tcp_transport: Add option to enable crt_bundle for SSL connection

components/tcp_transport/include/esp_transport_ssl.h

@@ -52,6 +52,16 @@ void esp_transport_ssl_set_cert_data(esp_transport_handle_t t, const char *data,
  */
 void esp_transport_ssl_set_cert_data_der(esp_transport_handle_t t, const char *data, int len);
 
+/**
+ * @brief      Enable the use of certification bundle for server verfication for
+ *             an SSL connection.
+ *             It must be first enabled in menuconfig.
+ *
+ * @param      t    ssl transport
+ * @param[in]  crt_bundle_attach    Function pointer to esp_crt_bundle_attach
+ */
+void esp_transport_ssl_crt_bundle_attach(esp_transport_handle_t t, esp_err_t ((*crt_bundle_attach)(void *conf)));
+
 /**
  * @brief      Enable global CA store for SSL connection
  *
@@ -141,14 +151,12 @@ void esp_transport_ssl_skip_common_name_check(esp_transport_handle_t t);
  */
 void esp_transport_ssl_use_secure_element(esp_transport_handle_t t);
 
-
 /**
  * @brief      Set the ds_data handle in ssl context.(used for the digital signature operation)
  *
  * @param      t        ssl transport
  *             ds_data  the handle for ds data params
  */
-
 void esp_transport_ssl_set_ds_data(esp_transport_handle_t t, void *ds_data);
 
 /**

components/tcp_transport/transport_ssl.c

@@ -304,6 +304,14 @@ void esp_transport_ssl_use_secure_element(esp_transport_handle_t t)
 }
 #endif
 
+void esp_transport_ssl_crt_bundle_attach(esp_transport_handle_t t, esp_err_t ((*crt_bundle_attach)(void *conf)))
+{
+    transport_ssl_t *ssl = esp_transport_get_context_data(t);
+    if (t && ssl) {
+        ssl->cfg.crt_bundle_attach = crt_bundle_attach;
+    }
+}
+
 static int ssl_get_socket(esp_transport_handle_t t)
 {
     if (t) {