commit 75fe8c7e548f4159d3cd5ec2199a1be3e27aa205
author XiaokangQian <xiaokang.qian@arm.com> Wed Jun 15 09:42:45 2022 +0000
committer XiaokangQian <xiaokang.qian@arm.com> Wed Jun 15 09:42:45 2022 +0000
tree 13ae92327d826d1603a5b51f00b82c0c8900f5b9
parent fb665a8452982e92dfd8011fe0d80b78a614defe

Change place of ssl_tls13_check_ephemeral_key_exchange

Change-Id: Id49172f7375e2a0771ad1216fb7eead808f0db3e
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 6c2ba72..8332461 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -8248,7 +8248,7 @@
 
     MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, server_name_list_len );
     server_name_list_end = p + server_name_list_len;
-    while ( p < server_name_list_end )
+    while( p < server_name_list_end )
     {
         MBEDTLS_SSL_CHK_BUF_READ_PTR( p, server_name_list_end, 3 );
         hostname_len = MBEDTLS_GET_UINT16_BE( p, 1 );
@@ -8257,6 +8257,11 @@
 
         if( p[0] == MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME )
         {
+            /* sni_name is intended to be used only during the parsing of the
+             * ClientHello message (it is reset to NULL before the end of
+             * the message parsing). Thus it is ok to just point to the
+             * reception buffer and not make a copy of it.
+             */
             ssl->handshake->sni_name = p + 3;
             ssl->handshake->sni_name_len = hostname_len;
             if( ssl->conf->f_sni == NULL )