lneely
commented
2 days ago Currently working on branch mbedtls-upgrade. Successfully compiled with mbedtls-2.1.14 using compat-1.3.h, but there is a segfault that needs to be fixed.
Open lneely opened 2 days ago
lneely
commented
2 days ago Currently working on branch mbedtls-upgrade. Successfully compiled with mbedtls-2.1.14 using compat-1.3.h, but there is a segfault that needs to be fixed.
lneely
commented
1 day ago Scoping this ticket to 2.x upgrade. The next step is 3.x.
The upgrade is complete, but now startcrypto command isn't accepting a correct crypto password.
lneely
commented
1 day ago mbedtls_pk_parse_public_key and mbedtls_pk_parse_private_key are returning invalid RSA format even on valid keys.
The same thing happened with mbedtls_x509_crt_parse, and the fix was changing the third argument from strlen(psync_ssl_trusted_certs[i]) to 1+strlen(psync_ssl_trusted_certs[i]) because the null terminator must be included in the size. The same thing might be going on here...
Logs also show another SSL handshake failure, could be that the key data returned by the server actually is invalid...
diff ERROR: pssl.c:449 (function psync_ssl_connect_finish): handshake failed, return code was -26880
mbedtls code is from 2015, and the api has changed significantly. update the code so mbedtls can be dynamically linked to the latest version
(note it may be possible to use a compat header to make this easier in the short term.)