drivers: wifi: simplelink: Add handling for unknown root CA
Error code SL_ERROR_BSD_ESECUNKNOWNROOTCA is returned from sl_Connect() when the root CA used is not part of the certificate catalog on the network processor. We should warn the users about this and continue on, given the connection is successful. Signed-off-by: Vincent Wan <vincent.wan@linaro.org>
This commit is contained in:
parent
ef049cc976
commit
11b4b6f660
1 changed files with 13 additions and 0 deletions
|
@ -283,6 +283,19 @@ static int simplelink_connect(int sd, const struct sockaddr *addr,
|
|||
retval = 0;
|
||||
}
|
||||
|
||||
/* Warn users when root CA is not in the certificate catalog.
|
||||
* For enhanced security, users should update the catalog with the
|
||||
* certificates for sites the device is expected to connect to. Note
|
||||
* the connection is established successfully even when the root CA
|
||||
* is not part of the catalog.
|
||||
*/
|
||||
if (retval == SL_ERROR_BSD_ESECUNKNOWNROOTCA) {
|
||||
LOG_WRN("Unknown root CA used. For proper security, please "
|
||||
"use a root CA that is part of the certificate "
|
||||
"catalog in production systems.");
|
||||
retval = 0;
|
||||
}
|
||||
|
||||
exit:
|
||||
return _SlDrvSetErrno(retval);
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue