stm32/mbedtls: Enable MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE.
This adds MBEDTLS_MD_SHA1 to the list of default hashes for TLS 1.2 handshake signatures. Although SHA-1 is weak, this option is turned on in the default mbedtls configuration file, and allows better compatibility with older servers. In particular it allows an stm32-mbedtls-based client to connect to an axtls-based client (eg default unix port and esp8266). Signed-off-by: Damien George <damien@micropython.org>
This commit is contained in:
parent
2c9dc5742a
commit
5e506567a3
|
@ -82,6 +82,7 @@
|
||||||
#define MBEDTLS_SSL_CLI_C
|
#define MBEDTLS_SSL_CLI_C
|
||||||
#define MBEDTLS_SSL_SRV_C
|
#define MBEDTLS_SSL_SRV_C
|
||||||
#define MBEDTLS_SSL_TLS_C
|
#define MBEDTLS_SSL_TLS_C
|
||||||
|
#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
|
||||||
#define MBEDTLS_X509_CRT_PARSE_C
|
#define MBEDTLS_X509_CRT_PARSE_C
|
||||||
#define MBEDTLS_X509_USE_C
|
#define MBEDTLS_X509_USE_C
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue