[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [lwip-users] BEDTLS_SSL_VERIFY_REQUIRED in altcp_tls_mbedtls
|
From: |
Indan Zupancic |
|
Subject: |
Re: [lwip-users] BEDTLS_SSL_VERIFY_REQUIRED in altcp_tls_mbedtls |
|
Date: |
Tue, 23 Jun 2020 16:58:05 +0200 |
Hello Cesare,
> LWIP builds by default with TLS ca certificate verification optional
> (MBEDTLS_SSL_VERIFY_OPTIONAL),
> which is unsuitable for production as it bypasses TLS authentication.
This depends on how you use TLS. For e.g. HTTP it is the client that requires
verification
and not the server (client certification is also possible, but unusual). If
that server runs
on lwIP then I don't think you want to enable MBEDTLS_SSL_VERIFY_REQUIRED.
Best regards,
Indan Zupancic
TT Vasumweg 150 | 1033 SH Amsterdam | The Netherlands
Phone: + 31 [0]20 482 56 32 | Fax: + 31 [0]20 482 00 77 | Email:
indan.zupancic@mep-info.com
-----Original Message-----
From: lwip-users <lwip-users-bounces+indan.zupancic=mep-info.com@nongnu.org> On
Behalf Of Cesare Garlati
Sent: Monday, 22 June 2020 20:14
To: lwip-users@nongnu.org
Subject: [lwip-users] BEDTLS_SSL_VERIFY_REQUIRED in altcp_tls_mbedtls
LWIP builds by default with TLS ca certificate verification optional
(MBEDTLS_SSL_VERIFY_OPTIONAL), which is unsuitable for production as it
bypasses TLS authentication.
Question: is there a way to change the mbedTLS setting into
MBEDTLS_SSL_VERIFY_REQUIRED without hacking the lwip code?
Would it make sense to add a new lwip config macro ALTCP_MBEDTLS_SSL_VERIFY
with the 4 mbedTLS options below?
#define MBEDTLS_SSL_VERIFY_NONE 0 #define MBEDTLS_SSL_VERIFY_OPTIONAL
1 #define MBEDTLS_SSL_VERIFY_REQUIRED 2 #define MBEDTLS_SSL_VERIFY_UNSET
3
Alternatively, Would it make sense to ship lwip with security enabled by
default and simply replace the current MBEDTLS_SSL_VERIFY_OPTIONAL with
MBEDTLS_SSL_VERIFY_REQUIRED in apps/altcp_tls/altcp_tls_mbedtls?
Happy to submit a patch if it makes sense.
Cesare