Merge pull request #1313 from gilles-peskine-arm/ssl-hostname-unset-magic-pointer-2.28
Backport 2.28: require setting the hostname for verification
diff --git a/ChangeLog.d/mbedtls_ssl_set_hostname.txt b/ChangeLog.d/mbedtls_ssl_set_hostname.txt
new file mode 100644
index 0000000..bd15d3a
--- /dev/null
+++ b/ChangeLog.d/mbedtls_ssl_set_hostname.txt
@@ -0,0 +1,21 @@
+Default behavior changes
+ * In TLS clients, if mbedtls_ssl_set_hostname() has not been called,
+ mbedtls_ssl_handshake() now fails with
+ MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+ if certificate-based authentication of the server is attempted.
+ This is because authenticating a server without knowing what name
+ to expect is usually insecure. To restore the old behavior, either
+ call mbedtls_ssl_set_hostname() with NULL as the hostname, or
+ enable the new compile-time option
+ MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME.
+ The content of ssl->hostname after mbedtls_ssl_set_hostname(ssl, NULL)
+ has changed, see the documentation of the hostname field in the
+ mbedtls_ssl_context struct type for details.
+
+Security
+ * Note that TLS clients should generally call mbedtls_ssl_set_hostname()
+ if they use certificate authentication (i.e. not pre-shared keys).
+ Otherwise, in many scenarios, the server could be impersonated.
+ The library will now prevent the handshake and return
+ MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+ if mbedtls_ssl_set_hostname() has not been called.
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 84af7f7..9590dd3 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1713,6 +1713,46 @@
*/
//#define MBEDTLS_SSL_ASYNC_PRIVATE
+/** \def MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+ *
+ * In TLS clients, when a client authenticates a server through its
+ * certificate, the client normally checks three things:
+ * - the certificate chain must be valid;
+ * - the chain must start from a trusted CA;
+ * - the certificate must cover the server name that is expected by the client.
+ *
+ * Omitting any of these checks is generally insecure, and can allow a
+ * malicious server to impersonate a legitimate server.
+ *
+ * The third check may be safely skipped in some unusual scenarios,
+ * such as networks where eavesdropping is a risk but not active attacks,
+ * or a private PKI where the client equally trusts all servers that are
+ * accredited by the root CA.
+ *
+ * You should call mbedtls_ssl_set_hostname() with the expected server name
+ * before starting a TLS handshake on a client (unless the client is
+ * set up to only use PSK-based authentication, which does not rely on the
+ * host name). This configuration option controls what happens if a TLS client
+ * is configured with the authentication mode #MBEDTLS_SSL_VERIFY_REQUIRED
+ * (default), certificate authentication is enabled and the client does not
+ * call mbedtls_ssl_set_hostname():
+ *
+ * - If this option is unset (default), the connection attempt is aborted
+ * with the error #MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME.
+ * - If this option is set, the TLS library does not check the server name
+ * that the certificate is valid for. This is the historical behavior
+ * of Mbed TLS, but may be insecure as explained above.
+ *
+ * Enable this option for strict backward compatibility if you have
+ * determined that it is secure in the scenario where you are using
+ * Mbed TLS.
+ *
+ * \deprecated This option exists only for backward compatibility and will
+ * be removed in the next major version of Mbed TLS.
+ *
+ */
+//#define MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+
/**
* \def MBEDTLS_SSL_CONTEXT_SERIALIZATION
*
diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h
index 7a18373..fd0ac76 100644
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h
@@ -92,7 +92,7 @@
* ECP 4 10 (Started from top)
* MD 5 5
* HKDF 5 1 (Started from top)
- * SSL 5 2 (Started from 0x5F00)
+ * SSL 5 3 (Started from 0x5F00)
* CIPHER 6 8 (Started from 0x6080)
* SSL 6 24 (Started from top, plus 0x6000)
* SSL 7 32
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 9cdf3a3..8f9d38e 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -183,6 +183,41 @@
#define MBEDTLS_ERR_SSL_BAD_CONFIG -0x5E80
/** Cache entry not found */
#define MBEDTLS_ERR_SSL_CACHE_ENTRY_NOT_FOUND -0x5E00
+/** Attempt to verify a certificate without an expected hostname.
+ * This is usually insecure.
+ *
+ * In TLS clients, when a client authenticates a server through its
+ * certificate, the client normally checks three things:
+ * - the certificate chain must be valid;
+ * - the chain must start from a trusted CA;
+ * - the certificate must cover the server name that is expected by the client.
+ *
+ * Omitting any of these checks is generally insecure, and can allow a
+ * malicious server to impersonate a legitimate server.
+ *
+ * The third check may be safely skipped in some unusual scenarios,
+ * such as networks where eavesdropping is a risk but not active attacks,
+ * or a private PKI where the client equally trusts all servers that are
+ * accredited by the root CA.
