From 99f657d89f43615bff12e00e59d07499dccec20d Mon Sep 17 00:00:00 2001 From: Fabio Alessandrelli Date: Thu, 22 Aug 2019 15:04:00 +0200 Subject: Fix StreamPeerSSL connect_to_stream w/ custom cert Follow up on #29871. Was checking the wrong parameter, causing the code to ignore provided stream-specific SSL certificate. --- modules/mbedtls/ssl_context_mbedtls.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/mbedtls/ssl_context_mbedtls.cpp') diff --git a/modules/mbedtls/ssl_context_mbedtls.cpp b/modules/mbedtls/ssl_context_mbedtls.cpp index 014a201f9c..edd679e335 100644 --- a/modules/mbedtls/ssl_context_mbedtls.cpp +++ b/modules/mbedtls/ssl_context_mbedtls.cpp @@ -96,7 +96,7 @@ Error SSLContextMbedTLS::init_server(int p_transport, int p_authmode, Ref p_valid_cas) { X509CertificateMbedTLS *cas = NULL; - if (certs.is_valid()) { + if (p_valid_cas.is_valid()) { // Locking CA certificates certs = p_valid_cas; certs->lock(); -- cgit v1.2.3 From 17d5b471b9be55a60c366da82629099f6937ec88 Mon Sep 17 00:00:00 2001 From: Fabio Alessandrelli Date: Thu, 22 Aug 2019 16:40:43 +0200 Subject: Better error handling in SSLContext, Crypto --- modules/mbedtls/ssl_context_mbedtls.cpp | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'modules/mbedtls/ssl_context_mbedtls.cpp') diff --git a/modules/mbedtls/ssl_context_mbedtls.cpp b/modules/mbedtls/ssl_context_mbedtls.cpp index edd679e335..97b5e23f58 100644 --- a/modules/mbedtls/ssl_context_mbedtls.cpp +++ b/modules/mbedtls/ssl_context_mbedtls.cpp @@ -94,6 +94,9 @@ Error SSLContextMbedTLS::init_server(int p_transport, int p_authmode, Ref p_valid_cas) { + Error err = _setup(MBEDTLS_SSL_IS_CLIENT, p_transport, p_authmode); + ERR_FAIL_COND_V(err != OK, err); + X509CertificateMbedTLS *cas = NULL; if (p_valid_cas.is_valid()) { @@ -104,12 +107,12 @@ Error SSLContextMbedTLS::init_client(int p_transport, int p_authmode, Refcert), NULL); mbedtls_ssl_setup(&ssl, &conf); -- cgit v1.2.3