Commit 4635cd23 authored by David Brown's avatar David Brown Committed by David Leach
Browse files

updatehub: Require peer verification with DTLS 



DTLS without peer verification offers no security whatsoever (and is
arguably worse than not using DTLS in the first place).

Change the verification option to require this peer verification.  To
use this, it may be necessary to install and use a root certificate.

Signed-off-by: default avatarDavid Brown <david.brown@linaro.org>
parent 839bee1e

lib/updatehub/updatehub.c

+1 −1
Original line number Diff line number Diff line
@@ -162,7 +162,7 @@ static bool start_coap_client(void) 
	}



#if defined(CONFIG_UPDATEHUB_DTLS)

	int verify = 0;

	int verify = 1;

	sec_tag_t sec_list[] = { CA_CERTIFICATE_TAG };

	int protocol = IPPROTO_DTLS_1_2;

	char port[] = "5684";

CRA Git | Maintained and supported by SUSTech CRA and CCSE