TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 6310e98fa54fffb28b646875938c810cad1790fe^! / .
commit6310e98fa54fffb28b646875938c810cad1790fe[log] [tgz]
authorGilles Peskine <Gilles.Peskine@arm.com>Thu Feb 20 17:44:48 2025 +0100
committerGilles Peskine <Gilles.Peskine@arm.com>Tue Feb 25 18:47:55 2025 +0100
treeddd938880d5648c744c11880cfa315d839ded324
parent7d193acf01c559a69359fd47f718f723c28d948a [diff]
Expose mbedtls_ssl_get_hostname_pointer()

In 2.28, the `hostname` field of `mbedtls_ssl_context` is part of the public
API. We've slightly changed its meaning in order to fix a security issue.
Document the new function mbedtls_ssl_get_hostname_pointer() which
returns what used to be the value of this field.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

diff --git a/ChangeLog.d/mbedtls_ssl_set_hostname.txt b/ChangeLog.d/mbedtls_ssl_set_hostname.txt
index cb61ed1..bd15d3a 100644
--- a/ChangeLog.d/mbedtls_ssl_set_hostname.txt
+++ b/ChangeLog.d/mbedtls_ssl_set_hostname.txt

@@ -8,6 +8,9 @@
      call mbedtls_ssl_set_hostname() with NULL as the hostname, or
      enable the new compile-time option
      MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME.
+     The content of ssl->hostname after mbedtls_ssl_set_hostname(ssl, NULL)
+     has changed, see the documentation of the hostname field in the
+     mbedtls_ssl_context struct type for details.
 
 Security
    * Note that TLS clients should generally call mbedtls_ssl_set_hostname()

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 541fcc8..f89f470 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h

@@ -1449,7 +1449,10 @@
      *  \p hostname argument.
      * - A special value to indicate that mbedtls_ssl_set_hostname()
      *   was called with \p NULL (as opposed to never having been called).
-     *   See `mbedtls_ssl_get_hostname_pointer()` in `ssl_tls.c`.
+     *
+     * If you need to obtain the value passed to
+     * mbedtls_ssl_set_hostname() even if it may have been called with
+     * \p NULL, call mbedtls_ssl_get_hostname_pointer().
      *
      * If this field contains the value \p NULL and the configuration option
      * #MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME

diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index fdc1719..e387369 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h

@@ -1214,7 +1214,6 @@
     return 4;
 }
 
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
 /** Get the host name from the SSL context.
  *
  * \param[in]   ssl     SSL context
@@ -1224,7 +1223,6 @@
  *         \p ssl or if it was last called with \p NULL.
  */
 const char *mbedtls_ssl_get_hostname_pointer(const mbedtls_ssl_context *ssl);
-#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
 
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
 void mbedtls_ssl_send_flight_completed(mbedtls_ssl_context *ssl);

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 91b4ae9..65d5b96 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -62,11 +62,6 @@
 }
 #endif
 
-/* Micro-optimization: don't export this function if it isn't needed outside
- * of this source file. */
-#if !defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-static
-#endif
 const char *mbedtls_ssl_get_hostname_pointer(const mbedtls_ssl_context *ssl)
 {
     if (ssl->hostname == ssl_hostname_skip_cn_verification) {