wiced_https_get() works with wrong peer_cm input. why?

Anonymous · ‎Aug 18, 2015

I was running the snip.https_client-BCM943341WCD1 download run. This uses https_client.c

I am curious why the following code still works (see image below). When the string in wiced_hostname_lookup() is different than that entered in wiced_https_get(), the code still works. Why is that? It seems like the last input into the wiced_https_get() function, is never being checked.

Please advise.

VikramR_26 · ‎Mar 21, 2016

egaraileeo egaraileeo egaraileeo

This issue has been fixed in the new SDK release. Kindly make sure you do not see this issue.

thnx

vik86

View solution in original post

Anonymous · ‎Oct 14, 2015

I am also seeing problems like that... It seems to make HTTPS/TLS useless against man in the middle attacks.

Anonymous · ‎Feb 05, 2016

https://community.broadcom.com/message/18777#18777

I just posted the same problem but with more detail. For my scenario, the first time I fails with 5037 certificate name mismatch, but then the mqtt logic in mqtt_network_connect() makes another attempt and it passes. Something must need to be reset or init again before the second pass in my scenario? Weird bug. Kind of hard to debug when there is no source code for the BESL stuff.

VikramR_26 · ‎Mar 21, 2016

egaraileeo egaraileeo egaraileeo

This issue has been fixed in the new SDK release. Kindly make sure you do not see this issue.

thnx

vik86

AxLi_1746341 · ‎Mar 28, 2016

Hi,

Which version of the SDK includes the fix? I'd like to verify this.

Thank.

MichaelF_56 · ‎Mar 28, 2016

WICED SDK 3.5.2 IDE Installer and .7z Source files is the latest released version of the Wi-Fi SDK.

Try it first. If this does not fix the issue, let me know.

AxLi_1746341 · ‎Mar 28, 2016

mwf_mmfae wrote:
WICED SDK 3.5.2 IDE Installer and .7z Source files is the latest released version of the Wi-Fi SDK. Try it first. If this does not fix the issue, let me know.

Hi mwf_mmfae,

Tested on SDK-3.5.2 and it looks good.

Thanks.