tcp_transport: Add option to enable crt_bundle for SSL connection

components/tcp_transport/include/esp_transport_ssl.h

@@ -52,6 +52,16 @@ void esp_transport_ssl_set_cert_data(esp_transport_handle_t t, const char *data,
  */
 void esp_transport_ssl_set_cert_data_der(esp_transport_handle_t t, const char *data, int len);
 
+/**
+ * @brief      Enable the use of certification bundle for server verfication for
+ *             an SSL connection.
+ *             It must be first enabled in menuconfig.
+ *
+ * @param      t    ssl transport
+ * @param[in]  crt_bundle_attach    Function pointer to esp_crt_bundle_attach
+ */
+void esp_transport_ssl_crt_bundle_attach(esp_transport_handle_t t, esp_err_t ((*crt_bundle_attach)(void *conf)));
+
 /**
  * @brief      Enable global CA store for SSL connection
  *
@@ -141,14 +151,12 @@ void esp_transport_ssl_skip_common_name_check(esp_transport_handle_t t);
  */
 void esp_transport_ssl_use_secure_element(esp_transport_handle_t t);
 
-
 /**
  * @brief      Set the ds_data handle in ssl context.(used for the digital signature operation)
  *
  * @param      t        ssl transport
  *             ds_data  the handle for ds data params
  */
-
 void esp_transport_ssl_set_ds_data(esp_transport_handle_t t, void *ds_data);
 
 /**

components/tcp_transport/transport_ssl.c

@@ -329,6 +329,12 @@ void esp_transport_ssl_use_secure_element(esp_transport_handle_t t)
     ssl->cfg.use_secure_element = true;
 }
 
+void esp_transport_ssl_crt_bundle_attach(esp_transport_handle_t t, esp_err_t ((*crt_bundle_attach)(void *conf)))
+{
+    GET_SSL_FROM_TRANSPORT_OR_RETURN(ssl, t);
+    ssl->cfg.crt_bundle_attach = crt_bundle_attach;
+}
+
 static int ssl_get_socket(esp_transport_handle_t t)
 {
     transport_esp_tls_t *ssl = ssl_get_context_data(t);