+ *
+ * You should call mbedtls_ssl_set_hostname() with the expected server name
+ * before starting a TLS handshake on a client (unless the client is
+ * set up to only use PSK-based authentication, which does not rely on the
+ * host name). If you have determined that server name verification is not
+ * required for security in your scenario, call mbedtls_ssl_set_hostname()
+ * with \p NULL as the server name.
+ *
+ * This error is raised if all of the following conditions are met:
+ *
+ * - A TLS client is configured with the authentication mode
+ * #MBEDTLS_SSL_VERIFY_REQUIRED (default).
+ * - Certificate authentication is enabled.
+ * - The client does not call mbedtls_ssl_set_hostname().
+ * - The configuration option
+ * #MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+ * is not enabled.
+ */
+#define MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME -0x5D80
/*
* Various constants
@@ -1403,8 +1438,36 @@
* User settings
*/
#if defined(MBEDTLS_X509_CRT_PARSE_C)
- char *hostname; /*!< expected peer CN for verification
- (and SNI if available) */
+ /** Expected peer CN for verification.
+ *
+ * Also used on clients for SNI.
+ *
+ * The value of this field can be:
+ * - \p NULL in a newly initialized or reset context.
+ * - A heap-allocated copy of the last value passed to
+ * mbedtls_ssl_set_hostname(), if the last call had a non-null
+ * \p hostname argument.
+ * - A special value to indicate that mbedtls_ssl_set_hostname()
+ * was called with \p NULL (as opposed to never having been called).
+ *
+ * If you need to obtain the value passed to
+ * mbedtls_ssl_set_hostname() even if it may have been called with
+ * \p NULL, call mbedtls_ssl_get_hostname_pointer().
+ *
+ * If this field contains the value \p NULL and the configuration option
+ * #MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+ * is unset, on a TLS client, attempting to verify a server certificate
+ * results in the error
+ * #MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME.
+ *
+ * If this field contains the special value described above, or if
+ * the value is \p NULL and the configuration option
+ * #MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+ * is set, then the peer name verification is skipped, which may be
+ * insecure, especially on a client. Furthermore, on a client, the
+ * server_name extension is not sent.
+ */
+ char *hostname;
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_ALPN)
@@ -1535,6 +1598,14 @@
* Calling mbedtls_ssl_setup again is not supported, even
* if no session is active.
*
+ * \warning After setting up a client context, if certificate-based
+ * authentication is enabled, you should call
+ * mbedtls_ssl_set_hostname() to specifiy the expected
+ * name of the server. Without this, in most scenarios,
+ * the TLS connection is insecure. See
+ * #MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+ * for more information.
+ *
* \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
* subsystem must have been initialized by calling
* psa_crypto_init() before calling this function.
@@ -3107,16 +3178,29 @@
#if defined(MBEDTLS_X509_CRT_PARSE_C)
/**
* \brief Set or reset the hostname to check against the received
- * server certificate. It sets the ServerName TLS extension,
- * too, if that extension is enabled. (client-side only)
+ * peer certificate. On a client, this also sets the
+ * ServerName TLS extension, if that extension is enabled.
+ * On a TLS 1.3 client, this also sets the server name in
+ * the session resumption ticket, if that feature is enabled.
*
* \param ssl SSL context
- * \param hostname the server hostname, may be NULL to clear hostname
-
- * \note Maximum hostname length MBEDTLS_SSL_MAX_HOST_NAME_LEN.
+ * \param hostname The server hostname. This may be \c NULL to clear
+ * the hostname.
*
- * \return 0 if successful, MBEDTLS_ERR_SSL_ALLOC_FAILED on
- * allocation failure, MBEDTLS_ERR_SSL_BAD_INPUT_DATA on
+ * \note Maximum hostname length #MBEDTLS_SSL_MAX_HOST_NAME_LEN.
+ *
+ * \note If the hostname is \c NULL on a client, then the server
+ * is not authenticated: it only needs to have a valid
+ * certificate, not a certificate matching its name.
+ * Therefore you should always call this function on a client,
+ * unless the connection is set up to only allow
+ * pre-shared keys, or in scenarios where server
+ * impersonation is not a concern. See the documentation of
+ * #MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+ * for more details.
+ *
+ * \return 0 if successful, #MBEDTLS_ERR_SSL_ALLOC_FAILED on
+ * allocation failure, #MBEDTLS_ERR_SSL_BAD_INPUT_DATA on
* too long input hostname.
*
* Hostname set to the one provided on success (cleared
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 3a40b4b..e387369 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -1214,6 +1214,16 @@
return 4;
}
+/** Get the host name from the SSL context.
+ *
+ * \param[in] ssl SSL context
+ *
+ * \return The \p hostname pointer from the SSL context.
+ * \c NULL if mbedtls_ssl_set_hostname() has never been called on
+ * \p ssl or if it was last called with \p NULL.
