[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [lwip-users] Elevating existing connection to TLS
|
From: |
address@hidden |
|
Subject: |
Re: [lwip-users] Elevating existing connection to TLS |
|
Date: |
Wed, 29 Apr 2020 06:38:04 +0200 |
|
User-agent: |
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0 |
Am 29.04.2020 um 01:09 schrieb Josh McAtee:
> Sorry if I wasn't being clear.
> Take the existing SMTP app, for example - it uses the altcp layer already.
> But, the connection can only be made either with or without TLS from the
> beginning of the connection.
> I want to implement STARTTLS, in which the connection starts out plain
> TCP and then is elevated to TLS later, after the STARTTLS command is
> sent from the client (and 220 go ahead received back from the server).
> So the TLS handshake starts after the connection has already been
> established and some non-TLS communication has already been made.
>
> Does that make sense?
Yes, that makes sense. But that's not implemented yet.
However, using the altcp API, it should be possible to insert the TLS
layer at any time. You'd have to program a function that does the
insertion, the rest would be TLS-lib-specific (e.g. mbedTLS-specific).
Regards,
Simon