Change mbedtls_ssl_parse_server_name_ext base on comments
Change-Id: I4ae831925cb1899afafb7dc626bfad9be24a5c8c
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index f0f4465..3b5aadb 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -2271,9 +2271,9 @@
const unsigned char *end, size_t *out_len );
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-int mbedtls_ssl_parse_servername_ext( mbedtls_ssl_context *ssl,
- const unsigned char *buf,
- const unsigned char *end );
+int mbedtls_ssl_parse_server_name_ext( mbedtls_ssl_context *ssl,
+ const unsigned char *buf,
+ const unsigned char *end );
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
#endif /* ssl_misc.h */
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 29a33f4..015c38a 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -8211,44 +8211,67 @@
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-int mbedtls_ssl_parse_servername_ext( mbedtls_ssl_context *ssl,
- const unsigned char *buf,
- const unsigned char *end )
+/*
+ * mbedtls_ssl_parse_server_name_ext
+ *
+ * Structure of server_name extension:
+ *
+ * enum {
+ * host_name(0), (255)
+ * } NameType;
+ * opaque HostName<1..2^16-1>;
+ *
+ * struct {
+ * NameType name_type;
+ * select (name_type) {
+ * case host_name: HostName;
+ * } name;
+ * } ServerName;
+ * struct {
+ * ServerName server_name_list<1..2^16-1>
+ * } ServerNameList;
+ */
+int mbedtls_ssl_parse_server_name_ext( mbedtls_ssl_context *ssl,
+ const unsigned char *buf,
+ const unsigned char *end )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const unsigned char *p = buf;
- size_t servername_list_size, hostname_len;
- const unsigned char *servername_end;
+ size_t server_name_list_len, hostname_len;
+ const unsigned char *server_name_list_end;
if( ssl->conf->p_sni == NULL )
{
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "No SNI callback configured. Skip SNI parsing." ) );
+ MBEDTLS_SSL_DEBUG_MSG(
+ 3, ( "No SNI callback configured. Skip SNI parsing." ) );
return( 0 );
}
MBEDTLS_SSL_DEBUG_MSG( 3, ( "Parse ServerName extension" ) );
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, 2 );
- servername_list_size = MBEDTLS_GET_UINT16_BE( p, 0 );
+ server_name_list_len = MBEDTLS_GET_UINT16_BE( p, 0 );
p += 2;
- MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, servername_list_size );
- servername_end = p + servername_list_size;
- while ( p < servername_end )
+ MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, server_name_list_len );
+ server_name_list_end = p + server_name_list_len;
+ while ( p < server_name_list_end )
{
- MBEDTLS_SSL_CHK_BUF_READ_PTR( p, servername_end, 3 );
+ MBEDTLS_SSL_CHK_BUF_READ_PTR( p, server_name_list_end, 3 );
hostname_len = MBEDTLS_GET_UINT16_BE( p, 1 );
- MBEDTLS_SSL_CHK_BUF_READ_PTR( p, servername_end, hostname_len + 3 );
+ MBEDTLS_SSL_CHK_BUF_READ_PTR( p, server_name_list_end,
+ hostname_len + 3 );
if( p[0] == MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME )
{
ret = ssl->conf->f_sni( ssl->conf->p_sni,
- ssl, p + 3, hostname_len );
+ ssl, p + 3, hostname_len );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "sni_wrapper", ret );
- mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME );
+ mbedtls_ssl_send_alert_message(
+ ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME );
return( MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME );
}
return( 0 );
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index e48a8ca..854ec63 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -1409,8 +1409,8 @@
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
case MBEDTLS_TLS_EXT_SERVERNAME:
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ServerName extension" ) );
- ret = mbedtls_ssl_parse_servername_ext( ssl, ext + 4,
- ext + 4 + ext_size );
+ ret = mbedtls_ssl_parse_server_name_ext( ssl, ext + 4,
+ ext + 4 + ext_size );
if( ret != 0 )
return( ret );
break;
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 9d2c8ec..7508685 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -583,8 +583,8 @@
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
case MBEDTLS_TLS_EXT_SERVERNAME:
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ServerName extension" ) );
- ret = mbedtls_ssl_parse_servername_ext( ssl, p,
- extension_data_end );
+ ret = mbedtls_ssl_parse_server_name_ext( ssl, p,
+ extension_data_end );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET(