Adapt support for SNI to recent changes
This commit is contained in:
Manuel Pégourié-Gonnard
parent
d09453c88c
commit
705fcca409
3 changed files with 50 additions and 20 deletions
|
|
@ -494,6 +494,7 @@ struct _ssl_handshake_params
|
|||
#endif
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
ssl_key_cert *key_cert; /*!< Own key/cert in use */
|
||||
int free_key_cert; /*!< Shall we free key_cert? */
|
||||
#endif
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -338,6 +338,26 @@ static int ssl_parse_ticket( ssl_context *ssl,
|
|||
#endif /* POLARSSL_SSL_SESSION_TICKETS */
|
||||
|
||||
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
|
||||
/*
|
||||
* Wrapper around f_sni, allowing use of
|
||||
* ssl_set_own_cert() but making it act on ssl->hanshake->key_cert instead.
|
||||
*/
|
||||
static int ssl_sni_wrapper( ssl_context *ssl,
|
||||
const unsigned char* name, size_t len )
|
||||
{
|
||||
int ret;
|
||||
ssl_key_cert *key_cert_ori = ssl->key_cert;
|
||||
|
||||
ssl->key_cert = NULL;
|
||||
ret = ssl->f_sni( ssl->p_sni, ssl, name, len );
|
||||
ssl->handshake->key_cert = ssl->key_cert;
|
||||
ssl->handshake->free_key_cert = 1;
|
||||
|
||||
ssl->key_cert = key_cert_ori;
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
static int ssl_parse_servername_ext( ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
|
@ -365,7 +385,7 @@ static int ssl_parse_servername_ext( ssl_context *ssl,
|
|||
|
||||
if( p[0] == TLS_EXT_SERVERNAME_HOSTNAME )
|
||||
{
|
||||
ret = ssl->f_sni( ssl->p_sni, ssl, p + 3, hostname_len );
|
||||
ret = ssl_sni_wrapper( ssl, p + 3, hostname_len );
|
||||
if( ret != 0 )
|
||||
{
|
||||
ssl_send_alert_message( ssl, SSL_ALERT_LEVEL_FATAL,
|
||||
|
|
|
|||
|
|
@ -4136,6 +4136,27 @@ void ssl_transform_free( ssl_transform *transform )
|
|||
memset( transform, 0, sizeof( ssl_transform ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
static void ssl_key_cert_free( ssl_key_cert *key_cert )
|
||||
{
|
||||
ssl_key_cert *cur = key_cert, *next;
|
||||
|
||||
while( cur != NULL )
|
||||
{
|
||||
next = cur->next;
|
||||
|
||||
if( cur->key_own_alloc )
|
||||
{
|
||||
pk_free( cur->key );
|
||||
polarssl_free( cur->key );
|
||||
}
|
||||
polarssl_free( cur );
|
||||
|
||||
cur = next;
|
||||
}
|
||||
}
|
||||
#endif /* POLARSSL_X509_CRT_PARSE_C */
|
||||
|
||||
void ssl_handshake_free( ssl_handshake_params *handshake )
|
||||
{
|
||||
#if defined(POLARSSL_DHM_C)
|
||||
|
|
@ -4149,6 +4170,11 @@ void ssl_handshake_free( ssl_handshake_params *handshake )
|
|||
polarssl_free( handshake->curves );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
if( handshake->free_key_cert != 0 )
|
||||
ssl_key_cert_free( handshake->key_cert );
|
||||
#endif
|
||||
|
||||
memset( handshake, 0, sizeof( ssl_handshake_params ) );
|
||||
}
|
||||
|
||||
|
|
@ -4242,25 +4268,8 @@ void ssl_free( ssl_context *ssl )
|
|||
#endif
|
||||
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
if( ssl->key_cert != NULL )
|
||||
{
|
||||
ssl_key_cert *cur = ssl->key_cert, *next;
|
||||
|
||||
while( cur != NULL )
|
||||
{
|
||||
next = cur->next;
|
||||
|
||||
if( cur->key_own_alloc )
|
||||
{
|
||||
pk_free( cur->key );
|
||||
polarssl_free( cur->key );
|
||||
}
|
||||
polarssl_free( cur );
|
||||
|
||||
cur = next;
|
||||
}
|
||||
}
|
||||
#endif /* POLARSSL_X509_CRT_PARSE_C */
|
||||
ssl_key_cert_free( ssl->key_cert );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
|
||||
if( ssl_hw_record_finish != NULL )
|
||||
|
|
|
|||
Loading…
Reference in a new issue