From ab6dd362432bbec58e6259c57ef3d72fbb221fe2 Mon Sep 17 00:00:00 2001 From: Jitin George Date: Wed, 12 Jun 2019 14:12:59 +0530 Subject: [PATCH] esp_http_client: Add support to disable validation of certificate's CN field --- components/esp_http_client/esp_http_client.c | 4 ++++ components/esp_http_client/include/esp_http_client.h | 1 + 2 files changed, 5 insertions(+) diff --git a/components/esp_http_client/esp_http_client.c b/components/esp_http_client/esp_http_client.c index baab149f8a..822a02b785 100644 --- a/components/esp_http_client/esp_http_client.c +++ b/components/esp_http_client/esp_http_client.c @@ -506,6 +506,10 @@ esp_http_client_handle_t esp_http_client_init(const esp_http_client_config_t *co if (config->client_key_pem) { esp_transport_ssl_set_client_key_data(ssl, config->client_key_pem, strlen(config->client_key_pem)); } + + if (config->skip_cert_common_name_check) { + esp_transport_ssl_skip_common_name_check(ssl); + } #endif if (_set_config(client, config) != ESP_OK) { diff --git a/components/esp_http_client/include/esp_http_client.h b/components/esp_http_client/include/esp_http_client.h index d236921770..e01234a6f6 100644 --- a/components/esp_http_client/include/esp_http_client.h +++ b/components/esp_http_client/include/esp_http_client.h @@ -120,6 +120,7 @@ typedef struct { void *user_data; /*!< HTTP user_data context */ bool is_async; /*!< Set asynchronous mode, only supported with HTTPS for now */ bool use_global_ca_store; /*!< Use a global ca_store for all the connections in which this bool is set. */ + bool skip_cert_common_name_check; /*!< Skip any validation of server certificate CN field */ } esp_http_client_config_t; /**