jeans/Tasmota
jeans/Tasmota
1
0
Fork 0
mirror of https://github.com/arendst/Tasmota.git synced 2025-07-29 05:36:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

If the MDNS hostname is set, use it to verify the cert name.

Browse Source
This commit is contained in:
Mike 2019-01-17 19:09:58 -08:00
parent e7e378f463
commit c963900709
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
sonoff/xdrv_02_mqtt.ino
View File

@ -495,7 +495,19 @@ boolean MqttCheckTls(void)
AddLog_P(LOG_LEVEL_INFO, S_LOG_MQTT, PSTR(D_VERIFIED "2")); AddLog_P(LOG_LEVEL_INFO, S_LOG_MQTT, PSTR(D_VERIFIED "2"));
result = true; result = true;
} }
#endif #ifdef MDNS_HOSTNAME
// If the hostname is set, check that as well.
// This lets certs with the hostname for the CN be used.
else if (EspClient.verify(fingerprint1, MDNS_HOSTNAME)) {
AddLog_P(LOG_LEVEL_INFO, S_LOG_MQTT, PSTR(D_VERIFIED "1"));
result = true;
}
else if (EspClient.verify(fingerprint2, MDNS_HOSTNAME)) {
AddLog_P(LOG_LEVEL_INFO, S_LOG_MQTT, PSTR(D_VERIFIED "2"));
result = true;
}
#endif // MDNS_HOSTNAME
#endif // USE_MQTT_TLS_CA_CERT
} }
if (!result) AddLog_P(LOG_LEVEL_INFO, S_LOG_MQTT, PSTR(D_FAILED)); if (!result) AddLog_P(LOG_LEVEL_INFO, S_LOG_MQTT, PSTR(D_FAILED));
EspClient.stop(); EspClient.stop();