8000 Keep client certs when server authentication set by earlephilhower · Pull Request #7464 · esp8266/Arduino · GitHub
[go: up one dir, main page]
Skip to content

Keep client certs when server authentication set #7464

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Jul 17, 2020
Merged

Keep client certs when server authentication set #7464

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
fcd789d
Keep client certs when server authentication set
earlephilhower Jul 17, 2020
8be7493
Merge branch 'master' into setinsec1
earlephilhower Jul 17, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
Keep client certs when server authentication set 
WiFiClientSecure.setInsecure() was clearing the secret key (but not the
_chain public client cert) incorrectly.  The other server authentication
modes also had the same effect.

The only way for it to work would be if the app first set the server
authentication method and then the client keys.  There's no good reason
for this.

Adjust the connection to only clear the server id methods and leave the
client ID untouched.

Fixes #7455
  • Loading branch information
@earlephilhower
earlephilhower committed Jul 17, 2020
commit fcd789dad40711f5fb2c5a389e4718838f5fd1d8
3 changes: 0 additions & 3 deletions libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -96,11 +96,8 @@ void WiFiClientSecure::_clearAuthenticationSettings() {
_use_fingerprint = false;
_use_self_signed = false;
_knownkey = nullptr;
_sk = nullptr;
_ta = nullptr;
_axtls_ta = nullptr;
_axtls_chain = nullptr;
_axtls_sk = nullptr;
}


Expand Down
0