Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

5.0-beta1 mbedtls DHE config issue (IDFGH-8107) #9607

Closed
3 tasks done
dannybackx opened this issue Aug 22, 2022 · 0 comments
Closed
3 tasks done

5.0-beta1 mbedtls DHE config issue (IDFGH-8107) #9607

dannybackx opened this issue Aug 22, 2022 · 0 comments
Assignees
@kapilkedawat
Labels
Resolution: Done Issue is done internally Status: Done Issue is done internally

Comments

@dannybackx
Copy link

Answers checklist.

  • I have read the documentation ESP-IDF Programming Guide and the issue is not addressed there.
  • I have updated my IDF branch (master or release) to the latest version and checked that the issue is present there.
  • I have searched the issue tracker for a similar issue and not found a similar issue.

General issue report

Components supplied with esp-idf don't compile.

[..] -c /home/danny/src/github/esp32/esp-idf-5.0pre/esp-idf-v5.0-beta1/components/wpa_supplicant/esp_supplicant/src/crypto/tls_mbedtls.c
/home/danny/src/github/esp32/esp-idf-5.0pre/esp-idf-v5.0-beta1/components/wpa_supplicant/esp_supplicant/src/crypto/tls_mbedtls.c:397:9: error: 'MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA' undeclared here (not in a function); did you mean 'MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA'?
397 | MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
/home/danny/src/github/esp32/esp-idf-5.0pre/esp-idf-v5.0-beta1/components/wpa_supplicant/esp_supplicant/src/crypto/tls_mbedtls.c:398:9: error: 'MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA' undeclared here (not in a function); did you mean 'MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA'?
398 | MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
/home/danny/src/github/esp32/esp-idf-5.0pre/esp-idf-v5.0-beta1/components/wpa_supplicant/esp_supplicant/src/crypto/tls_mbedtls.c:399:9: error: 'MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA' undeclared here (not in a function); did you mean 'MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA'?
399 | MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
/home/danny/src/github/esp32/esp-idf-5.0pre/esp-idf-v5.0-beta1/components/wpa_supplicant/esp_supplicant/src/crypto/tls_mbedtls.c:400:9: error: 'MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA' undeclared here (not in a function); did you mean 'MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA'?
400 | MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
/home/danny/src/github/esp32/esp-idf-5.0pre/esp-idf-v5.0-beta1/components/wpa_supplicant/esp_supplicant/src/crypto/tls_mbedtls.c:401:9: error: 'MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA' undeclared here (not in a function); did you mean 'MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA'?
401 | MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
[21/311] Building C object esp-idf/esp_http_client/CM...Files/__idf_esp_http_client.dir/esp_http_client.c.objninja: build stopped: subcommand failed.
ninja failed with exit code 1, output of the command is in the /home/danny/src/esp-idf/5.0/https/build/log/idf_py_stderr_output_67456 and /home/danny/src/esp-idf/5.0/https/build/log/idf_py_stdout_output_67456
hp: {64} fgrep DHE sdkconfig
CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_PSK=y
CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_PSK=y
CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_RSA=y
CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_RSA=y
CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA=y
hp: {65}
@espressif-bot espressif-bot added the Status: Opened Issue is new label Aug 22, 2022
@github-actions github-actions bot changed the title 5.0-beta1 mbedtls DHE config issue 5.0-beta1 mbedtls DHE config issue (IDFGH-8107) Aug 22, 2022
@espressif-bot espressif-bot added Resolution: NA Issue resolution is unavailable Status: Done Issue is done internally Resolution: Done Issue is done internally and removed Status: Opened Issue is new Resolution: NA Issue resolution is unavailable labels Aug 24, 2022
espressif-bot pushed a commit that referenced this issue Sep 2, 2022
@kapilkedawat @espressif-bot
wpa_supplicant: remove RC4 and 3DES ciphers for TLS
1d15a41 
MbedTLS-3.x has dropped support for 3DES and RC4 TLS cipher
suites. Removing them from supplicant as well

Closes #9607
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kapilkedawat kapilkedawat

Labels
Resolution: Done Issue is done internally Status: Done Issue is done internally
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mahavirj @dannybackx @kapilkedawat @espressif-bot