-
-
Notifications
You must be signed in to change notification settings - Fork 6.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
mbedTLS 3.6.0 breaks curl #13653
Comments
for the failed tests it looks as though stunnel server is sending a tls alert of bad certificate. (it's not clear to me if it's sending or receiving the alert) https://github.com/curl/curl/actions/runs/9086442477/job/24972131840#step:35:1170
I can't reproduce in Linux however I did not copy the CI job configuration. I built mbedtls like this:
I built curl like |
Build with 3.6.0. First test failing is 300, log shows:
Opened issue at mbedTLS: Mbed-TLS/mbedtls#9210 Update: this seems to only fail for connections with Update2: "We don't support disabling server authentication in TLS 1.3." 🤓 |
Made #13838 with workarounds to test fine locally. Let's see what CI says. |
Thanks for looking into this. IMO these are mbedtls bugs and I think we should wait and see what they are going to do about them instead of patching curl. In other words, if they intend to fix the problems then I don't think the workarounds should go in. Hats off to you though for figuring some out. Also- I don't understand why curl passes all tests for me with 3.6.0 if it was intended behavior on their part. |
I did this
#13646 tried to upgrade the mbedTLS CI jobs to use version 3.6.0
This caused numerous failed CI jobs.
I expected the following
green builds
curl/libcurl version
curl master
operating system
on Linux, but probably a universal problem
The text was updated successfully, but these errors were encountered: