commit 129aeb9b0e985e77f628714fb1291cafbd1e7ccb
author XiaokangQian <xiaokang.qian@arm.com> Thu Jun 02 09:29:18 2022 +0000
committer XiaokangQian <xiaokang.qian@arm.com> Thu Jun 02 09:29:18 2022 +0000
tree cbcdd7d8b8413c531bea7ee21045c158258de6ab
parent f4f0f6961aa7650f73f6a63adeb0d6c9d2a3094b

Update test cases and support sni ca override

Change-Id: I6052acde0b0ec1c25537f8dd81a35562da05a393
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>

library/ssl_tls13_server.c

diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 7508685..e130fa5 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -688,6 +688,19 @@
         p += extension_data_len;
     }
 
+    /*
+     * Server certification selection (after processing TLS extensions)
+     */
+    if( ssl->conf->f_cert_cb && ( ret = ssl->conf->f_cert_cb( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "f_cert_cb", ret );
+        return( ret );
+    }
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    ssl->handshake->sni_name = NULL;
+    ssl->handshake->sni_name_len = 0;
+#endif
+
     /* Update checksum with either
      * - The entire content of the CH message, if no PSK extension is present
      * - The content up to but excluding the PSK extension, if present.