Change how hostname is stored internally

parent 2b494458
......@@ -1069,8 +1069,7 @@ struct mbedtls_ssl_context
/*
* SNI extension
*/
unsigned char *hostname;
size_t hostname_len;
char *hostname;
#endif
#if defined(MBEDTLS_SSL_ALPN)
......
......@@ -65,6 +65,7 @@ static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
size_t *olen )
{
unsigned char *p = buf;
size_t hostname_len;
*olen = 0;
......@@ -74,6 +75,8 @@ static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding server name extension: %s",
ssl->hostname ) );
hostname_len = strlen( ssl->hostname );
/*
* struct {
* NameType name_type;
......@@ -95,19 +98,19 @@ static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF );
*p++ = (unsigned char)( ( (ssl->hostname_len + 5) >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( (ssl->hostname_len + 5) ) & 0xFF );
*p++ = (unsigned char)( ( (hostname_len + 5) >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( (hostname_len + 5) ) & 0xFF );
*p++ = (unsigned char)( ( (ssl->hostname_len + 3) >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( (ssl->hostname_len + 3) ) & 0xFF );
*p++ = (unsigned char)( ( (hostname_len + 3) >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( (hostname_len + 3) ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF );
*p++ = (unsigned char)( ( ssl->hostname_len >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( ssl->hostname_len ) & 0xFF );
*p++ = (unsigned char)( ( hostname_len >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( hostname_len ) & 0xFF );
memcpy( p, ssl->hostname, ssl->hostname_len );
memcpy( p, ssl->hostname, hostname_len );
*olen = ssl->hostname_len + 9;
*olen = hostname_len + 9;
}
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
......
......@@ -5453,23 +5453,24 @@ void mbedtls_ssl_set_curves( mbedtls_ssl_config *conf,
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname )
{
size_t hostname_len;
if( hostname == NULL )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
ssl->hostname_len = strlen( hostname );
hostname_len = strlen( hostname );
if( ssl->hostname_len + 1 == 0 )
if( hostname_len + 1 == 0 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
ssl->hostname = mbedtls_malloc( ssl->hostname_len + 1 );
ssl->hostname = mbedtls_malloc( hostname_len + 1 );
if( ssl->hostname == NULL )
return( MBEDTLS_ERR_SSL_MALLOC_FAILED );
memcpy( ssl->hostname, (const unsigned char *) hostname,
ssl->hostname_len );
memcpy( ssl->hostname, hostname, hostname_len );
ssl->hostname[ssl->hostname_len] = '\0';
ssl->hostname[hostname_len] = '\0';
return( 0 );
}
......@@ -6562,9 +6563,8 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl )
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
if( ssl->hostname != NULL )
{
mbedtls_zeroize( ssl->hostname, ssl->hostname_len );
mbedtls_zeroize( ssl->hostname, strlen( ssl->hostname ) );
mbedtls_free( ssl->hostname );
ssl->hostname_len = 0;
}
#endif
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment