diff options
author | Petr Štetiar <ynezz@true.cz> | 2020-12-10 12:21:33 +0100 |
---|---|---|
committer | Petr Štetiar <ynezz@true.cz> | 2020-12-10 15:10:19 +0100 |
commit | 55c3fd89d50805b7bdd5bcee3a43986f983f20db (patch) | |
tree | 1abdc9611df053a129db046f4ac1558d2c49705e | |
parent | c6b4c48689a3e80a6fd26a66f8699a2d8aaece6d (diff) | |
download | ustream-ssl-55c3fd89d50805b7bdd5bcee3a43986f983f20db.tar.gz |
ustream-mbedtls: implement set_require_validation
In commit "ustream-openssl: wolfSSL: fix certificate validation" we've
added new set_require_validation() function so implement it for mbed TLS
as well.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
-rw-r--r-- | ustream-mbedtls.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/ustream-mbedtls.c b/ustream-mbedtls.c index 3424743..1bea983 100644 --- a/ustream-mbedtls.c +++ b/ustream-mbedtls.c @@ -290,6 +290,18 @@ __hidden int __ustream_ssl_set_ciphers(struct ustream_ssl_ctx *ctx, const char * return 0; } +__hidden int __ustream_ssl_set_require_validation(struct ustream_ssl_ctx *ctx, bool require) +{ + int mode = MBEDTLS_SSL_VERIFY_OPTIONAL; + + if (!require) + mode = MBEDTLS_SSL_VERIFY_NONE; + + mbedtls_ssl_conf_authmode(&ctx->conf, mode); + + return 0; +} + __hidden void __ustream_ssl_context_free(struct ustream_ssl_ctx *ctx) { #if defined(MBEDTLS_SSL_CACHE_C) |