diff options
author | VProdanov <VProdanov@luxoft.com> | 2016-08-01 14:03:42 +0300 |
---|---|---|
committer | VProdanov <VProdanov@luxoft.com> | 2016-08-02 10:37:51 +0300 |
commit | 8449d0d5e748ea1587e3c02df199ef55181f2c5f (patch) | |
tree | d118a7f0b869db903bff13f6e0ab810b0d45b121 | |
parent | 2b4db8814d09c0ca668934d2e52e8102724c6ccb (diff) | |
download | sdl_core-8449d0d5e748ea1587e3c02df199ef55181f2c5f.tar.gz |
Change_VerifyPeer_parameter_in_ini_file_to_true
By implementing this feature we fix secure service opening
without validation.The problem which is occuring is that
when we remove the server cridentials from SDL and start
secure service we succeed. The reason for that is the VerifyPeer
located in .ini file which by default was set false. As result
SSL_CTX_set_verify is called without SSL_VERIFY_PEER, which is
the reason server`s cridentials to not be checked.
Requirement: APPLINK-22607
Fix-issue: APPLINK-17757
-rw-r--r-- | src/appMain/smartDeviceLink.ini | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/appMain/smartDeviceLink.ini b/src/appMain/smartDeviceLink.ini index 12d465c801..a9baf8c45a 100644 --- a/src/appMain/smartDeviceLink.ini +++ b/src/appMain/smartDeviceLink.ini @@ -156,7 +156,7 @@ SSLMode = CLIENT ;CipherList = AES256-GCM-SHA384 CipherList = ALL ; Verify Mobile app certificate (could be used in both SSLMode Server and Client) -VerifyPeer = false +VerifyPeer = true ; Preloaded CA certificates directory CACertificatePath = . ; Services which can not be started unprotected (could be id's from 0x01 to 0xFF) |