Merge pull request #96172 from Faless/fix/tls_unsafe_pin

[mbedTLS] Fix incorrect cert pinning with `client_unsafe`
This commit is contained in:
Rémi Verschelde 2024-08-27 17:52:44 +02:00
commit e6f94443ba
No known key found for this signature in database
GPG key ID: C3336907360768E1

View file

@ -153,7 +153,7 @@ Error TLSContextMbedTLS::init_client(int p_transport, const String &p_hostname,
int authmode = MBEDTLS_SSL_VERIFY_REQUIRED;
bool unsafe = p_options->is_unsafe_client();
if (unsafe && p_options->get_trusted_ca_chain().is_valid()) {
if (unsafe && p_options->get_trusted_ca_chain().is_null()) {
authmode = MBEDTLS_SSL_VERIFY_NONE;
}