From 4904d57fd98a787e41c268cfa19f590a0607b3c9 Mon Sep 17 00:00:00 2001 From: Aditya Patwardhan Date: Tue, 6 Sep 2022 09:00:57 +0530 Subject: [PATCH] esp_http_client: Added support to set server common name. --- components/esp_http_client/esp_http_client.c | 4 ++++ components/esp_http_client/include/esp_http_client.h | 3 +++ 2 files changed, 7 insertions(+) diff --git a/components/esp_http_client/esp_http_client.c b/components/esp_http_client/esp_http_client.c index 221cc64526..e97291331a 100644 --- a/components/esp_http_client/esp_http_client.c +++ b/components/esp_http_client/esp_http_client.c @@ -670,6 +670,10 @@ esp_http_client_handle_t esp_http_client_init(const esp_http_client_config_t *co if (config->skip_cert_common_name_check) { esp_transport_ssl_skip_common_name_check(ssl); } + + if (config->common_name) { + esp_transport_ssl_set_common_name(ssl, config->common_name); + } #endif if (_set_config(client, config) != ESP_OK) { diff --git a/components/esp_http_client/include/esp_http_client.h b/components/esp_http_client/include/esp_http_client.h index 586b38f6fe..e5e91650fc 100644 --- a/components/esp_http_client/include/esp_http_client.h +++ b/components/esp_http_client/include/esp_http_client.h @@ -129,6 +129,9 @@ typedef struct { bool is_async; /*!< Set asynchronous mode, only supported with HTTPS for now */ bool use_global_ca_store; /*!< Use a global ca_store for all the connections in which this bool is set. */ bool skip_cert_common_name_check; /*!< Skip any validation of server certificate CN field */ + const char *common_name; /*!< Pointer to the string containing server certificate common name. + If non-NULL, server certificate CN must match this name, + If NULL, server certificate CN must match hostname. */ esp_err_t (*crt_bundle_attach)(void *conf); /*!< Function pointer to esp_crt_bundle_attach. Enables the use of certification bundle for server verification, must be enabled in menuconfig */ bool keep_alive_enable; /*!< Enable keep-alive timeout */