commit 281fd1bdd8aacc3c68ea42e305a5ed2469635571
author Xiaokang Qian <xiaokang.qian@arm.com> Tue Sep 20 11:35:41 2022 +0000
committer Xiaokang Qian <xiaokang.qian@arm.com> Wed Oct 12 11:03:41 2022 +0000
tree 8db8d88724d4005014a3e9fcad4df0eb5156c02c
parent 8fd3254cfcd8116ff50b139be6ab3f1b93094c73

Add server name check when proposeing pre-share key

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>

library/ssl_client.c

diff --git a/library/ssl_client.c b/library/ssl_client.c
index 1b59125..bd9edf1 100644
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@@ -54,6 +54,7 @@
 {
     unsigned char *p = buf;
     size_t hostname_len;
+    size_t cmp_hostname_len;
 
     *olen = 0;
 
@@ -64,8 +65,25 @@
         ( "client hello, adding server name extension: %s",
           ssl->hostname ) );
 
+    ssl->session_negotiate->hostname_mismatch = 0;
     hostname_len = strlen( ssl->hostname );
 
+    cmp_hostname_len = hostname_len < ssl->session_negotiate->hostname_len ?
+                       hostname_len : ssl->session_negotiate->hostname_len;
+
+    if( hostname_len != ssl->session_negotiate->hostname_len ||
+        memcmp( ssl->hostname, ssl->session_negotiate->hostname, cmp_hostname_len ) )
+        ssl->session_negotiate->hostname_mismatch = 1;
+
+    if( ssl->session_negotiate->hostname == NULL )
+    {
+        ssl->session_negotiate->hostname = mbedtls_calloc( 1, hostname_len );
+        if( ssl->session_negotiate->hostname == NULL )
+            return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+        memcpy(ssl->session_negotiate->hostname, ssl->hostname, hostname_len);
+    }
+    ssl->session_negotiate->hostname_len = hostname_len;
+
     MBEDTLS_SSL_CHK_BUF_PTR( p, end, hostname_len + 9 );
 
     /*