ustream-mbedtls: implement set_require_validation

In commit "ustream-openssl: wolfSSL: fix certificate validation" we've
added new set_require_validation() function so implement it for mbed TLS
as well.

Signed-off-by: Petr Štetiar <ynezz@true.cz>

diff --git a/ustream-mbedtls.c b/ustream-mbedtls.c
index 3424743c64521105e6facf39a3035eec1284fc5a..1bea9832617f514acaf81372b863e4411eb52dc2 100644 (file)
--- a/ustream-mbedtls.c
+++ b/ustream-mbedtls.c
@@ -290,6 +290,18 @@ __hidden int __ustream_ssl_set_ciphers(struct ustream_ssl_ctx *ctx, const char *
        return 0;
 }
 
+__hidden int __ustream_ssl_set_require_validation(struct ustream_ssl_ctx *ctx, bool require)
+{
+       int mode = MBEDTLS_SSL_VERIFY_OPTIONAL;
+
+       if (!require)
+               mode = MBEDTLS_SSL_VERIFY_NONE;
+
+       mbedtls_ssl_conf_authmode(&ctx->conf, mode);
+
+       return 0;
+}
+
 __hidden void __ustream_ssl_context_free(struct ustream_ssl_ctx *ctx)
 {
 #if defined(MBEDTLS_SSL_CACHE_C)