Merge pull request #5134 from xffbai/add-hostname-ext

TLS1.3 Add hostname extension
2021-11-09 12:28:14 +01:00 · 2021-11-09 12:28:14 +01:00 · 91fe315c69
commit 91fe315c69
parent 260f5d9413 f36e1677b1
3 changed files with 22 additions and 7 deletions
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@ -89,10 +89,10 @@ static int ssl_conf_has_static_raw_psk( mbedtls_ssl_config const *conf )
 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */

 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
-                                   unsigned char *buf,
-                                   const unsigned char *end,
-                                   size_t *olen )
+int mbedtls_ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
+                                    unsigned char *buf,
+                                    const unsigned char *end,
+                                    size_t *olen )
 {
    unsigned char *p = buf;
    size_t hostname_len;
@ -1168,10 +1168,10 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
    MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );

 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-    if( ( ret = ssl_write_hostname_ext( ssl, p + 2 + ext_len,
-                                        end, &olen ) ) != 0 )
+    if( ( ret = mbedtls_ssl_write_hostname_ext( ssl, p + 2 + ext_len,
+                                                end, &olen ) ) != 0 )
    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_hostname_ext", ret );
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_hostname_ext", ret );
        return( ret );
    }
    ext_len += olen;
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@ -1037,6 +1037,13 @@ void mbedtls_ssl_set_inbound_transform( mbedtls_ssl_context *ssl,
 void mbedtls_ssl_set_outbound_transform( mbedtls_ssl_context *ssl,
                                         mbedtls_ssl_transform *transform );

+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+int mbedtls_ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
+                                    unsigned char *buf,
+                                    const unsigned char *end,
+                                    size_t *olen );
+#endif
+
 int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl );
 int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl );
 void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl );
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@ -798,6 +798,14 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,

 #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */

+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    /* Write server name extension */
+    ret = mbedtls_ssl_write_hostname_ext( ssl, p, end, &output_len );
+    if( ret != 0 )
+        return( ret );
+    p += output_len;
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
    /* Add more extensions here */

    /* Write the length of the list of extensions. */