From 05efeec4a4cceeb15b33129fffbcdf7fd0e95054 Mon Sep 17 00:00:00 2001
From: 0xFEEDC0DE64 <daniel@brunner.ninja>
Date: Fri, 4 Aug 2023 16:26:22 +0200
Subject: [PATCH] Add support for global root CA chain

---
 src/espasyncota.cpp | 12 ++++++++++--
 src/espasyncota.h   |  4 +++-
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/src/espasyncota.cpp b/src/espasyncota.cpp
index eb6d12f..dc6481a 100644
--- a/src/espasyncota.cpp
+++ b/src/espasyncota.cpp
@@ -13,6 +13,7 @@
 #include <freertos/task.h>
 #include <esp_task_wdt.h>
 #endif
+#include <esp_crt_bundle.h>
 
 // 3rdparty lib includes
 #include <fmt/core.h>
@@ -158,8 +159,8 @@ OtaCloudUpdateStatus EspAsyncOta::status() const
     return OtaCloudUpdateStatus::Idle;
 }
 
-std::expected<void, std::string> EspAsyncOta::trigger(std::string_view url, std::string_view cert_pem,
-                                                    std::string_view client_key, std::string_view client_cert)
+std::expected<void, std::string> EspAsyncOta::trigger(std::string_view url, std::string_view cert_pem, bool use_global_ca,
+                                                      std::string_view client_key, std::string_view client_cert)
 {
     if (!m_taskHandle)
     {
@@ -184,6 +185,7 @@ std::expected<void, std::string> EspAsyncOta::trigger(std::string_view url, std:
 
     m_url = std::string{url};
     m_cert_pem = cert_pem;
+    m_use_global_ca = use_global_ca;
     m_client_key = client_key;
     m_client_cert = client_cert;
 
@@ -323,6 +325,12 @@ void EspAsyncOta::otaTask()
         }
         config.skip_cert_common_name_check = false;
 
+        if (m_use_global_ca)
+        {
+            //config.use_global_ca_store = true;
+            config.crt_bundle_attach = esp_crt_bundle_attach;
+        }
+
         if (!m_client_key.empty())
         {
             config.client_key_pem = m_client_key.data();
diff --git a/src/espasyncota.h b/src/espasyncota.h
index 3f6bd47..43fff52 100644
--- a/src/espasyncota.h
+++ b/src/espasyncota.h
@@ -38,7 +38,8 @@ public:
     const std::string &message() const { return m_message; }
     const std::optional<esp_app_desc_t> &appDesc() const { return m_appDesc; }
     OtaCloudUpdateStatus status() const;
-    std::expected<void, std::string> trigger(std::string_view url, std::string_view cert_pem, std::string_view client_key, std::string_view client_cert);
+    std::expected<void, std::string> trigger(std::string_view url, std::string_view cert_pem, bool use_global_ca,
+                                             std::string_view client_key, std::string_view client_cert);
     std::expected<void, std::string> abort();
 
     void update();
@@ -64,6 +65,7 @@ private:
 
     std::string m_url;
     std::string_view m_cert_pem;
+    bool m_use_global_ca;
     std::string_view m_client_key;
     std::string_view m_client_cert;
 };