Bug #3365

Movian is not able to connect to some server by HTTPS

Added by Leonid Protasov almost 2 years ago. Updated over 1 year ago.

Status:FixedStart date:01/31/2018
Priority:NormalDue date:
Assignee:Leonid Protasov% Done:

100%

Category:General
Target version:5.2
Found in version:5.0.500 Platform:RPi

Description

It's because of polarssl:

00:04:41.483: HTTP            [DEBUG]:Connecting to streamserver.mno.netrix.hu:443
00:04:41.483: HTTP            [INFO ]:Connect to streamserver.mno.netrix.hu:443
00:04:41.486: AVSYNC          [DEBUG]:Set to 0 ms
00:04:41.610: HTTP            [DEBUG]:Connection to streamserver.mno.netrix.hu:443 failed -- SSL - An unexpected message was received from our peer

Associated revisions

Revision 73845eb6
Added by Leonid Protasov over 1 year ago

updated to mbed 1.3.22 release and applied ssl_handshake() fix, fixes #3365: polarssl-1.3/ChangeLog
modified: polarssl-1.3/README.rst
modified: polarssl-1.3/include/polarssl/aes.h
modified: polarssl-1.3/include/polarssl/aesni.h
modified: polarssl-1.3/include/polarssl/arc4.h
modified: polarssl-1.3/include/polarssl/asn1.h
modified: polarssl-1.3/include/polarssl/asn1write.h
modified: polarssl-1.3/include/polarssl/base64.h
modified: polarssl-1.3/include/polarssl/bignum.h
modified: polarssl-1.3/include/polarssl/blowfish.h
modified: polarssl-1.3/include/polarssl/bn_mul.h
modified: polarssl-1.3/include/polarssl/camellia.h
modified: polarssl-1.3/include/polarssl/ccm.h
modified: polarssl-1.3/include/polarssl/certs.h
modified: polarssl-1.3/include/polarssl/check_config.h
modified: polarssl-1.3/include/polarssl/cipher.h
modified: polarssl-1.3/include/polarssl/cipher_wrap.h
modified: polarssl-1.3/include/polarssl/compat-1.2.h
modified: polarssl-1.3/include/polarssl/config.h
modified: polarssl-1.3/include/polarssl/ctr_drbg.h
modified: polarssl-1.3/include/polarssl/debug.h
modified: polarssl-1.3/include/polarssl/des.h
modified: polarssl-1.3/include/polarssl/dhm.h
modified: polarssl-1.3/include/polarssl/ecdh.h
modified: polarssl-1.3/include/polarssl/ecdsa.h
modified: polarssl-1.3/include/polarssl/ecp.h
modified: polarssl-1.3/include/polarssl/entropy.h
modified: polarssl-1.3/include/polarssl/entropy_poll.h
modified: polarssl-1.3/include/polarssl/error.h
modified: polarssl-1.3/include/polarssl/gcm.h
modified: polarssl-1.3/include/polarssl/havege.h
modified: polarssl-1.3/include/polarssl/hmac_drbg.h
modified: polarssl-1.3/include/polarssl/md.h
modified: polarssl-1.3/include/polarssl/md2.h
modified: polarssl-1.3/include/polarssl/md4.h
modified: polarssl-1.3/include/polarssl/md5.h
modified: polarssl-1.3/include/polarssl/md_wrap.h
modified: polarssl-1.3/include/polarssl/memory.h
modified: polarssl-1.3/include/polarssl/memory_buffer_alloc.h
modified: polarssl-1.3/include/polarssl/net.h
modified: polarssl-1.3/include/polarssl/oid.h
modified: polarssl-1.3/include/polarssl/openssl.h
modified: polarssl-1.3/include/polarssl/padlock.h
modified: polarssl-1.3/include/polarssl/pbkdf2.h
modified: polarssl-1.3/include/polarssl/pem.h
modified: polarssl-1.3/include/polarssl/pk.h
modified: polarssl-1.3/include/polarssl/pk_wrap.h
modified: polarssl-1.3/include/polarssl/pkcs11.h
modified: polarssl-1.3/include/polarssl/pkcs12.h
modified: polarssl-1.3/include/polarssl/pkcs5.h
modified: polarssl-1.3/include/polarssl/platform.h
modified: polarssl-1.3/include/polarssl/ripemd160.h
modified: polarssl-1.3/include/polarssl/rsa.h
modified: polarssl-1.3/include/polarssl/sha1.h
modified: polarssl-1.3/include/polarssl/sha256.h
modified: polarssl-1.3/include/polarssl/sha512.h
modified: polarssl-1.3/include/polarssl/ssl.h
modified: polarssl-1.3/include/polarssl/ssl_cache.h
modified: polarssl-1.3/include/polarssl/ssl_ciphersuites.h
modified: polarssl-1.3/include/polarssl/threading.h
modified: polarssl-1.3/include/polarssl/timing.h
modified: polarssl-1.3/include/polarssl/version.h
modified: polarssl-1.3/include/polarssl/x509.h
modified: polarssl-1.3/include/polarssl/x509_crl.h
modified: polarssl-1.3/include/polarssl/x509_crt.h
modified: polarssl-1.3/include/polarssl/x509_csr.h
modified: polarssl-1.3/include/polarssl/xtea.h
modified: polarssl-1.3/library/aes.c
modified: polarssl-1.3/library/aesni.c
modified: polarssl-1.3/library/arc4.c
modified: polarssl-1.3/library/asn1parse.c
modified: polarssl-1.3/library/asn1write.c
modified: polarssl-1.3/library/base64.c
modified: polarssl-1.3/library/bignum.c
modified: polarssl-1.3/library/blowfish.c
modified: polarssl-1.3/library/camellia.c
modified: polarssl-1.3/library/ccm.c
modified: polarssl-1.3/library/certs.c
modified: polarssl-1.3/library/cipher.c
modified: polarssl-1.3/library/cipher_wrap.c
modified: polarssl-1.3/library/ctr_drbg.c
modified: polarssl-1.3/library/debug.c
modified: polarssl-1.3/library/des.c
modified: polarssl-1.3/library/dhm.c
modified: polarssl-1.3/library/ecdh.c
modified: polarssl-1.3/library/ecdsa.c
modified: polarssl-1.3/library/ecp.c
modified: polarssl-1.3/library/ecp_curves.c
modified: polarssl-1.3/library/entropy.c
modified: polarssl-1.3/library/entropy_poll.c
modified: polarssl-1.3/library/error.c
modified: polarssl-1.3/library/gcm.c
modified: polarssl-1.3/library/havege.c
modified: polarssl-1.3/library/hmac_drbg.c
modified: polarssl-1.3/library/md.c
modified: polarssl-1.3/library/md2.c
modified: polarssl-1.3/library/md4.c
modified: polarssl-1.3/library/md5.c
modified: polarssl-1.3/library/md_wrap.c
modified: polarssl-1.3/library/memory_buffer_alloc.c
modified: polarssl-1.3/library/net.c
modified: polarssl-1.3/library/oid.c
modified: polarssl-1.3/library/padlock.c
modified: polarssl-1.3/library/pbkdf2.c
modified: polarssl-1.3/library/pem.c
modified: polarssl-1.3/library/pk.c
modified: polarssl-1.3/library/pk_wrap.c
modified: polarssl-1.3/library/pkcs11.c
modified: polarssl-1.3/library/pkcs12.c
modified: polarssl-1.3/library/pkcs5.c
modified: polarssl-1.3/library/pkparse.c
modified: polarssl-1.3/library/pkwrite.c
modified: polarssl-1.3/library/platform.c
modified: polarssl-1.3/library/ripemd160.c
modified: polarssl-1.3/library/rsa.c
modified: polarssl-1.3/library/sha1.c
modified: polarssl-1.3/library/sha256.c
modified: polarssl-1.3/library/sha512.c
modified: polarssl-1.3/library/ssl_cache.c
modified: polarssl-1.3/library/ssl_ciphersuites.c
modified: polarssl-1.3/library/ssl_cli.c
modified: polarssl-1.3/library/ssl_srv.c
modified: polarssl-1.3/library/ssl_tls.c
modified: polarssl-1.3/library/threading.c
modified: polarssl-1.3/library/timing.c
modified: polarssl-1.3/library/version.c
modified: polarssl-1.3/library/version_features.c
modified: polarssl-1.3/library/x509.c
modified: polarssl-1.3/library/x509_create.c
modified: polarssl-1.3/library/x509_crl.c
modified: polarssl-1.3/library/x509_crt.c
modified: polarssl-1.3/library/x509_csr.c
modified: polarssl-1.3/library/x509write_crt.c
modified: polarssl-1.3/library/x509write_csr.c
modified: polarssl-1.3/library/xtea.c