+ */
+const char *mbedtls_ssl_get_hostname_pointer(const mbedtls_ssl_context *ssl);
+
#if defined(MBEDTLS_SSL_PROTO_DTLS)
void mbedtls_ssl_send_flight_completed(mbedtls_ssl_context *ssl);
void mbedtls_ssl_recv_flight_completed(mbedtls_ssl_context *ssl);
diff --git a/library/error.c b/library/error.c
index cb7ad57..a0667e1 100644
--- a/library/error.c
+++ b/library/error.c
@@ -508,6 +508,8 @@
return( "SSL - Invalid value in SSL config" );
case -(MBEDTLS_ERR_SSL_CACHE_ENTRY_NOT_FOUND):
return( "SSL - Cache entry not found" );
+ case -(MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME):
+ return( "SSL - Attempt to verify a certificate without an expected hostname. This is usually insecure. In TLS clients, when a client authenticates a server through its certificate, the client normally checks three things: - the certificate chain must be valid; - the chain must start from a trusted CA; - the certificate must cover the server name that is expected by the client. Omitting any of these checks is generally insecure, and can allow a malicious server to impersonate a legitimate server. The third check may be safely skipped in some unusual scenarios, such as networks where eavesdropping is a risk but not active attacks, or a private PKI where the client equally trusts all servers that are accredited by the root CA. You should call mbedtls_ssl_set_hostname() with the expected server name before starting a TLS handshake on a client (unless the client is set up to only use PSK-based authentication, which does not rely on the host name). If you have determined that server name verification is not required for security in your scenario, call mbedtls_ssl_set_hostname() with \\p NULL as the server name. This error is raised if all of the following conditions are met: - A TLS client is configured with the authentication mode #MBEDTLS_SSL_VERIFY_REQUIRED (default). - Certificate authentication is enabled. - The client does not call mbedtls_ssl_set_hostname(). - The configuration option #MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME is not enabled" );
#endif /* MBEDTLS_SSL_TLS_C */
#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 4fde783..2854e00 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -83,19 +83,20 @@
size_t *olen)
{
unsigned char *p = buf;
+ const char *hostname = mbedtls_ssl_get_hostname_pointer(ssl);
size_t hostname_len;
*olen = 0;
- if (ssl->hostname == NULL) {
+ if (hostname == NULL) {
return 0;
}
MBEDTLS_SSL_DEBUG_MSG(3,
("client hello, adding server name extension: %s",
- ssl->hostname));
+ hostname));
- hostname_len = strlen(ssl->hostname);
+ hostname_len = strlen(hostname);
MBEDTLS_SSL_CHK_BUF_PTR(p, end, hostname_len + 9);
@@ -139,7 +140,7 @@
MBEDTLS_PUT_UINT16_BE(hostname_len, p, 0);
p += 2;
- memcpy(p, ssl->hostname, hostname_len);
+ memcpy(p, hostname, hostname_len);
*olen = hostname_len + 9;
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 6149434..65d5b96 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -38,6 +38,92 @@
#include "mbedtls/oid.h"
#endif
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+
+/* A magic value for `ssl->hostname` indicating that
+ * mbedtls_ssl_set_hostname() has been called with `NULL`.
+ * If mbedtls_ssl_set_hostname() has never been called on `ssl`, then
+ * `ssl->hostname == NULL`. */
+static const char *const ssl_hostname_skip_cn_verification = "";
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+/** Whether mbedtls_ssl_set_hostname() has been called.
+ *
+ * \param[in] ssl SSL context
+ *
+ * \return \c 1 if mbedtls_ssl_set_hostname() has been called on \p ssl
+ * (including `mbedtls_ssl_set_hostname(ssl, NULL)`),
+ * otherwise \c 0.
+ */
+static int mbedtls_ssl_has_set_hostname_been_called(
+ const mbedtls_ssl_context *ssl)
+{
+ return ssl->hostname != NULL;
+}
+#endif
+
+const char *mbedtls_ssl_get_hostname_pointer(const mbedtls_ssl_context *ssl)
+{
+ if (ssl->hostname == ssl_hostname_skip_cn_verification) {
+ return NULL;
+ }
+ return ssl->hostname;
+}
+
+static void mbedtls_ssl_free_hostname(mbedtls_ssl_context *ssl)
+{
+ if (ssl->hostname != NULL &&
+ ssl->hostname != ssl_hostname_skip_cn_verification) {
+ mbedtls_platform_zeroize(ssl->hostname, strlen(ssl->hostname));
+ mbedtls_free(ssl->hostname);
+ }
+ ssl->hostname = NULL;
+}
+
+int mbedtls_ssl_set_hostname(mbedtls_ssl_context *ssl, const char *hostname)
+{
+ /* Initialize to suppress unnecessary compiler warning */
+ size_t hostname_len = 0;
+
+ /* Check if new hostname is valid before
+ * making any change to current one */
+ if (hostname != NULL) {
+ hostname_len = strlen(hostname);
+
+ if (hostname_len > MBEDTLS_SSL_MAX_HOST_NAME_LEN) {
+ return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+ }
+ }
+
+ /* Now it's clear that we will overwrite the old hostname,
+ * so we can free it safely */
+ mbedtls_ssl_free_hostname(ssl);
+
+ if (hostname == NULL) {
+ /* Passing NULL as hostname clears the old one, but leaves a
+ * special marker to indicate that mbedtls_ssl_set_hostname()
+ * has been called. */
+ /* ssl->hostname should be const, but isn't. We won't actually
+ * write to the buffer, so it's ok to cast away the const. */
+ ssl->hostname = (char *) ssl_hostname_skip_cn_verification;
+ } else {
+ ssl->hostname = mbedtls_calloc(1, hostname_len + 1);
+ if (ssl->hostname == NULL) {
+ /* mbedtls_ssl_set_hostname() has been called, but unsuccessfully.
