summaryrefslogtreecommitdiffstats
path: root/src/mbedTLS++/SslConfig.cpp
diff options
context:
space:
mode:
authorMattes D <github@xoft.cz>2023-05-09 19:59:15 +0200
committerMattes D <github@xoft.cz>2023-05-19 16:25:12 +0200
commit97c49c6f294a0b7e931be2692c124bd78fc79946 (patch)
tree872fcdfbfc30ff0ed2e2e444bb965769ea147e60 /src/mbedTLS++/SslConfig.cpp
parentcTCPLink: Use the original connection hostname for SNI. (diff)
downloadcuberite-97c49c6f294a0b7e931be2692c124bd78fc79946.tar
cuberite-97c49c6f294a0b7e931be2692c124bd78fc79946.tar.gz
cuberite-97c49c6f294a0b7e931be2692c124bd78fc79946.tar.bz2
cuberite-97c49c6f294a0b7e931be2692c124bd78fc79946.tar.lz
cuberite-97c49c6f294a0b7e931be2692c124bd78fc79946.tar.xz
cuberite-97c49c6f294a0b7e931be2692c124bd78fc79946.tar.zst
cuberite-97c49c6f294a0b7e931be2692c124bd78fc79946.zip
Diffstat (limited to 'src/mbedTLS++/SslConfig.cpp')
-rw-r--r--src/mbedTLS++/SslConfig.cpp6
1 files changed, 3 insertions, 3 deletions
diff --git a/src/mbedTLS++/SslConfig.cpp b/src/mbedTLS++/SslConfig.cpp
index 054d63980..9bcac741f 100644
--- a/src/mbedTLS++/SslConfig.cpp
+++ b/src/mbedTLS++/SslConfig.cpp
@@ -5,7 +5,7 @@
#include "mbedTLS++/CryptoKey.h"
#include "mbedTLS++/EntropyContext.h"
-#include "mbedTLS++/RootCA.h"
+#include "mbedTLS++/X509Cert.h"
// This allows us to debug SSL and certificate problems, but produce way too much output,
@@ -235,8 +235,8 @@ std::shared_ptr<cSslConfig> cSslConfig::MakeDefaultConfig(bool a_IsClient)
Ret->SetRng(std::move(CtrDrbg));
}
- Ret->SetAuthMode(eSslAuthMode::Required);
- Ret->SetCACerts(GetCACerts());
+ // By default we have no root CAs, so no cert verification can be done:
+ Ret->SetAuthMode(eSslAuthMode::None);
#ifndef NDEBUG
#ifdef ENABLE_SSL_DEBUG_MSG