MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET breaks backwards-compatibility?

[sfan5]

Summary

mbedTLS functions can now return MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET.
Applications are likely to treat unknown error codes as failures and are not prepared for this.

System information

Mbed TLS version (number or commit id): 3.6.0
Operating system and version: Linux x86_64
Configuration (if not default, please attach mbedtls_config.h): cmake default
Compiler and options (if you used a pre-built binary, please indicate how you obtained it): gcc 13.2.1
Additional environment information: n/a

Expected behavior

mbedTLS doesn't add mandatory-to-handle new errors in minor versions.

Actual behavior

it did.

Steps to reproduce

1. have application logic that looks like this:

int ret;
char buf[1234];

if ((ret = mbedtls_ssl_read(&ssl_context, buf, sizeof(buf))) > 0) {
    // use data
}

if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
	// try again later
} else {
	// report error and quit
}

2. upgrade to mbedtls 3.6.0
3. witness random failures

Additional information

The first affected version is 3.6.0 because that one enables TLS 1.3 by default (and with it also session tickets).
Enabling session tickets by default seems dubious because going by what ssl_client2.c does applications need to add explicit code to support them anyway.

[tom-daubney-arm]

Hi @sfan5, thanks for creating this issue.

You are right that this is a mistake on our part and we are looking to sort out a way of solving it soon. This problem is already tracked in #8749 and thus I will be closing this ticket as a duplicate.