diff --git a/src/WebSocketsClient.cpp b/src/WebSocketsClient.cpp index 50ed631..e3519c8 100644 --- a/src/WebSocketsClient.cpp +++ b/src/WebSocketsClient.cpp @@ -229,8 +229,11 @@ void WebSocketsClient::loop(void) { #else #error setCACert not implemented #endif -#if defined(SSL_BARESSL) - } else if(_fingerprint) { +#if defined(ESP32) + } else if(!SSL_FINGERPRINT_IS_SET) { + _client.ssl->setInsecure(); +#elif defined(SSL_BARESSL) + } else if(SSL_FINGERPRINT_IS_SET) { _client.ssl->setFingerprint(_fingerprint); } else { _client.ssl->setInsecure(); @@ -865,14 +868,14 @@ void WebSocketsClient::connectedCb() { #if defined(HAS_SSL) #if defined(SSL_AXTLS) || defined(ESP32) - if(_client.isSSL && _fingerprint.length()) { + if(_client.isSSL && SSL_FINGERPRINT_IS_SET) { if(!_client.ssl->verify(_fingerprint.c_str(), _host.c_str())) { DEBUG_WEBSOCKETS("[WS-Client] certificate mismatch\n"); WebSockets::clientDisconnect(&_client, 1000); return; } #else - if(_client.isSSL && _fingerprint) { + if(_client.isSSL && SSL_FINGERPRINT_IS_SET) { #endif } else if(_client.isSSL && !_CA_cert) { #if defined(SSL_BARESSL) diff --git a/src/WebSocketsClient.h b/src/WebSocketsClient.h index 15863a7..efa7631 100644 --- a/src/WebSocketsClient.h +++ b/src/WebSocketsClient.h @@ -112,12 +112,14 @@ class WebSocketsClient : protected WebSockets { #ifdef SSL_AXTLS String _fingerprint; const char * _CA_cert; +#define SSL_FINGERPRINT_IS_SET (_fingerprint.length()) #define SSL_FINGERPRINT_NULL "" #else const uint8_t * _fingerprint; BearSSL::X509List * _CA_cert; BearSSL::X509List * _client_cert; BearSSL::PrivateKey * _client_key; +#define SSL_FINGERPRINT_IS_SET (_fingerprint != NULL) #define SSL_FINGERPRINT_NULL NULL #endif