alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-12-16 04:22:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

https_server: Add config option to min. cert. auth mode

Browse Source 
- Added a config option to set the minimum Certificate Verification
  mode to Optional
- When this option is enabled, the peer (the client) certificate
  is checked by the server, however the handshake continues even if
  verification failed.
- By default, the peer certificate is not checked and ignored by the server.

Closes https://github.com/espressif/esp-idf/issues/8664
This commit is contained in:
Laukik Hase
2022-03-28 17:34:38 +05:30
committed by BOT
parent 39d82327d2
commit d7090b4d52
4 changed files with 38 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
components/esp-tls/esp_tls_mbedtls.c
View File

@@ -509,7 +509,11 @@ esp_err_t set_server_config(esp_tls_cfg_server_t *cfg, esp_tls_t *tls)
return esp_ret;
}
} else {
#ifdef CONFIG_ESP_TLS_SERVER_MIN_AUTH_MODE_OPTIONAL
mbedtls_ssl_conf_authmode(&tls->conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
#else
mbedtls_ssl_conf_authmode(&tls->conf, MBEDTLS_SSL_VERIFY_NONE);
#endif
}
if (cfg->use_secure_element) {