From ead1587caf3d880f3f7d561578ef9e1d7e1e2192 Mon Sep 17 00:00:00 2001
From: Aditya Patwardhan <aditya.patwardhan@espressif.com>
Date: Mon, 19 Apr 2021 19:26:10 +0530
Subject: [PATCH] esp_https_ota: Warn users when CONFIG_OTA_ALLOW_HTTP is set

---
 components/esp_https_ota/src/esp_https_ota.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/components/esp_https_ota/src/esp_https_ota.c b/components/esp_https_ota/src/esp_https_ota.c
index 82f44508e7..07b73a8b25 100644
--- a/components/esp_https_ota/src/esp_https_ota.c
+++ b/components/esp_https_ota/src/esp_https_ota.c
@@ -160,13 +160,11 @@ static esp_err_t _ota_write(esp_https_ota_t *https_ota_handle, const void *buffe
     return err;
 }
 
-#if !CONFIG_OTA_ALLOW_HTTP
 static bool is_server_verification_enabled(esp_https_ota_config_t *ota_config) {
     return  (ota_config->http_config->cert_pem
             || ota_config->http_config->use_global_ca_store
             || ota_config->http_config->crt_bundle_attach != NULL);
 }
-#endif
 
 esp_err_t esp_https_ota_begin(esp_https_ota_config_t *ota_config, esp_https_ota_handle_t *handle)
 {
@@ -180,13 +178,15 @@ esp_err_t esp_https_ota_begin(esp_https_ota_config_t *ota_config, esp_https_ota_
         return ESP_ERR_INVALID_ARG;
     }
 
-#if !CONFIG_OTA_ALLOW_HTTP
     if (!is_server_verification_enabled(ota_config)) {
+#if CONFIG_OTA_ALLOW_HTTP
+        ESP_LOGW(TAG, "Continuing with insecure option because CONFIG_OTA_ALLOW_HTTP is set.");
+#else
         ESP_LOGE(TAG, "No option for server verification is enabled in esp_http_client config.");
         *handle = NULL;
         return ESP_ERR_INVALID_ARG;
-    }
 #endif
+    }
 
     esp_https_ota_t *https_ota_handle = calloc(1, sizeof(esp_https_ota_t));
     if (!https_ota_handle) {