Skip to content

Commit 32f5c33

Browse files
pennampennam
committed
Allow overriding default client profile
1 parent 5c27869 commit 32f5c33

File tree

2 files changed

+15
-5
lines changed

2 files changed

+15
-5
lines changed

src/BearSSLClient.cpp

+12-3
Original file line numberDiff line numberDiff line change
@@ -28,15 +28,19 @@
2828
#include <ArduinoECCX08.h>
2929
#endif
3030

31+
#ifndef ARDUINO_BEARSSL_DISABLE_BUILTIN_TRUST_ANCHORS
3132
#include "BearSSLTrustAnchors.h"
33+
#endif
3234
#include "utility/eccX08_asn1.h"
3335

3436
#include "BearSSLClient.h"
3537

38+
#ifndef ARDUINO_BEARSSL_DISABLE_BUILTIN_TRUST_ANCHORS
3639
BearSSLClient::BearSSLClient(Client& client) :
3740
BearSSLClient(&client, TAs, TAs_NUM)
3841
{
3942
}
43+
#endif
4044

4145
BearSSLClient::BearSSLClient(Client& client, const br_x509_trust_anchor* myTAs, int myNumTAs)
4246
: BearSSLClient(&client, myTAs, myNumTAs)
@@ -49,7 +53,8 @@ BearSSLClient::BearSSLClient(Client* client, const br_x509_trust_anchor* myTAs,
4953
_numTAs(myNumTAs),
5054
_noSNI(false),
5155
_skeyDecoder(NULL),
52-
_ecChainLen(0)
56+
_ecChainLen(0),
57+
_br_ssl_client_init_function(br_ssl_client_init_full)
5358
{
5459
#ifndef ARDUINO_DISABLE_ECCX08
5560
_ecVrfy = eccX08_vrfy_asn1;
@@ -436,8 +441,12 @@ int BearSSLClient::errorCode()
436441

437442
int BearSSLClient::connectSSL(const char* host)
438443
{
439-
// initialize client context with all algorithms and hardcoded trust anchors
440-
br_ssl_client_init_full(&_sc, &_xc, _TAs, _numTAs);
444+
if (!_br_ssl_client_init_function) {
445+
return 0;
446+
}
447+
448+
// initialize client context with enabled algorithms and trust anchors
449+
_br_ssl_client_init_function(&_sc, &_xc, _TAs, _numTAs);
441450

442451
br_ssl_engine_set_buffers_bidi(&_sc.eng, _ibuf, sizeof(_ibuf), _obuf, sizeof(_obuf));
443452

src/BearSSLClient.h

+3-2
Original file line numberDiff line numberDiff line change
@@ -64,9 +64,8 @@ class BearSSLClient : public Client {
6464
BearSSLClient(Client* client, const br_x509_trust_anchor* myTAs, int myNumTAs);
6565
virtual ~BearSSLClient();
6666

67-
6867
inline void setClient(Client& client) { _client = &client; }
69-
68+
inline void setProfile(void(*client_init_function)(br_ssl_client_context *cc, br_x509_minimal_context *xc, const br_x509_trust_anchor *trust_anchors, size_t trustrust_anchorst_anchors_num)) { _br_ssl_client_init_function = client_init_function; }
7069

7170
virtual int connect(IPAddress ip, uint16_t port);
7271
virtual int connect(const char* host, uint16_t port);
@@ -131,6 +130,8 @@ class BearSSLClient : public Client {
131130
unsigned char _ibuf[BEAR_SSL_CLIENT_IBUF_SIZE];
132131
unsigned char _obuf[BEAR_SSL_CLIENT_OBUF_SIZE];
133132
br_sslio_context _ioc;
133+
134+
void (*_br_ssl_client_init_function)(br_ssl_client_context *cc, br_x509_minimal_context *xc, const br_x509_trust_anchor *trust_anchors, size_t trust_anchors_num);
134135
};
135136

136137
#endif

0 commit comments

Comments
 (0)