| Gilles Peskine | 02e303e | 2025-02-17 17:49:20 +0100 | [diff] [blame^] | 1 | Default behavior changes |
| 2 | * In TLS clients, if mbedtls_ssl_set_hostname() has not been called, |
| 3 | mbedtls_ssl_handshake() now fails with |
| 4 | MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME |
| 5 | if certificate-based authentication of the server is attempted. |
| 6 | This is because authenticating a server without knowing what name |
| 7 | to expect is usually insecure. |
| 8 | |
| 9 | Security |
| 10 | * Note that TLS clients should generally call mbedtls_ssl_set_hostname() |
| 11 | if they use certificate authentication (i.e. not pre-shared keys). |
| 12 | Otherwise, in many scenarios, the server could be impersonated. |
| 13 | The library will now prevent the handshake and return |
| 14 | MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME |
| 15 | if mbedtls_ssl_set_hostname() has not been called. |