commit 91fe315c69506c6ac9a1321058dfd9ed19859200
author Ronald Cron <ronald.cron@arm.com> Tue Nov 09 12:28:14 2021 +0100
committer GitHub <noreply@github.com> Tue Nov 09 12:28:14 2021 +0100
tree 217bc125f9b02dc227ddd6c0791e43c23bba08ed
parent 260f5d9413a7c8fe7e5e62a64b2fa65212dfeeeb
parent f36e1677b12622da38864af4fc44936db33a7aba

Merge pull request #5134 from xffbai/add-hostname-ext

TLS1.3 Add hostname extension

library/ssl_cli.c

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 9fc8041..8c5c024 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -89,10 +89,10 @@
 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
 
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
-                                   unsigned char *buf,
-                                   const unsigned char *end,
-                                   size_t *olen )
+int mbedtls_ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
+                                    unsigned char *buf,
+                                    const unsigned char *end,
+                                    size_t *olen )
 {
     unsigned char *p = buf;
     size_t hostname_len;
@@ -1168,10 +1168,10 @@
     MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
 
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-    if( ( ret = ssl_write_hostname_ext( ssl, p + 2 + ext_len,
-                                        end, &olen ) ) != 0 )
+    if( ( ret = mbedtls_ssl_write_hostname_ext( ssl, p + 2 + ext_len,
+                                                end, &olen ) ) != 0 )
     {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_hostname_ext", ret );
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_hostname_ext", ret );
         return( ret );
     }
     ext_len += olen;

library/ssl_misc.h

diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 7ca460c..23d5970 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -1037,6 +1037,13 @@
 void mbedtls_ssl_set_outbound_transform( mbedtls_ssl_context *ssl,
                                          mbedtls_ssl_transform *transform );
 
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+int mbedtls_ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
+                                    unsigned char *buf,
+                                    const unsigned char *end,
+                                    size_t *olen );
+#endif
+
 int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl );
 int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl );
 void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl );

library/ssl_tls13_client.c

diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 869465c..e36e28d 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -798,6 +798,14 @@
 
 #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    /* Write server name extension */
+    ret = mbedtls_ssl_write_hostname_ext( ssl, p, end, &output_len );
+    if( ret != 0 )
+        return( ret );
+    p += output_len;
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
     /* Add more extensions here */
 
     /* Write the length of the list of extensions. */