diff --git a/code/espurna/libs/SecureClientHelpers.h b/code/espurna/libs/SecureClientHelpers.h index 2fb4bf8b..0a17e28c 100644 --- a/code/espurna/libs/SecureClientHelpers.h +++ b/code/espurna/libs/SecureClientHelpers.h @@ -15,11 +15,20 @@ namespace SecureClientHelpers { using host_callback_f = std::function; -using check_callback_f = std::function; +using check_callback_f = std::function; using fp_callback_f = std::function; using cert_callback_f = std::function; using mfln_callback_f = std::function; +const char * _secureClientCheckAsString(int check) { + switch (check) { + case SECURE_CLIENT_CHECK_NONE: return "no validation"; + case SECURE_CLIENT_CHECK_FINGERPRINT: return "fingerprint validation"; + case SECURE_CLIENT_CHECK_CA: return "CA validation"; + default: return "unknown"; + } +} + #if SECURE_CLIENT == SECURE_CLIENT_AXTLS using SecureClientClass = axTLS::WiFiClientSecure; @@ -60,6 +69,10 @@ struct SecureClientChecks { int check = getCheck(); + if(config.debug) { + DEBUG_MSG_P(PSTR("[%s] Using SSL check type: %s\n"), config.tag.c_str(), _secureClientCheckAsString(check)); + } + if (check == SECURE_CLIENT_CHECK_NONE) { if (config.debug) DEBUG_MSG_P(PSTR("[%s] !!! Secure connection will not be validated !!!\n"), config.tag.c_str()); result = true; @@ -152,6 +165,10 @@ struct SecureClientChecks { int check = getCheck(); bool settime = (check == SECURE_CLIENT_CHECK_CA); + if(config.debug) { + DEBUG_MSG_P(PSTR("[%s] Using SSL check type: %s\n"), config.tag.c_str(), _secureClientCheckAsString(check)); + } + if (!ntpSynced() && settime) { if (config.debug) DEBUG_MSG_P(PSTR("[%s] Time not synced! Cannot use CA validation\n"), config.tag.c_str()); return false;