+ * Leave ssl->hostname in the same state as if the function had
+ * not been called, i.e. a null pointer. */
+ return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+ }
+
+ memcpy(ssl->hostname, hostname, hostname_len);
+
+ ssl->hostname[hostname_len] = '\0';
+ }
+
+ return 0;
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
#if defined(MBEDTLS_SSL_PROTO_DTLS)
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
@@ -2521,13 +2607,33 @@
return SSL_CERTIFICATE_EXPECTED;
}
+static int get_hostname_for_verification(mbedtls_ssl_context *ssl,
+ const char **hostname)
+{
+ if (!mbedtls_ssl_has_set_hostname_been_called(ssl)) {
+ MBEDTLS_SSL_DEBUG_MSG(1, ("Certificate verification without having set hostname"));
+#if !defined(MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME)
+ if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT &&
+ ssl->conf->authmode == MBEDTLS_SSL_VERIFY_REQUIRED) {
+ return MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME;
+ }
+#endif
+ }
+
+ *hostname = mbedtls_ssl_get_hostname_pointer(ssl);
+ if (*hostname == NULL) {
+ MBEDTLS_SSL_DEBUG_MSG(2, ("Certificate verification without CN verification"));
+ }
+
+ return 0;
+}
+
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl,
int authmode,
mbedtls_x509_crt *chain,
void *rs_ctx)
{
- int ret = 0;
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
ssl->handshake->ciphersuite_info;
int have_ca_chain = 0;
@@ -2549,6 +2655,13 @@
p_vrfy = ssl->conf->p_vrfy;
}
+ const char *hostname = "";
+ int ret = get_hostname_for_verification(ssl, &hostname);
+ if (ret != 0) {
+ MBEDTLS_SSL_DEBUG_RET(1, "get_hostname_for_verification", ret);
+ return ret;
+ }
+
/*
* Main check: verify certificate
*/
@@ -2563,7 +2676,7 @@
ssl->conf->f_ca_cb,
ssl->conf->p_ca_cb,
ssl->conf->cert_profile,
- ssl->hostname,
+ hostname,
&ssl->session_negotiate->verify_result,
f_vrfy, p_vrfy);
} else
@@ -2591,7 +2704,7 @@
chain,
ca_chain, ca_crl,
ssl->conf->cert_profile,
- ssl->hostname,
+ hostname,
&ssl->session_negotiate->verify_result,
f_vrfy, p_vrfy, rs_ctx);
}
@@ -4617,49 +4730,6 @@
}
#endif /* MBEDTLS_ECP_C */
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-int mbedtls_ssl_set_hostname(mbedtls_ssl_context *ssl, const char *hostname)
-{
- /* Initialize to suppress unnecessary compiler warning */
- size_t hostname_len = 0;
-
- /* Check if new hostname is valid before
- * making any change to current one */
- if (hostname != NULL) {
- hostname_len = strlen(hostname);
-
- if (hostname_len > MBEDTLS_SSL_MAX_HOST_NAME_LEN) {
- return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
- }
- }
-
- /* Now it's clear that we will overwrite the old hostname,
- * so we can free it safely */
-
- if (ssl->hostname != NULL) {
- mbedtls_platform_zeroize(ssl->hostname, strlen(ssl->hostname));
- mbedtls_free(ssl->hostname);
- }
-
- /* Passing NULL as hostname shall clear the old one */
-
- if (hostname == NULL) {
- ssl->hostname = NULL;
- } else {
- ssl->hostname = mbedtls_calloc(1, hostname_len + 1);
- if (ssl->hostname == NULL) {
- return MBEDTLS_ERR_SSL_ALLOC_FAILED;
- }
-
- memcpy(ssl->hostname, hostname, hostname_len);
-
- ssl->hostname[hostname_len] = '\0';
- }
-
- return 0;
-}
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
void mbedtls_ssl_conf_sni(mbedtls_ssl_config *conf,
int (*f_sni)(void *, mbedtls_ssl_context *,
@@ -6816,10 +6886,7 @@
}
#if defined(MBEDTLS_X509_CRT_PARSE_C)
- if (ssl->hostname != NULL) {
- mbedtls_platform_zeroize(ssl->hostname, strlen(ssl->hostname));
- mbedtls_free(ssl->hostname);
- }
+ mbedtls_ssl_free_hostname(ssl);
#endif
#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
diff --git a/library/version_features.c b/library/version_features.c
index 6f663b1..f5734c4 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -486,6 +486,9 @@
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
"MBEDTLS_SSL_ASYNC_PRIVATE",
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+#if defined(MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME)
+ "MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME",
+#endif /* MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME */
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
"MBEDTLS_SSL_CONTEXT_SERIALIZATION",
#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index d01202f..7e6b052 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -64,6 +64,7 @@
#define DFL_ARC4 -1
#define DFL_SHA1 -1
#define DFL_AUTH_MODE -1
+#define DFL_SET_HOSTNAME 1
#define DFL_MFL_CODE MBEDTLS_SSL_MAX_FRAG_LEN_NONE
#define DFL_TRUNC_HMAC -1
#define DFL_RECSPLIT -1
@@ -380,6 +381,9 @@
#define USAGE2 \
" auth_mode=%%s default: (library default: none)\n" \
" options: none, optional, required\n" \
+ " set_hostname=%%s call mbedtls_ssl_set_hostname()?" \
+ " options: no, server_name, NULL\n" \
+ " default: server_name (but ignored if certs disabled)\n" \
USAGE_IO \
USAGE_KEY_OPAQUE \
USAGE_CA_CALLBACK \
@@ -473,6 +477,8 @@
int arc4; /* flag for arc4 suites support */
int allow_sha1; /* flag for SHA-1 support */
int auth_mode; /* verify mode for connection */