Change included in version 5.0.533

History

#1 Updated by Leonid Protasov almost 2 years ago

I'm commenting the procedure I used to update polarssl-1.3 to mbed-1.3.22 developing branch. If in the future we will need to update it again we can use this as the reference:

1. Cloned the most current mbedtls-1.3 branch

git clone -b mbedtls-1.3 https://github.com/ARMmbed/mbedtls

2. Edited /include/polarssl/config.h
Commented:

#define POLARSSL_HAVE_TIME
#define POLARSSL_HAVE_IPV6
#define POLARSSL_SELF_TEST

Uncommented:

#define POLARSSL_HAVEGE_C
#define POLARSSL_MD4_C

Replaced:

#define POLARSSL_NET_C

with

#ifndef __native_client__
#define POLARSSL_NET_C
#endif

3. In /library/entropy_poll.c to #if defined(HAVE_GETRANDOM) inserted:

#elif 1

  extern void arch_get_random_bytes(void *ptr, size_t size);

  arch_get_random_bytes(output, len);
  *olen = len;
  return 0;

4. In /library/net.c before

#elif defined(__APPLE__) || defined(HAVE_MACHINE_ENDIAN_H) ||   \

inserted:

#elif defined(__PPU__)
#include <machine/endian.h>
#define __socklen_t_defined

5. In /library/timing.c replaced #if defined(INTEGRITY) with

#if defined(INTEGRITY) || defined(__PPU__) || defined(__native_client__)

#2 Updated by Leonid Protasov over 1 year ago

Fixed ssl->in_left = 0; placement in /library/ssl_tls.c

Alas the fix will never be merged into 1.3.22 as that was the last version of 1.3 branch :( https://github.com/ARMmbed/mbedtls/issues/1345

#3 Updated by Leonid Protasov over 1 year ago

  • Status changed from New to Fixed
  • % Done changed from 0 to 100

Also available in: Atom PDF