Andrew/redot-engine
1
0
Fork 0
mirror of https://github.com/Redot-Engine/redot-engine.git synced 2025-12-06 23:31:53 -05:00
Code Issues Packages Projects Releases Wiki Activity

[Crypto] Expose TLSOptions getters

Browse Source
This commit is contained in:
Fabio Alessandrelli
2024-06-11 11:13:22 +02:00
parent 71699e08c9
commit 3639c1f0ca
4 changed files with 62 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
modules/mbedtls/tls_context_mbedtls.cpp
View File

@@ -152,21 +152,23 @@ Error TLSContextMbedTLS::init_client(int p_transport, const String &p_hostname,
ERR_FAIL_COND_V(p_options.is_null() || p_options->is_server(), ERR_INVALID_PARAMETER);
int authmode = MBEDTLS_SSL_VERIFY_REQUIRED;
if (p_options->get_verify_mode() == TLSOptions::TLS_VERIFY_NONE) {
bool unsafe = p_options->is_unsafe_client();
if (unsafe && p_options->get_trusted_ca_chain().is_valid()) {
authmode = MBEDTLS_SSL_VERIFY_NONE;
}
Error err = _setup(MBEDTLS_SSL_IS_CLIENT, p_transport, authmode);
ERR_FAIL_COND_V(err != OK, err);
if (p_options->get_verify_mode() == TLSOptions::TLS_VERIFY_FULL) {
String cn = p_options->get_common_name();
if (unsafe) {
// No hostname verification for unsafe clients.
mbedtls_ssl_set_hostname(&tls, nullptr);
} else {
String cn = p_options->get_common_name_override();
if (cn.is_empty()) {
cn = p_hostname;
}
mbedtls_ssl_set_hostname(&tls, cn.utf8().get_data());
} else {
mbedtls_ssl_set_hostname(&tls, nullptr);
}
X509CertificateMbedTLS *cas = nullptr;