interesting bug! Thanks for letting us know. We'll look into it.
I'm using mbedtls 1.3.21 in the project that in turn uses rtmpdump which relies on mbedtls-1.3. Moving to 2.x is a big task for rtmpdump so we locked to use 1.3. I hope you can quickly fix this in 1.3 branch. After you fix it I will immediately test on the wide range of different servers. Also openssl 1.0.2 on the same server works ok. Thanks in advance.
Well I managed to fix it myself :) Just need to move ssl->in_left = 0; before checking that alert message arrived:
ssl->in_left = 0;
if( ssl->in_msgtype == SSL_MSG_ALERT )
Hope you will add my change to 1.3.22 :)
Hi @lprot Thank you for fixing this issue. As you can see, version 1.3.22 has just been released, so your fix hasn't made it to that release. We will try incorporating your fix to next version, however we strongly recommend you update your version, which has many more enhancements. Please refer to https://tls.mbed.org/kb/how-to/upgrade-2.0 for assisstance in migrating to Mbed TLS 2.x
ARM Internal Ref: IOTSSL-2077
Hi @lprot,
I'm afraid, Mbed TLS 1.3 is now End of Life, as was first announced last June, and we have no plans to make a new version available.
We extended it's life beyond what was originally planned, but because we now want to create a new long term support branch with 2.7, we unfortunately have to end support for 1.3.
So I'm afraid I have to close the issue as we have no intention of fixing it.
Do that but just include this fix as it stays there for ages...
Description
Bug
OS
Ubuntu 16.04 LTS
mbed TLS build:
Version: 1.3.21 (affected versions are 1.3-2.1.2). Beginning from 2.1.3 upto 2.1.9 it's ok. OS version: Ubuntu 16.04 LTS Configuration: default config.h file
Compiler and options: just typed make in the root dir
Additional environment information:
Expected behavior
`/mbedtls-2.1.9/programs/ssl$ ./ssl_client2 server_name=streamserver.mno.netrix.hu server_port=443 debug_level=4
Actual behavior
mbedtls-1.3.21/programs/ssl$ ./ssl_client2 server_name=streamserver.mno.netrix.hu server_port=443 debug_level=4 |more
Steps to reproduce
./ssl_client2 server_name=streamserver.mno.netrix.hu server_port=443 debug_level=4