From 83a4e4656f3cdda693945bafaac5996c0848e1ff Mon Sep 17 00:00:00 2001
From: Jitin George <jitin@espressif.com>
Date: Wed, 12 Jun 2019 14:15:06 +0530
Subject: [PATCH] example/simple_ota_example: Add support for skipping OTA
 server certificate CN field

---
 .../ota/simple_ota_example/main/Kconfig.projbuild     | 11 +++++++++--
 .../ota/simple_ota_example/main/simple_ota_example.c  |  4 ++++
 examples/system/ota/simple_ota_example/sdkconfig.ci   |  1 +
 3 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/examples/system/ota/simple_ota_example/main/Kconfig.projbuild b/examples/system/ota/simple_ota_example/main/Kconfig.projbuild
index 08f7f3d738..be4b8379db 100644
--- a/examples/system/ota/simple_ota_example/main/Kconfig.projbuild
+++ b/examples/system/ota/simple_ota_example/main/Kconfig.projbuild
@@ -1,13 +1,20 @@
 menu "Example Configuration"
 
-    config FIRMWARE_UPGRADE_URL
+    config EXAMPLE_FIRMWARE_UPGRADE_URL
         string "firmware upgrade url endpoint"
         default "https://192.168.0.3:8070/hello-world.bin"
         help
             URL of server which hosts the firmware
             image.
 
-    config FIRMWARE_UPGRADE_URL_FROM_STDIN
+    config EXAMPLE_FIRMWARE_UPGRADE_URL_FROM_STDIN
         bool
         default y if FIRMWARE_UPGRADE_URL = "FROM_STDIN"
+
+    config EXAMPLE_SKIP_COMMON_NAME_CHECK
+        bool "Skip server certificate CN fieldcheck"
+        default n
+        help
+            This allows you to skip the validation of OTA server certificate CN field.
+
 endmenu
diff --git a/examples/system/ota/simple_ota_example/main/simple_ota_example.c b/examples/system/ota/simple_ota_example/main/simple_ota_example.c
index 965403a9d3..e3d521670e 100644
--- a/examples/system/ota/simple_ota_example/main/simple_ota_example.c
+++ b/examples/system/ota/simple_ota_example/main/simple_ota_example.c
@@ -80,6 +80,10 @@ void simple_ota_example_task(void *pvParameter)
     }
 #endif
 
+#ifdef CONFIG_SKIP_COMMON_NAME_CHECK
+    config.skip_cert_common_name_check = true;
+#endif
+
     esp_err_t ret = esp_https_ota(&config);
     if (ret == ESP_OK) {
         esp_restart();
diff --git a/examples/system/ota/simple_ota_example/sdkconfig.ci b/examples/system/ota/simple_ota_example/sdkconfig.ci
index 813b3adac3..6d493cbf12 100644
--- a/examples/system/ota/simple_ota_example/sdkconfig.ci
+++ b/examples/system/ota/simple_ota_example/sdkconfig.ci
@@ -1 +1,2 @@
 CONFIG_FIRMWARE_UPGRADE_URL="FROM_STDIN"
+CONFIG_SKIP_COMMON_NAME_CHECK=y