+ int set_hostname; /* call mbedtls_ssl_set_hostname()? */
+ /* 0=no, 1=yes, -1=NULL */
unsigned char mfl_code; /* code for maximum fragment length */
int trunc_hmac; /* negotiate truncated hmac or not */
int recsplit; /* enable record splitting? */
@@ -796,6 +802,7 @@
opt.arc4 = DFL_ARC4;
opt.allow_sha1 = DFL_SHA1;
opt.auth_mode = DFL_AUTH_MODE;
+ opt.set_hostname = DFL_SET_HOSTNAME;
opt.mfl_code = DFL_MFL_CODE;
opt.trunc_hmac = DFL_TRUNC_HMAC;
opt.recsplit = DFL_RECSPLIT;
@@ -1148,6 +1155,16 @@
} else {
goto usage;
}
+ } else if (strcmp(p, "set_hostname") == 0) {
+ if (strcmp(q, "no") == 0) {
+ opt.set_hostname = 0;
+ } else if (strcmp(q, "server_name") == 0) {
+ opt.set_hostname = 1;
+ } else if (strcmp(q, "NULL") == 0) {
+ opt.set_hostname = -1;
+ } else {
+ goto usage;
+ }
} else if (strcmp(p, "max_frag_len") == 0) {
if (strcmp(q, "512") == 0) {
opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_512;
@@ -1893,10 +1910,24 @@
}
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
- if ((ret = mbedtls_ssl_set_hostname(&ssl, opt.server_name)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ssl_set_hostname returned %d\n\n",
- ret);
- goto exit;
+ switch (opt.set_hostname) {
+ case -1:
+ if ((ret = mbedtls_ssl_set_hostname(&ssl, NULL)) != 0) {
+ mbedtls_printf(" failed\n ! mbedtls_ssl_set_hostname returned %d\n\n",
+ ret);
+ goto exit;
+ }
+ break;
+ case 0:
+ /* Skip the call */
+ break;
+ default:
+ if ((ret = mbedtls_ssl_set_hostname(&ssl, opt.server_name)) != 0) {
+ mbedtls_printf(" failed\n ! mbedtls_ssl_set_hostname returned %d\n\n",
+ ret);
+ goto exit;
+ }
+ break;
}
#endif
diff --git a/programs/test/query_config.c b/programs/test/query_config.c
index 5d9886b..d09b7f6 100644
--- a/programs/test/query_config.c
+++ b/programs/test/query_config.c
@@ -1376,6 +1376,14 @@
}
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+#if defined(MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME)
+ if( strcmp( "MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME */
+
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
if( strcmp( "MBEDTLS_SSL_CONTEXT_SERIALIZATION", config ) == 0 )
{
@@ -3506,6 +3514,10 @@
OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_ASYNC_PRIVATE);
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+#if defined(MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME)
+ OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME);
+#endif /* MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME */
+
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CONTEXT_SERIALIZATION);
#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
diff --git a/scripts/config.py b/scripts/config.py
index 766b5af..ef72db3 100755
--- a/scripts/config.py
+++ b/scripts/config.py
@@ -326,6 +326,7 @@
DEPRECATED = frozenset([
'MBEDTLS_SSL_PROTO_SSL3',
+ 'MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME',
'MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO',
])
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 4c2d0cc..c3b6bf9 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -1780,6 +1780,9 @@
msg "test: make, full_no_deprecated config" # ~ 5s
make test
+
+ msg "test: ssl-opt.sh authentication, full_no_deprecated config" # ~ 10s
+ tests/ssl-opt.sh -f 'Default\|Authentication'
}
component_test_full_no_deprecated_deprecated_warning () {
diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c
index 9afc633..fcdc632 100644
--- a/tests/src/test_helpers/ssl_helpers.c
+++ b/tests/src/test_helpers/ssl_helpers.c
@@ -721,6 +721,10 @@
ret = mbedtls_ssl_setup(&(ep->ssl), &(ep->conf));
TEST_ASSERT(ret == 0);
+ if (MBEDTLS_SSL_IS_CLIENT == endpoint_type) {
+ ret = mbedtls_ssl_set_hostname(&(ep->ssl), "localhost");
+ }
+
#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_SRV_C)
if (endpoint_type == MBEDTLS_SSL_IS_SERVER && dtls_context != NULL) {
mbedtls_ssl_conf_dtls_cookies(&(ep->conf), NULL, NULL, NULL);
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 4bb9d1a..afe15df 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -372,6 +372,11 @@
requires_config_enabled MBEDTLS_SSL_FALLBACK_SCSV;;
esac
+ case " $1 " in
+ *\ ca_callback=1\ *)
+ requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK;;
+ esac
+
unset tmp
}
@@ -1646,7 +1651,6 @@
-S "error" \
-C "error"
-requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "CA callback on client" \
"$P_SRV debug_level=3" \
"$P_CLI ca_callback=1 debug_level=3 " \
@@ -1655,7 +1659,6 @@
-S "error" \
-C "error"
-requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SHA256_C
@@ -4647,6 +4650,234 @@
-c "! mbedtls_ssl_handshake returned" \
-c "SSL - No CA Chain is set, but required to operate"
+# The next few tests check what happens if the server has a valid certificate
+# that does not match its name (impersonation).
+
+run_test "Authentication: hostname match, client required" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=required server_name=localhost debug_level=2" \
+ 0 \
+ -C "does not match with the expected CN" \
+ -C "Certificate verification without having set hostname" \
+ -C "Certificate verification without CN verification" \
