Changed the code to reserve bytes for hostname only if needed.

ssl/ssl.h

@@ -360,7 +360,7 @@ EXP_FUNC int STDCALL ssl_get_config(int offset);
  * - 1 on success
  * - 0 on failure
  */
-EXP_FUNC int STDCALL ssl_set_hostname(const SSL *ssl, const char* host_name);
+EXP_FUNC int STDCALL ssl_set_hostname(SSL *ssl, const char* host_name);
 
 /**
  * @brief Display why the handshake failed.

ssl/tls1.c

@@ -568,6 +568,8 @@ SSL *ssl_new(SSL_CTX *ssl_ctx, int client_fd)
     ssl->encrypt_ctx = malloc(sizeof(AES_CTX));
     ssl->decrypt_ctx = malloc(sizeof(AES_CTX));
 
+    ssl->host_name = NULL;
+
     SSL_CTX_UNLOCK(ssl_ctx->mutex);
     return ssl;
 }
@@ -1852,14 +1854,24 @@ EXP_FUNC int STDCALL ssl_get_config(int offset)
 /**
  * Sets the SNI hostname
  */
-EXP_FUNC int STDCALL ssl_set_hostname(const SSL *ssl, const char* host_name) {
-	if(host_name == NULL || strlen(host_name) == 0 || strlen(host_name) > 255 ) {
-		return 0;
-	}
+EXP_FUNC int STDCALL ssl_set_hostname(SSL *ssl, const char* host_name) {
+    if(host_name == NULL || strlen(host_name) == 0 || strlen(host_name) > 255 ) {
+        return 0;
+    }
 
-	strncpy((char*)&ssl->host_name, host_name, strlen(host_name));
+    if(ssl->host_name != NULL) {
+        free(ssl->host_name);
+    }
 
-	return 1;
+    ssl->host_name = (char *)malloc(strlen(host_name)+1);
+    if(ssl->host_name == NULL) {
+        // most probably there was no memory available
+        return 0;
+    }
+
+    strcpy(ssl->host_name, host_name);
+
+    return 1;
 }
 
 #ifdef CONFIG_SSL_CERT_VERIFICATION

ssl/tls1.h

@@ -198,7 +198,7 @@ struct _SSL
     uint8_t read_sequence[8];       /* 64 bit sequence number */
     uint8_t write_sequence[8];      /* 64 bit sequence number */
     uint8_t hmac_header[SSL_RECORD_SIZE];    /* rx hmac */
-    const char host_name[255]; /* Needed for the SNI support */
+    char *host_name; /* Needed for the SNI support */
 };
 
 typedef struct _SSL SSL;

ssl/tls1_clnt.c

@@ -221,23 +221,23 @@ static int send_client_hello(SSL *ssl)
     buf[offset++] = 1;              /* no compression */
     buf[offset++] = 0;
 
-    if (ssl->host_name[0] != 0) {
-         unsigned int host_len = strnlen((char*) ssl->host_name, 255);
+    if (ssl->host_name != NULL) {
+        unsigned int host_len = strlen(ssl->host_name);
 
-         buf[offset++] = 0;
-         buf[offset++] = host_len+9;     /* extensions length */
+        buf[offset++] = 0;
+        buf[offset++] = host_len+9;     /* extensions length */
 
-         buf[offset++] = 0;
-         buf[offset++] = 0;              /* server_name(0) (65535) */
-         buf[offset++] = 0;
-         buf[offset++] = host_len+5;     /* server_name length */
-         buf[offset++] = 0;
-         buf[offset++] = host_len+3;     /* server_list length */
-         buf[offset++] = 0;              /* host_name(0) (255) */
-         buf[offset++] = 0;
-         buf[offset++] = host_len;       /* host_name length */
-         strncpy((char*) &buf[offset], ssl->host_name, host_len);
-         offset += host_len;
+        buf[offset++] = 0;
+        buf[offset++] = 0;              /* server_name(0) (65535) */
+        buf[offset++] = 0;
+        buf[offset++] = host_len+5;     /* server_name length */
+        buf[offset++] = 0;
+        buf[offset++] = host_len+3;     /* server_list length */
+        buf[offset++] = 0;              /* host_name(0) (255) */
+        buf[offset++] = 0;
+        buf[offset++] = host_len;       /* host_name length */
+        strncpy((char*) &buf[offset], ssl->host_name, host_len);
+        offset += host_len;
     }
 
     buf[3] = offset - 4;            /* handshake size */