From 800f1c0bc5bd4632bd0f246c756283cc47d31a34 Mon Sep 17 00:00:00 2001 From: x12xx12x <44411062+12xx12@users.noreply.github.com> Date: Sun, 26 Mar 2023 14:48:06 +0200 Subject: Auth SSL Fixes - Fixed Login Breaking bug - Auth and MojangAPI now use UrlClient - fixed bug in UrlClient where one letter was missing in the HTTP Header - added function to verify Urls from config files and error handling on bad Urls in config for Auth --- src/mbedTLS++/SslConfig.cpp | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'src/mbedTLS++/SslConfig.cpp') diff --git a/src/mbedTLS++/SslConfig.cpp b/src/mbedTLS++/SslConfig.cpp index 8ea850c9f..054d63980 100644 --- a/src/mbedTLS++/SslConfig.cpp +++ b/src/mbedTLS++/SslConfig.cpp @@ -1,11 +1,11 @@ #include "Globals.h" -#include "SslConfig.h" -#include "EntropyContext.h" -#include "CtrDrbgContext.h" -#include "CryptoKey.h" -#include "X509Cert.h" +#include "mbedTLS++/SslConfig.h" + +#include "mbedTLS++/CryptoKey.h" +#include "mbedTLS++/EntropyContext.h" +#include "mbedTLS++/RootCA.h" // This allows us to debug SSL and certificate problems, but produce way too much output, @@ -225,7 +225,6 @@ void cSslConfig::SetCACerts(cX509CertPtr a_CACert) std::shared_ptr cSslConfig::MakeDefaultConfig(bool a_IsClient) { - // TODO: Default CA chain and SetAuthMode(eSslAuthMode::Required) auto Ret = std::make_shared(); Ret->InitDefaults(a_IsClient); @@ -236,7 +235,8 @@ std::shared_ptr cSslConfig::MakeDefaultConfig(bool a_IsClient) Ret->SetRng(std::move(CtrDrbg)); } - Ret->SetAuthMode(eSslAuthMode::None); // We cannot verify because we don't have a CA chain + Ret->SetAuthMode(eSslAuthMode::Required); + Ret->SetCACerts(GetCACerts()); #ifndef NDEBUG #ifdef ENABLE_SSL_DEBUG_MSG -- cgit v1.2.3