yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix session resumption fail when hostname is not localhost

Browse source 
Change-Id: Icb2f625bb11debb5c7cae36e34d7270f7baae4d5
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2022-10-28 12:18:52 +08:00
parent cd7fe3ee14
commit ad9e99bd2e
2 changed files with 8 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
programs/ssl/ssl_client2.c
View file

@ -83,6 +83,7 @@ int main( void )
#define DFL_RECSPLIT -1 #define DFL_RECSPLIT -1
#define DFL_DHMLEN -1 #define DFL_DHMLEN -1
#define DFL_RECONNECT 0 #define DFL_RECONNECT 0
#define DFL_RECO_SERVER_NAME NULL
#define DFL_RECO_DELAY 0 #define DFL_RECO_DELAY 0
#define DFL_RECO_MODE 1 #define DFL_RECO_MODE 1
#define DFL_CID_ENABLED 0 #define DFL_CID_ENABLED 0
@ -403,8 +404,8 @@ int main( void )
USAGE_RENEGO \ USAGE_RENEGO \
" exchanges=%%d default: 1\n" \ " exchanges=%%d default: 1\n" \
" reconnect=%%d number of reconnections using session resumption\n" \ " reconnect=%%d number of reconnections using session resumption\n" \
" default: 0 (disabled)\n" \ " default: 0 (disabled)\n" \
" reco_server_name=%%s default: localhost\n" \ " reco_server_name=%%s default: NULL\n" \
" reco_delay=%%d default: 0 seconds\n" \ " reco_delay=%%d default: 0 seconds\n" \
" reco_mode=%%d 0: copy session, 1: serialize session\n" \ " reco_mode=%%d 0: copy session, 1: serialize session\n" \
" default: 1\n" \ " default: 1\n" \
@ -921,7 +922,7 @@ int main( int argc, char *argv[] )
opt.recsplit = DFL_RECSPLIT; opt.recsplit = DFL_RECSPLIT;
opt.dhmlen = DFL_DHMLEN; opt.dhmlen = DFL_DHMLEN;
opt.reconnect = DFL_RECONNECT; opt.reconnect = DFL_RECONNECT;
opt.reco_server_name = DFL_SERVER_NAME; opt.reco_server_name = DFL_RECO_SERVER_NAME;
opt.reco_delay = DFL_RECO_DELAY; opt.reco_delay = DFL_RECO_DELAY;
opt.reco_mode = DFL_RECO_MODE; opt.reco_mode = DFL_RECO_MODE;
opt.reconnect_hard = DFL_RECONNECT_HARD; opt.reconnect_hard = DFL_RECONNECT_HARD;
@ -1118,7 +1119,7 @@ int main( int argc, char *argv[] )
if( opt.reconnect < 0 || opt.reconnect > 2 ) if( opt.reconnect < 0 || opt.reconnect > 2 )
goto usage; goto usage;
} }
else if( strcmp( p, "rec_server_name" ) == 0 ) else if( strcmp( p, "reco_server_name" ) == 0 )
opt.reco_server_name = q; opt.reco_server_name = q;
else if( strcmp( p, "reco_delay" ) == 0 ) else if( strcmp( p, "reco_delay" ) == 0 )
{ {
@ -3113,7 +3114,8 @@ reconnect:
} }
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
if( ( ret = mbedtls_ssl_set_hostname( &ssl, if( opt.reco_server_name != NULL &&
( ret = mbedtls_ssl_set_hostname( &ssl,
opt.reco_server_name ) ) != 0 ) opt.reco_server_name ) ) != 0 )
{ {
mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n",

2
tests/ssl-opt.sh
View file

@ -13018,7 +13018,7 @@ requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
run_test "TLS 1.3: NewSessionTicket: servername negative check, m->m" \ run_test "TLS 1.3: NewSessionTicket: servername negative check, m->m" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4 \ "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4 \
sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
"$P_CLI debug_level=4 server_name=localhost rec_server_name=remote reco_mode=1 reconnect=1" \ "$P_CLI debug_level=4 server_name=localhost reco_server_name=remote reco_mode=1 reconnect=1" \
1 \ 1 \
-c "Protocol is TLSv1.3" \ -c "Protocol is TLSv1.3" \
-c "got new session ticket." \ -c "got new session ticket." \