+ -C "x509_verify_cert() returned -" \
+ -C "! mbedtls_ssl_handshake returned" \
+ -C "X509 - Certificate verification failed"
+
+run_test "Authentication: hostname match, client required, CA callback" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=required server_name=localhost debug_level=3 ca_callback=1" \
+ 0 \
+ -C "does not match with the expected CN" \
+ -C "Certificate verification without having set hostname" \
+ -C "Certificate verification without CN verification" \
+ -c "use CA callback for X.509 CRT verification" \
+ -C "x509_verify_cert() returned -" \
+ -C "! mbedtls_ssl_handshake returned" \
+ -C "X509 - Certificate verification failed"
+
+run_test "Authentication: hostname mismatch (wrong), client required" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=required server_name=wrong-name debug_level=1" \
+ 1 \
+ -c "does not match with the expected CN" \
+ -c "x509_verify_cert() returned -" \
+ -c "! mbedtls_ssl_handshake returned" \
+ -c "X509 - Certificate verification failed"
+
+run_test "Authentication: hostname mismatch (empty), client required" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=required server_name= debug_level=1" \
+ 1 \
+ -c "does not match with the expected CN" \
+ -c "x509_verify_cert() returned -" \
+ -c "! mbedtls_ssl_handshake returned" \
+ -c "X509 - Certificate verification failed"
+
+run_test "Authentication: hostname mismatch (truncated), client required" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=required server_name=localhos debug_level=1" \
+ 1 \
+ -c "does not match with the expected CN" \
+ -c "x509_verify_cert() returned -" \
+ -c "! mbedtls_ssl_handshake returned" \
+ -c "X509 - Certificate verification failed"
+
+run_test "Authentication: hostname mismatch (last char), client required" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=required server_name=localhoss debug_level=1" \
+ 1 \
+ -c "does not match with the expected CN" \
+ -c "x509_verify_cert() returned -" \
+ -c "! mbedtls_ssl_handshake returned" \
+ -c "X509 - Certificate verification failed"
+
+run_test "Authentication: hostname mismatch (trailing), client required" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=required server_name=localhostt debug_level=1" \
+ 1 \
+ -c "does not match with the expected CN" \
+ -c "x509_verify_cert() returned -" \
+ -c "! mbedtls_ssl_handshake returned" \
+ -c "X509 - Certificate verification failed"
+
+run_test "Authentication: hostname mismatch, client optional" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=optional server_name=wrong-name debug_level=2" \
+ 0 \
+ -c "does not match with the expected CN" \
+ -c "x509_verify_cert() returned -" \
+ -C "X509 - Certificate verification failed"
+
+run_test "Authentication: hostname mismatch, client none" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=none server_name=wrong-name debug_level=2" \
+ 0 \
+ -C "does not match with the expected CN" \
+ -C "Certificate verification without having set hostname" \
+ -C "Certificate verification without CN verification" \
+ -C "x509_verify_cert() returned -" \
+ -C "X509 - Certificate verification failed"
+
+run_test "Authentication: hostname null, client required" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=required set_hostname=NULL debug_level=2" \
+ 0 \
+ -C "does not match with the expected CN" \
+ -C "Certificate verification without having set hostname" \
+ -c "Certificate verification without CN verification" \
+ -C "x509_verify_cert() returned -" \
+ -C "! mbedtls_ssl_handshake returned" \
+ -C "X509 - Certificate verification failed"
+
+run_test "Authentication: hostname null, client optional" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=optional set_hostname=NULL debug_level=2" \
+ 0 \
+ -C "does not match with the expected CN" \
+ -C "Certificate verification without having set hostname" \
+ -c "Certificate verification without CN verification" \
+ -C "x509_verify_cert() returned -" \
+ -C "X509 - Certificate verification failed"
+
+run_test "Authentication: hostname null, client none" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=none set_hostname=NULL debug_level=2" \
+ 0 \
+ -C "does not match with the expected CN" \
+ -C "Certificate verification without having set hostname" \
+ -C "Certificate verification without CN verification" \
+ -C "x509_verify_cert() returned -" \
+ -C "X509 - Certificate verification failed"
+
+requires_config_disabled MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+run_test "Authentication: hostname unset, client required, secure config" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=required set_hostname=no debug_level=2" \
+ 1 \
+ -C "does not match with the expected CN" \
+ -c "Certificate verification without having set hostname" \
+ -C "Certificate verification without CN verification" \
+ -c "get_hostname_for_verification() returned -" \
+ -C "x509_verify_cert() returned -" \
+ -c "! mbedtls_ssl_handshake returned" \
+ -C "X509 - Certificate verification failed"
+
