From 2406fe8fb81ce0dbdcd4db2d10049c9b3ef4d439 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20Dom=C3=ADnguez-Dorado?= Date: Mon, 15 Mar 2021 21:21:53 +0100 Subject: [PATCH] Adds the method setSSLVersions() also to WiFiClientSecure in order to use that new feature. (#7925) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Manuel Domínguez Dorado --- libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h b/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h index ee7fc87302..602e754502 100644 --- a/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h +++ b/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h @@ -304,6 +304,10 @@ class WiFiClientSecure : public WiFiClient { bool setCiphers(const std::vector list) { return _ctx->setCiphers(list); } bool setCiphersLessSecure() { return _ctx->setCiphersLessSecure(); } // Only use the limited set of RSA ciphers without EC + // Limit the TLS versions BearSSL will connect with. Default is + // BR_TLS10...BR_TLS12. Allowed values are: BR_TLS10, BR_TLS11, BR_TLS12 + bool setSSLVersion(uint32_t min = BR_TLS10, uint32_t max = BR_TLS12) { return _ctx->setSSLVersion(min, max); }; + // Check for Maximum Fragment Length support for given len before connection (possibly insecure) static bool probeMaxFragmentLength(IPAddress ip, uint16_t port, uint16_t len); static bool probeMaxFragmentLength(const char *hostname, uint16_t port, uint16_t len);