updatehub: Require peer verification with DTLS DTLS without peer verification offers no security whatsoever (and is arguably worse than not using DTLS in the first place). Change the verification option to require this peer verification. To use this, it may be necessary to install and use a root certificate. Signed-off-by: David Brown <david.brown@linaro.org>

commit: 4635cd23bb8675bf3370340400e11adfcb6cdf76 [log] [tgz]
author: David Brown <david.brown@linaro.org> Mon May 04 16:34:26 2020 -0600
committer: David Leach <david.leach@nxp.com> Wed Jun 17 17:12:16 2020 -0500
tree: 4506f53d7908f846ee7f784b088ac246699930c4
parent: 839bee1eb07b7c57745346a9db5adbac6a672452 [diff]
diff --git a/lib/updatehub/updatehub.c b/lib/updatehub/updatehub.c
index 1dea733..06d4b71 100644
--- a/lib/updatehub/updatehub.c
+++ b/lib/updatehub/updatehub.c

@@ -162,7 +162,7 @@
 	}
 
 #if defined(CONFIG_UPDATEHUB_DTLS)
-	int verify = 0;
+	int verify = 1;
 	sec_tag_t sec_list[] = { CA_CERTIFICATE_TAG };
 	int protocol = IPPROTO_DTLS_1_2;
 	char port[] = "5684";
commit	4635cd23bb8675bf3370340400e11adfcb6cdf76	[log] [tgz]
author	David Brown <david.brown@linaro.org>	Mon May 04 16:34:26 2020 -0600
committer	David Leach <david.leach@nxp.com>	Wed Jun 17 17:12:16 2020 -0500
tree	4506f53d7908f846ee7f784b088ac246699930c4
parent	839bee1eb07b7c57745346a9db5adbac6a672452 [diff]