arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-04-21 10:26:06 +03:00
Code

Changed the code to reserve bytes for hostname only if needed.

Browse Source
This commit is contained in:
Slavey Karadzhov 2016-02-22 10:02:40 +01:00
parent 63da8991c2
commit 1154d0a985
4 changed files with 35 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ssl/ssl.h
View File

@ -360,7 +360,7 @@ EXP_FUNC int STDCALL ssl_get_config(int offset);
* - 1 on success * - 1 on success
* - 0 on failure * - 0 on failure
*/ */
EXP_FUNC int STDCALL ssl_set_hostname(const SSL *ssl, const char* host_name); EXP_FUNC int STDCALL ssl_set_hostname(SSL *ssl, const char* host_name);
/** /**
* @brief Display why the handshake failed. * @brief Display why the handshake failed.

24
ssl/tls1.c
View File

@ -568,6 +568,8 @@ SSL *ssl_new(SSL_CTX *ssl_ctx, int client_fd)
ssl->encrypt_ctx = malloc(sizeof(AES_CTX)); ssl->encrypt_ctx = malloc(sizeof(AES_CTX));
ssl->decrypt_ctx = malloc(sizeof(AES_CTX)); ssl->decrypt_ctx = malloc(sizeof(AES_CTX));
ssl->host_name = NULL;
SSL_CTX_UNLOCK(ssl_ctx->mutex); SSL_CTX_UNLOCK(ssl_ctx->mutex);
return ssl; return ssl;
} }
@ -1852,14 +1854,24 @@ EXP_FUNC int STDCALL ssl_get_config(int offset)
/** /**
* Sets the SNI hostname * Sets the SNI hostname
*/ */
EXP_FUNC int STDCALL ssl_set_hostname(const SSL *ssl, const char* host_name) { EXP_FUNC int STDCALL ssl_set_hostname(SSL *ssl, const char* host_name) {
if(host_name == NULL || strlen(host_name) == 0 || strlen(host_name) > 255 ) { if(host_name == NULL || strlen(host_name) == 0 || strlen(host_name) > 255 ) {
return 0; return 0;
} }
strncpy((char*)&ssl->host_name, host_name, strlen(host_name)); if(ssl->host_name != NULL) {
free(ssl->host_name);
}
return 1; ssl->host_name = (char *)malloc(strlen(host_name)+1);
if(ssl->host_name == NULL) {
// most probably there was no memory available
return 0;
}
strcpy(ssl->host_name, host_name);
return 1;
} }
#ifdef CONFIG_SSL_CERT_VERIFICATION #ifdef CONFIG_SSL_CERT_VERIFICATION

2
ssl/tls1.h
View File

@ -198,7 +198,7 @@ struct _SSL
uint8_t read_sequence[8]; /* 64 bit sequence number */ uint8_t read_sequence[8]; /* 64 bit sequence number */
uint8_t write_sequence[8]; /* 64 bit sequence number */ uint8_t write_sequence[8]; /* 64 bit sequence number */
uint8_t hmac_header[SSL_RECORD_SIZE]; /* rx hmac */ uint8_t hmac_header[SSL_RECORD_SIZE]; /* rx hmac */
const char host_name[255]; /* Needed for the SNI support */ char *host_name; /* Needed for the SNI support */
}; };
typedef struct _SSL SSL; typedef struct _SSL SSL;

30
ssl/tls1_clnt.c
View File

@ -221,23 +221,23 @@ static int send_client_hello(SSL *ssl)
buf[offset++] = 1; /* no compression */ buf[offset++] = 1; /* no compression */
buf[offset++] = 0; buf[offset++] = 0;
if (ssl->host_name[0] != 0) { if (ssl->host_name != NULL) {
unsigned int host_len = strnlen((char*) ssl->host_name, 255); unsigned int host_len = strlen(ssl->host_name);
buf[offset++] = 0; buf[offset++] = 0;
buf[offset++] = host_len+9; /* extensions length */ buf[offset++] = host_len+9; /* extensions length */
buf[offset++] = 0; buf[offset++] = 0;
buf[offset++] = 0; /* server_name(0) (65535) */ buf[offset++] = 0; /* server_name(0) (65535) */
buf[offset++] = 0; buf[offset++] = 0;
buf[offset++] = host_len+5; /* server_name length */ buf[offset++] = host_len+5; /* server_name length */
buf[offset++] = 0; buf[offset++] = 0;
buf[offset++] = host_len+3; /* server_list length */ buf[offset++] = host_len+3; /* server_list length */
buf[offset++] = 0; /* host_name(0) (255) */ buf[offset++] = 0; /* host_name(0) (255) */
buf[offset++] = 0; buf[offset++] = 0;
buf[offset++] = host_len; /* host_name length */ buf[offset++] = host_len; /* host_name length */
strncpy((char*) &buf[offset], ssl->host_name, host_len); strncpy((char*) &buf[offset], ssl->host_name, host_len);
offset += host_len; offset += host_len;
} }
buf[3] = offset - 4; /* handshake size */ buf[3] = offset - 4; /* handshake size */