Closed jheba closed 4 months ago
Connection is closed by the server, it sends a fatal alert message of type 70 (MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION):
V (581583) mbedtls: ssl_msg.c:3989 dumping 'input record from network' (7 bytes)
V (581591) mbedtls: ssl_msg.c:3989 0000: 15 03 03 00 02 02 46 ......F
I (581600) mbedtls: ssl_msg.c:5042 got an alert message, type: [2:70]
W (581608) mbedtls: ssl_msg.c:5049 is a fatal alert message (msg 70)
W (581615) mbedtls: ssl_msg.c:4191 mbedtls_ssl_handle_message_type() returned -30592 (-0x7780)
W (581624) mbedtls: ssl_tls13_generic.c:69 mbedtls_ssl_read_record() returned -30592 (-0x7780)
I (581634) mbedtls: ssl_tls13_client.c:2079 <= ssl_tls13_process_server_hello ( ServerHello )
I (581643) mbedtls: ssl_tls.c:3952 <= handshake
E (581649) esp-tls-mbedtls: mbedtls_ssl_handshake returned -0x7780 (SSL - A fatal alert message was received from our peer)
I (581660) esp-tls-mbedtls: (FFFF8880): SSL - A fatal alert message was received from our peer
E (581669) transport_base: [http_server] esp_tls_connect_async: [prod-16.norwayeast.logic.azure.com:443] esp_tls_conn_new_async: Failed, res=-1
I (581683) transport_base: [http_server] [prod-16.norwayeast.logic.azure.com] Unlock TLS saved session for ssl=0x3ffe4ef8, session=0x0
E (581696) HTTP_CLIENT: Connection failed
E (581701) HTTP_CLIENT: Connection failed: esp_tls_last_esp_err=32794 (ESP_ERR_MBEDTLS_SSL_HANDSHAKE_FAILED)
E (581711) http: [http_server/1] ./main/http.c:306 {http_wait_until_async_req_completed}: esp_http_client_perform failed, err=32794 (ESP_ERR_MBEDTLS_SSL_HANDSHAKE_FAILED)
E (581727) http: [http_server/1] ./main/http.c:318 {http_wait_until_async_req_completed}: esp_http_client_perform failed, err=32794 (ESP_ERR_MBEDTLS_SSL_HANDSHAKE_FAILED)
I (581750) gw_status: [http_server/1] RESUME RELAYING
I (581751) http_server: [http_server/1] Json resp: code=200, content:
{
"status": 502,
"message": "Network error when communicating with the server, err=32794, description=ESP_ERR_MBEDTLS_SSL_HANDSHAKE_FAILED"
}
This problem was solved in mbedtls: Do not generate new random number while receiving HRR This commit is part of this pull request Do not generate new random number while receiving HRR, which was merged 2024-03-15 and included in mbedtls v3.6.0 (LTS)
@jheba could you check how it works now? Here is the test build: https://jenkins.ruuvi.com/job/ruuvi_gateway_esp-PR/1338/artifact/build/
Works great! Thanks!
Do you know when v1.15.1 will be out? Is there any roadmap publicly available?
QA passed
We're planning to release v1.15.1 to beta by the end of this week, and usually the beta is pushed to production in 2-3 weeks. Schedule depends on if issues are found in beta.
We don't have a public long-term roadmap for Gateway, we'll collect user feedback and see what features are most wanted before we start working on 1.16. If some bugs are found, we'll release bug fix patches, 1.15.2, .3 etc.
Hello,
I am getting
Network error when communicating with the server, err=32794, description=ESP_ERR_MBEDTLS_SSL_HANDSHAKE_FAILED
when validating azure logic apps as an HTTP endpointAffected firmware version: v1.15.x Works fine on v1.14.3
Steps to reproduce:
ESP_ERR_MBEDTLS_SSL_HANDSHAKE_FAILED
errorIt is not a blocker for me ATM - just letting you know as it indicates that potentially there is still a problem after introducing TLS 1.3 support. Please note that according to this report, the logic apps endpoint I am testing against, supports TLS 1.3.