alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-11-04 14:14:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

esp_https_ota: Enable option of using global_ca_store and x509_crt_bundle

Browse Source 
Closes https://github.com/espressif/esp-idf/issues/5504
This commit is contained in:
Aditya Patwardhan
2021-04-08 15:36:24 +05:30
committed by Harshit Malpani
parent 0e3ec4fb99
commit f496742ec8
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
components/esp_https_ota/src/esp_https_ota.c
View File

@@ -160,6 +160,12 @@ static esp_err_t _ota_write(esp_https_ota_t *https_ota_handle, const void *buffe
return err;
}
static bool is_server_verification_enabled(esp_https_ota_config_t *ota_config) {
return (ota_config->http_config->cert_pem
|| ota_config->http_config->use_global_ca_store
|| !(ota_config->http_config->crt_bundle_attach == NULL));
}
esp_err_t esp_https_ota_begin(esp_https_ota_config_t *ota_config, esp_https_ota_handle_t *handle)
{
esp_err_t err;
@@ -173,8 +179,8 @@ esp_err_t esp_https_ota_begin(esp_https_ota_config_t *ota_config, esp_https_ota_
}
#if !CONFIG_OTA_ALLOW_HTTP
if (!ota_config->http_config->cert_pem) {
ESP_LOGE(TAG, "Server certificate not found in esp_http_client config");
if (!is_server_verification_enabled(ota_config)) {
ESP_LOGE(TAG, "No option for server verification is enabled in esp_http_client config.");
*handle = NULL;
return ESP_ERR_INVALID_ARG;
}