+requires_config_enabled MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+run_test "Authentication: hostname unset, client required, historical config" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=required set_hostname=no debug_level=2" \
+ 0 \
+ -C "does not match with the expected CN" \
+ -c "Certificate verification without having set hostname" \
+ -c "Certificate verification without CN verification" \
+ -C "get_hostname_for_verification() returned -" \
+ -C "x509_verify_cert() returned -" \
+ -C "! mbedtls_ssl_handshake returned" \
+ -C "X509 - Certificate verification failed"
+
+requires_config_disabled MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+run_test "Authentication: hostname unset, client required, secure config, CA callback" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=required set_hostname=no debug_level=3 ca_callback=1" \
+ 1 \
+ -C "does not match with the expected CN" \
+ -c "Certificate verification without having set hostname" \
+ -C "Certificate verification without CN verification" \
+ -c "get_hostname_for_verification() returned -" \
+ -C "use CA callback for X.509 CRT verification" \
+ -C "x509_verify_cert() returned -" \
+ -c "! mbedtls_ssl_handshake returned" \
+ -C "X509 - Certificate verification failed"
+
+requires_config_enabled MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+run_test "Authentication: hostname unset, client required, historical config, CA callback" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=required set_hostname=no debug_level=3 ca_callback=1" \
+ 0 \
+ -C "does not match with the expected CN" \
+ -c "Certificate verification without having set hostname" \
+ -c "Certificate verification without CN verification" \
+ -C "get_hostname_for_verification() returned -" \
+ -c "use CA callback for X.509 CRT verification" \
+ -C "x509_verify_cert() returned -" \
+ -C "! mbedtls_ssl_handshake returned" \
+ -C "X509 - Certificate verification failed"
+
+run_test "Authentication: hostname unset, client optional" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=optional set_hostname=no debug_level=2" \
+ 0 \
+ -C "does not match with the expected CN" \
+ -c "Certificate verification without having set hostname" \
+ -c "Certificate verification without CN verification" \
+ -C "x509_verify_cert() returned -" \
+ -C "X509 - Certificate verification failed"
+
+run_test "Authentication: hostname unset, client none" \
+ "$P_SRV" \
+ "$P_CLI auth_mode=none set_hostname=no debug_level=2" \
+ 0 \
+ -C "does not match with the expected CN" \
+ -C "Certificate verification without having set hostname" \
+ -C "Certificate verification without CN verification" \
+ -C "x509_verify_cert() returned -" \
+ -C "X509 - Certificate verification failed"
+
+requires_config_disabled MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+run_test "Authentication: hostname unset, client default, secure config, server picks cert" \
+ "$P_SRV force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
+ "$P_CLI psk=73776f726466697368 psk_identity=foo set_hostname=no debug_level=2" \
+ 1 \
+ -C "does not match with the expected CN" \
+ -c "Certificate verification without having set hostname" \
+ -C "Certificate verification without CN verification" \
+ -c "get_hostname_for_verification() returned -" \
+ -C "x509_verify_cert() returned -" \
+ -C "X509 - Certificate verification failed"
+
+requires_config_enabled MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+run_test "Authentication: hostname unset, client default, historical config, server picks cert" \
+ "$P_SRV force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
+ "$P_CLI psk=73776f726466697368 psk_identity=foo set_hostname=no debug_level=2" \
+ 0 \
+ -C "does not match with the expected CN" \
+ -c "Certificate verification without having set hostname" \
+ -c "Certificate verification without CN verification" \
+ -C "get_hostname_for_verification() returned -" \
+ -C "x509_verify_cert() returned -" \
+ -C "X509 - Certificate verification failed"
+
+run_test "Authentication: hostname unset, client default, server picks PSK" \
+ "$P_SRV force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 psk=73776f726466697368 psk_identity=foo" \
+ "$P_CLI psk=73776f726466697368 psk_identity=foo set_hostname=no debug_level=2" \
+ 0 \
+ -C "does not match with the expected CN" \
+ -C "Certificate verification without having set hostname" \
+ -C "Certificate verification without CN verification" \
+ -C "x509_verify_cert() returned -" \
+ -C "X509 - Certificate verification failed"
+
# The purpose of the next two tests is to test the client's behaviour when receiving a server
# certificate with an unsupported elliptic curve. This should usually not happen because
# the client informs the server about the supported curves - it does, though, in the
@@ -4999,7 +5230,6 @@
# Tests for auth_mode, using CA callback, these are duplicated from the authentication tests
# When updating these tests, modify the matching authentication tests accordingly
-requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: server badcert, client required" \
