esp-tls: enable TLS renegotiation using explicit API call
mbedTLS stack does not keep TLS renegotiation enabled even if relevant config option is turned on, it needs explicit API call `mbedtls_ssl_conf_renegotiation` to do so. This issue was observed in case of Azure IoT, where keys needs to be refreshed periodically to keep TLS connection intact.
This commit is contained in:
parent
1f8c5b2b64
commit
40a29866f6
1 changed files with 3 additions and 0 deletions
|
@ -410,6 +410,9 @@ esp_err_t set_client_config(const char *hostname, size_t hostlen, esp_tls_cfg_t
|
|||
return ESP_ERR_MBEDTLS_SSL_CONFIG_DEFAULTS_FAILED;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_MBEDTLS_SSL_RENEGOTIATION
|
||||
mbedtls_ssl_conf_renegotiation(&tls->conf, MBEDTLS_SSL_RENEGOTIATION_ENABLED);
|
||||
#endif
|
||||
|
||||
if (cfg->alpn_protos) {
|
||||
#ifdef CONFIG_MBEDTLS_SSL_ALPN
|
||||
|
|
Loading…
Reference in a new issue