djsundog
/
circuitpython
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

stm32/mbedtls: Enable MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE. 

This adds MBEDTLS_MD_SHA1 to the list of default hashes for TLS 1.2
handshake signatures.  Although SHA-1 is weak, this option is turned on in
the default mbedtls configuration file, and allows better compatibility
with older servers.  In particular it allows an stm32-mbedtls-based client
to connect to an axtls-based client (eg default unix port and esp8266).

Signed-off-by: Damien George <damien@micropython.org>
This commit is contained in:
Damien George 2022-01-17 17:21:48 +11:00
parent 2c9dc5742a
commit 5e506567a3
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ports/stm32/mbedtls/mbedtls_config.h
View File

@ -82,6 +82,7 @@
#define MBEDTLS_SSL_CLI_C
#define MBEDTLS_SSL_SRV_C
#define MBEDTLS_SSL_TLS_C
#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
#define MBEDTLS_X509_CRT_PARSE_C
#define MBEDTLS_X509_USE_C