lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Adapt support for SNI to recent changes

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard
2013-09-23 20:04:20 +02:00
parent d09453c88c
commit 705fcca409
3 changed files with 50 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
include/polarssl/ssl.h
View File

@ -494,6 +494,7 @@ struct _ssl_handshake_params
#endif #endif
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_X509_CRT_PARSE_C)
ssl_key_cert *key_cert; /*!< Own key/cert in use */ ssl_key_cert *key_cert; /*!< Own key/cert in use */
int free_key_cert; /*!< Shall we free key_cert? */
#endif #endif
/* /*

22
library/ssl_srv.c
View File

@ -338,6 +338,26 @@ static int ssl_parse_ticket( ssl_context *ssl,
#endif /* POLARSSL_SSL_SESSION_TICKETS */ #endif /* POLARSSL_SSL_SESSION_TICKETS */
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
/*
* Wrapper around f_sni, allowing use of
* ssl_set_own_cert() but making it act on ssl->hanshake->key_cert instead.
*/
static int ssl_sni_wrapper( ssl_context *ssl,
const unsigned char* name, size_t len )
{
int ret;
ssl_key_cert *key_cert_ori = ssl->key_cert;
ssl->key_cert = NULL;
ret = ssl->f_sni( ssl->p_sni, ssl, name, len );
ssl->handshake->key_cert = ssl->key_cert;
ssl->handshake->free_key_cert = 1;
ssl->key_cert = key_cert_ori;
return( ret );
}
static int ssl_parse_servername_ext( ssl_context *ssl, static int ssl_parse_servername_ext( ssl_context *ssl,
const unsigned char *buf, const unsigned char *buf,
size_t len ) size_t len )
@ -365,7 +385,7 @@ static int ssl_parse_servername_ext( ssl_context *ssl,
if( p[0] == TLS_EXT_SERVERNAME_HOSTNAME ) if( p[0] == TLS_EXT_SERVERNAME_HOSTNAME )
{ {
ret = ssl->f_sni( ssl->p_sni, ssl, p + 3, hostname_len ); ret = ssl_sni_wrapper( ssl, p + 3, hostname_len );
if( ret != 0 ) if( ret != 0 )
{ {
ssl_send_alert_message( ssl, SSL_ALERT_LEVEL_FATAL, ssl_send_alert_message( ssl, SSL_ALERT_LEVEL_FATAL,

47
library/ssl_tls.c
View File

@ -4136,6 +4136,27 @@ void ssl_transform_free( ssl_transform *transform )
memset( transform, 0, sizeof( ssl_transform ) ); memset( transform, 0, sizeof( ssl_transform ) );
} }
#if defined(POLARSSL_X509_CRT_PARSE_C)
static void ssl_key_cert_free( ssl_key_cert *key_cert )
{
ssl_key_cert *cur = key_cert, *next;
while( cur != NULL )
{
next = cur->next;
if( cur->key_own_alloc )
{
pk_free( cur->key );
polarssl_free( cur->key );
}
polarssl_free( cur );
cur = next;
}
}
#endif /* POLARSSL_X509_CRT_PARSE_C */
void ssl_handshake_free( ssl_handshake_params *handshake ) void ssl_handshake_free( ssl_handshake_params *handshake )
{ {
#if defined(POLARSSL_DHM_C) #if defined(POLARSSL_DHM_C)
@ -4149,6 +4170,11 @@ void ssl_handshake_free( ssl_handshake_params *handshake )
polarssl_free( handshake->curves ); polarssl_free( handshake->curves );
#endif #endif
#if defined(POLARSSL_X509_CRT_PARSE_C)
if( handshake->free_key_cert != 0 )
ssl_key_cert_free( handshake->key_cert );
#endif
memset( handshake, 0, sizeof( ssl_handshake_params ) ); memset( handshake, 0, sizeof( ssl_handshake_params ) );
} }
@ -4242,25 +4268,8 @@ void ssl_free( ssl_context *ssl )
#endif #endif
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_X509_CRT_PARSE_C)
if( ssl->key_cert != NULL ) ssl_key_cert_free( ssl->key_cert );
{ #endif
ssl_key_cert *cur = ssl->key_cert, *next;
while( cur != NULL )
{
next = cur->next;
if( cur->key_own_alloc )
{
pk_free( cur->key );
polarssl_free( cur->key );
}
polarssl_free( cur );
cur = next;
}
}
#endif /* POLARSSL_X509_CRT_PARSE_C */
#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) #if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
if( ssl_hw_record_finish != NULL ) if( ssl_hw_record_finish != NULL )