summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--lib/lwip/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/lwip/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c b/lib/lwip/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c
index fa3d1d74fed..ef51a5ac168 100644
--- a/lib/lwip/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c
+++ b/lib/lwip/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c
@@ -298,6 +298,9 @@ altcp_mbedtls_lower_recv_process(struct altcp_pcb *conn, altcp_mbedtls_state_t *
if (ret != 0) {
LWIP_DEBUGF(ALTCP_MBEDTLS_DEBUG, ("mbedtls_ssl_handshake failed: %d\n", ret));
/* handshake failed, connection has to be closed */
+ if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) {
+ printf("Certificate verification failed\n");
+ }
if (conn->err) {
conn->err(conn->arg, ERR_CLSD);
}
@@ -841,6 +844,9 @@ altcp_tls_create_config(int is_server, u8_t cert_count, u8_t pkey_count, int hav
altcp_mbedtls_free_config(conf);
return NULL;
}
+ if (authmode == MBEDTLS_SSL_VERIFY_NONE) {
+ printf("WARNING: no CA certificates, HTTPS connections not authenticated\n");
+ }
mbedtls_ssl_conf_authmode(&conf->conf, authmode);
mbedtls_ssl_conf_rng(&conf->conf, mbedtls_ctr_drbg_random, &altcp_tls_entropy_rng->ctr_drbg);
generated by cgit v1.2.3 (git 2.0.4) at 2025-08-02 03:44:00 +0000