Fix 2way-auth connections for TLS clients

TLS clients that need 2-way authentication (e.g. Amazon AWS IoT cloud mqtt) need to pass a certificate and private key when creating the tls altcp_pcb. Added a new function altcp_tls_create_config_client_2wayauth() for this that replaces altcp_tls_create_config_client() for such clients. See bug #54601.
2026-05-28 02:57:05 +08:00 · 2018-09-07 20:59:31 +02:00
parent 24fc93e12f
commit 7749088a83
2 changed files with 102 additions and 19 deletions
--- a/src/include/lwip/altcp_tls.h
+++ b/src/include/lwip/altcp_tls.h
@@ -72,6 +72,13 @@ struct altcp_tls_config *altcp_tls_create_config_server_privkey_cert(const u8_t
 */
 struct altcp_tls_config *altcp_tls_create_config_client(const u8_t *cert, size_t cert_len);

+/** @ingroup altcp_tls
+ * Create an ALTCP_TLS client configuration handle with two-way server/client authentication
+ */
+struct altcp_tls_config *altcp_tls_create_config_client_2wayauth(const u8_t *ca, size_t ca_len, const u8_t *privkey, size_t privkey_len,
+                            const u8_t *privkey_pass, size_t privkey_pass_len,
+                            const u8_t *cert, size_t cert_len);
+
 /** @ingroup altcp_tls
 * Free an ALTCP_TLS configuration handle
 */