"$P_SRV crt_file=data_files/server5-badsign.crt \
key_file=data_files/server5.key" \
@@ -5011,7 +5241,6 @@
-c "! mbedtls_ssl_handshake returned" \
-c "X509 - Certificate verification failed"
-requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: server badcert, client optional" \
"$P_SRV crt_file=data_files/server5-badsign.crt \
key_file=data_files/server5.key" \
@@ -5031,7 +5260,6 @@
# different means to have the server ignoring the client's supported curve list.
requires_config_enabled MBEDTLS_ECP_C
-requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: server ECDH p256v1, client required, p256v1 unsupported" \
"$P_SRV debug_level=1 key_file=data_files/server5.key \
crt_file=data_files/server5.ku-ka.crt" \
@@ -5043,7 +5271,6 @@
-C "bad server certificate (ECDH curve)" # Expect failure at earlier verification stage
requires_config_enabled MBEDTLS_ECP_C
-requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: server ECDH p256v1, client optional, p256v1 unsupported" \
"$P_SRV debug_level=1 key_file=data_files/server5.key \
crt_file=data_files/server5.ku-ka.crt" \
@@ -5054,7 +5281,6 @@
-c "! Certificate verification flags"\
-c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check
-requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: client SHA256, server required" \
"$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
"$P_CLI debug_level=3 crt_file=data_files/server6.crt \
@@ -5065,7 +5291,6 @@
-c "Supported Signature Algorithm found: 4," \
-c "Supported Signature Algorithm found: 5,"
-requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: client SHA384, server required" \
"$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
"$P_CLI debug_level=3 crt_file=data_files/server6.crt \
@@ -5076,7 +5301,6 @@
-c "Supported Signature Algorithm found: 4," \
-c "Supported Signature Algorithm found: 5,"
-requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: client badcert, server required" \
"$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
"$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
@@ -5099,7 +5323,6 @@
# detect that its write end of the connection is closed and abort
# before reading the alert message.
-requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: client cert not trusted, server required" \
"$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
"$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
@@ -5118,7 +5341,6 @@
-c "! mbedtls_ssl_handshake returned" \
-s "X509 - Certificate verification failed"
-requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: client badcert, server optional" \
"$P_SRV ca_callback=1 debug_level=3 auth_mode=optional" \
"$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
@@ -5139,7 +5361,6 @@
requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
-requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: server max_int chain, client default" \
"$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
key_file=data_files/dir-maxpath/09.key" \
@@ -5150,7 +5371,6 @@
requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
-requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: server max_int+1 chain, client default" \
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
key_file=data_files/dir-maxpath/10.key" \
@@ -5161,7 +5381,6 @@
requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
-requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: server max_int+1 chain, client optional" \
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
key_file=data_files/dir-maxpath/10.key" \
@@ -5173,7 +5392,6 @@
requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
-requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: client max_int+1 chain, server optional" \
"$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
@@ -5184,7 +5402,6 @@
requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
-requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: client max_int+1 chain, server required" \
"$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
@@ -5195,7 +5412,6 @@
requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
-requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: client max_int chain, server required" \
"$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
"$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
diff --git a/tests/suites/test_suite_config.mbedtls_boolean.data b/tests/suites/test_suite_config.mbedtls_boolean.data
index 1a1d13f..718bd28 100644
--- a/tests/suites/test_suite_config.mbedtls_boolean.data
+++ b/tests/suites/test_suite_config.mbedtls_boolean.data
@@ -1264,6 +1264,14 @@
depends_on:!MBEDTLS_SSL_CBC_RECORD_SPLITTING:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C
pass:
+Config: MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+depends_on:MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C
+pass:
+
+Config: !MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+depends_on:!MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C
+pass:
+
Config: MBEDTLS_SSL_CLI_C
depends_on:MBEDTLS_SSL_CLI_C
pass: