|
@ -15,11 +15,20 @@ |
|
|
namespace SecureClientHelpers { |
|
|
namespace SecureClientHelpers { |
|
|
|
|
|
|
|
|
using host_callback_f = std::function<String()>; |
|
|
using host_callback_f = std::function<String()>; |
|
|
using check_callback_f = std::function<bool()>; |
|
|
|
|
|
|
|
|
using check_callback_f = std::function<int()>; |
|
|
using fp_callback_f = std::function<String()>; |
|
|
using fp_callback_f = std::function<String()>; |
|
|
using cert_callback_f = std::function<const char*()>; |
|
|
using cert_callback_f = std::function<const char*()>; |
|
|
using mfln_callback_f = std::function<uint16_t()>; |
|
|
using mfln_callback_f = std::function<uint16_t()>; |
|
|
|
|
|
|
|
|
|
|
|
const char * _secureClientCheckAsString(int check) { |
|
|
|
|
|
switch (check) { |
|
|
|
|
|
case SECURE_CLIENT_CHECK_NONE: return "no validation"; |
|
|
|
|
|
case SECURE_CLIENT_CHECK_FINGERPRINT: return "fingerprint validation"; |
|
|
|
|
|
case SECURE_CLIENT_CHECK_CA: return "CA validation"; |
|
|
|
|
|
default: return "unknown"; |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
#if SECURE_CLIENT == SECURE_CLIENT_AXTLS |
|
|
#if SECURE_CLIENT == SECURE_CLIENT_AXTLS |
|
|
using SecureClientClass = axTLS::WiFiClientSecure; |
|
|
using SecureClientClass = axTLS::WiFiClientSecure; |
|
|
|
|
|
|
|
@ -60,6 +69,10 @@ struct SecureClientChecks { |
|
|
|
|
|
|
|
|
int check = getCheck(); |
|
|
int check = getCheck(); |
|
|
|
|
|
|
|
|
|
|
|
if(config.debug) { |
|
|
|
|
|
DEBUG_MSG_P(PSTR("[%s] Using SSL check type: %s\n"), config.tag.c_str(), _secureClientCheckAsString(check)); |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
if (check == SECURE_CLIENT_CHECK_NONE) { |
|
|
if (check == SECURE_CLIENT_CHECK_NONE) { |
|
|
if (config.debug) DEBUG_MSG_P(PSTR("[%s] !!! Secure connection will not be validated !!!\n"), config.tag.c_str()); |
|
|
if (config.debug) DEBUG_MSG_P(PSTR("[%s] !!! Secure connection will not be validated !!!\n"), config.tag.c_str()); |
|
|
result = true; |
|
|
result = true; |
|
@ -152,6 +165,10 @@ struct SecureClientChecks { |
|
|
int check = getCheck(); |
|
|
int check = getCheck(); |
|
|
bool settime = (check == SECURE_CLIENT_CHECK_CA); |
|
|
bool settime = (check == SECURE_CLIENT_CHECK_CA); |
|
|
|
|
|
|
|
|
|
|
|
if(config.debug) { |
|
|
|
|
|
DEBUG_MSG_P(PSTR("[%s] Using SSL check type: %s\n"), config.tag.c_str(), _secureClientCheckAsString(check)); |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
if (!ntpSynced() && settime) { |
|
|
if (!ntpSynced() && settime) { |
|
|
if (config.debug) DEBUG_MSG_P(PSTR("[%s] Time not synced! Cannot use CA validation\n"), config.tag.c_str()); |
|
|
if (config.debug) DEBUG_MSG_P(PSTR("[%s] Time not synced! Cannot use CA validation\n"), config.tag.c_str()); |
|
|
return false; |
|
|
return false; |
|
|