mirror/lwip
1
0
Fork 0
mirror of https://github.com/lwip-tcpip/lwip.git synced 2025-01-13 06:37:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added the configuration option ALTCP_MBEDTLS_AUTHMODE to set the certificate verification mode.

Browse Source 
Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
This commit is contained in:
Giuseppe Modugno 2019-06-11 09:50:31 +02:00 committed by Simon Goldschmidt
parent edeeef0d20
commit 832490eec8
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/apps/altcp_tls/altcp_tls_mbedtls.c
View File

@ -755,7 +755,7 @@ altcp_tls_create_config(int is_server, u8_t cert_count, u8_t pkey_count, int hav
altcp_mbedtls_free_config(conf); altcp_mbedtls_free_config(conf);
return NULL; return NULL;
} }
mbedtls_ssl_conf_authmode(&conf->conf, MBEDTLS_SSL_VERIFY_OPTIONAL); mbedtls_ssl_conf_authmode(&conf->conf, ALTCP_MBEDTLS_AUTHMODE);
mbedtls_ssl_conf_rng(&conf->conf, mbedtls_ctr_drbg_random, &altcp_tls_entropy_rng->ctr_drbg); mbedtls_ssl_conf_rng(&conf->conf, mbedtls_ctr_drbg_random, &altcp_tls_entropy_rng->ctr_drbg);
#if ALTCP_MBEDTLS_LIB_DEBUG != LWIP_DBG_OFF #if ALTCP_MBEDTLS_LIB_DEBUG != LWIP_DBG_OFF

6
src/include/lwip/apps/altcp_tls_mbedtls_opts.h
View File

@ -100,6 +100,12 @@
#define ALTCP_MBEDTLS_SESSION_TICKET_TIMEOUT_SECONDS (60 * 60 * 24) #define ALTCP_MBEDTLS_SESSION_TICKET_TIMEOUT_SECONDS (60 * 60 * 24)
#endif #endif
/** Certificate verification mode: MBEDTLS_SSL_VERIFY_NONE, MBEDTLS_SSL_VERIFY_OPTIONAL (default),
* MBEDTLS_SSL_VERIFY_REQUIRED (recommended)*/
#ifndef ALTCP_MBEDTLS_AUTHMODE
#define ALTCP_MBEDTLS_AUTHMODE MBEDTLS_SSL_VERIFY_OPTIONAL
#endif
#endif /* LWIP_ALTCP */ #endif /* LWIP_ALTCP */
#endif /* LWIP_HDR_ALTCP_TLS_OPTS_H */ #endif /* LWIP_HDR_ALTCP_TLS_OPTS_H */