commit bc663a04612be598fad51ecf5450345196ee50ae
author Xiaokang Qian <xiaokang.qian@arm.com> Sun Oct 09 11:14:39 2022 +0000
committer Xiaokang Qian <xiaokang.qian@arm.com> Wed Oct 12 11:06:01 2022 +0000
tree 029c3ffc2e6c49214a977819f256769e3e774e4d
parent adf84a4a8c036268beed5b92a7430e30b905b91a

Refine code based on commnets

Change code layout
Change hostname_len type to size_t
Fix various issues

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index abadc80..959d015 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -297,14 +297,16 @@
     }
 #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
 
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && defined(MBEDTLS_SSL_CLI_C)
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
+    defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \
+    defined(MBEDTLS_SSL_CLI_C)
     if( src->endpoint == MBEDTLS_SSL_IS_CLIENT && src->hostname != NULL )
     {
-        dst->hostname = mbedtls_calloc( 1, src->hostname_len );
+        dst->hostname = mbedtls_calloc( 1, src->hostname_len + 1 );
         if( dst->hostname == NULL )
             return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
 
-        memcpy( dst->hostname, src->hostname, src->hostname_len );
+        strcpy( dst->hostname, src->hostname );
         dst->hostname_len = src->hostname_len;
     }
 #endif
@@ -1958,7 +1960,6 @@
  *       uint32 ticket_age_add;
  *       uint8 ticket_flags;
  *       opaque resumption_key<0..255>;
- *
  *       select ( endpoint ) {
  *            case client: ClientOnlyData;
  *            case server: uint64 start_time;
@@ -1993,7 +1994,7 @@
     if( session->endpoint == MBEDTLS_SSL_IS_CLIENT )
     {
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-        needed +=  1                        /* hostname_len */
+        needed +=  2                        /* hostname_len */
                  + session->hostname_len;   /* hostname */
 #endif
 
@@ -2026,13 +2027,15 @@
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && defined(MBEDTLS_SSL_CLI_C)
     if( session->endpoint == MBEDTLS_SSL_IS_CLIENT )
     {
-        p[0] = session->hostname_len;
-        p++;
+        MBEDTLS_PUT_UINT16_BE( session->hostname_len, p, 0 );
+        p += 2;
         if ( session->hostname_len > 0 &&
              session->hostname != NULL )
-        /* save host name */
-        memcpy( p, session->hostname, session->hostname_len );
-        p += session->hostname_len;
+        {
+            /* save host name */
+            memcpy( p, session->hostname, session->hostname_len );
+            p += session->hostname_len;
+        }
     }
 #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION && MBEDTLS_SSL_CLI_C */
 
@@ -2098,19 +2101,20 @@
     if( session->endpoint == MBEDTLS_SSL_IS_CLIENT )
     {
         /* load host name */
-        if( end - p < 1 )
+        if( end - p < 2 )
             return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-        session->hostname_len = p[0];
-        p += 1;
+        session->hostname_len = MBEDTLS_GET_UINT16_BE( p, 0);
+        p += 2;
 
-        if( end - p < session->hostname_len )
+        if( end - p < ( long int )session->hostname_len )
             return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
         if( session->hostname_len > 0 )
         {
-            session->hostname = mbedtls_calloc( 1, session->hostname_len );
+            session->hostname = mbedtls_calloc( 1, session->hostname_len + 1 );
             if( session->hostname == NULL )
                 return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
             memcpy( session->hostname, p, session->hostname_len );
+            session->hostname[session->hostname_len] = '\0';
             p += session->hostname_len;
         }
     }
@@ -3733,7 +3737,8 @@
     mbedtls_free( session->ticket );
 #endif
 
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
+    defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
     mbedtls_free( session->hostname );
 #endif