Home Verkennen Help
Inloggen
RT-Thread-packages
/
lwip
spiegel van https://github-proxy.rt-thread.io/RT-Thread-packages/lwip.git
2
0
Vork 0
Bestanden Issues 0 Wiki
Bladeren bron

Added the configuration option ALTCP_MBEDTLS_AUTHMODE to set the certificate verification mode.

Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
Giuseppe Modugno 6 jaren geleden
bovenliggende
edeeef0d20
commit
832490eec8
2 gewijzigde bestanden met toevoegingen van 7 en 1 verwijderingen
Zij-aan-zij weergave Toon Diff Stats
  1. 1 1
      src/apps/altcp_tls/altcp_tls_mbedtls.c
  2. 6 0
      src/include/lwip/apps/altcp_tls_mbedtls_opts.h

+ 1 - 1
src/apps/altcp_tls/altcp_tls_mbedtls.c
Bestand weergeven 

@@ -755,7 +755,7 @@ altcp_tls_create_config(int is_server, u8_t cert_count, u8_t pkey_count, int hav
 
     altcp_mbedtls_free_config(conf);
 
     return NULL;
 
   }
 
-  mbedtls_ssl_conf_authmode(&conf->conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
 
+  mbedtls_ssl_conf_authmode(&conf->conf, ALTCP_MBEDTLS_AUTHMODE);
 
 
   mbedtls_ssl_conf_rng(&conf->conf, mbedtls_ctr_drbg_random, &altcp_tls_entropy_rng->ctr_drbg);
 
 #if ALTCP_MBEDTLS_LIB_DEBUG != LWIP_DBG_OFF

+ 6 - 0
src/include/lwip/apps/altcp_tls_mbedtls_opts.h
Bestand weergeven 

@@ -100,6 +100,12 @@
 
 #define ALTCP_MBEDTLS_SESSION_TICKET_TIMEOUT_SECONDS  (60 * 60 * 24)
 
 #endif
 
 
+/** Certificate verification mode: MBEDTLS_SSL_VERIFY_NONE, MBEDTLS_SSL_VERIFY_OPTIONAL (default),
 
+ * MBEDTLS_SSL_VERIFY_REQUIRED (recommended)*/
 
+#ifndef ALTCP_MBEDTLS_AUTHMODE
 
+#define ALTCP_MBEDTLS_AUTHMODE                        MBEDTLS_SSL_VERIFY_OPTIONAL
 
+#endif
 
+
 
 #endif /* LWIP_ALTCP */
 
 
 #endif /* LWIP_HDR_ALTCP_TLS_OPTS_H */