Add warning when no authenticator, drop verify() (#5205)

Print a warning when in debug mode when a BearSSL connection tries to connect without having any defined authentication methods, since it will fail. Completely remove the empty axTLS compatibilty method "::verify(char *fp, char *name)" because it can't be done w/BearSSL w/o user code changes, and always failed. Better to have a compile failure when we know at compile time the app won't do what is expected. Completes the changes started by @d-a-v in PR #4833
2025-07-27 18:02:17 +03:00 · 2018-10-03 20:27:09 -07:00
parent 18612c97d8
commit 14808c9ac4
2 changed files with 8 additions and 1 deletions
--- a/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h
+++ b/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h
@ -122,7 +122,7 @@ class WiFiClientSecure : public WiFiClient {
    static bool probeMaxFragmentLength(const String host, uint16_t port, uint16_t len);

    // AXTLS compatible wrappers
-    bool verify(const char* fingerprint, const char* domain_name) { (void) fingerprint; (void) domain_name; return false; } // Can't handle this case, need app code changes
+    // Cannot implement this mode, we need FP before we can connect: bool verify(const char* fingerprint, const char* domain_name)
    bool verifyCertChain(const char* domain_name) { (void)domain_name; return connected(); } // If we're connected, the cert passed validation during handshake

    bool setCACert(const uint8_t* pk, size_t size);