mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 08:15:34 +00:00
Enhance documentation of ssl_write_hostname_ext, adapt ChangeLog.
Add a reference to the relevant RFC, adapt ChangeLog.
This commit is contained in:
parent
f5f9d11acc
commit
2f38a43d3a
|
@ -194,6 +194,8 @@ Security
|
|||
team. #569 CVE-2017-2784
|
||||
|
||||
Bugfix
|
||||
* Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times.
|
||||
Found by jethrogb, #836.
|
||||
* Fix output certificate verification flags set by x509_crt_verify_top() when
|
||||
traversing a chain of trusted CA. The issue would cause both flags,
|
||||
MBEDTLS_X509_BADCERT_NOT_TRUSTED and MBEDTLS_X509_BADCERT_EXPIRED, to be
|
||||
|
|
|
@ -1804,13 +1804,12 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
|
|||
* \note Maximum hostname length MBEDTLS_SSL_MAX_HOST_NAME_LEN.
|
||||
*
|
||||
* \return 0 if successful, MBEDTLS_ERR_SSL_ALLOC_FAILED on
|
||||
* allocation failure, MBEDTLS_ERR_BAD_INPUT_DATA on
|
||||
* allocation failure, MBEDTLS_ERR_SSL_BAD_INPUT_DATA on
|
||||
* too long input hostname.
|
||||
*
|
||||
* \post Hostname set to the one provided on success (cleared
|
||||
* Hostname set to the one provided on success (cleared
|
||||
* when NULL). On allocation failure hostname is cleared.
|
||||
* On too long input failure, old hostname is unchanged.
|
||||
*
|
||||
*/
|
||||
int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname );
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||
|
|
|
@ -80,6 +80,13 @@ static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
|
||||
/*
|
||||
* Sect. 3, RFC 6066 (TLS Extensions Definitions)
|
||||
*
|
||||
* In order to provide any of the server names, clients MAY include an
|
||||
* extension of type "server_name" in the (extended) client hello. The
|
||||
* "extension_data" field of this extension SHALL contain
|
||||
* "ServerNameList" where:
|
||||
*
|
||||
* struct {
|
||||
* NameType name_type;
|
||||
* select (name_type) {
|
||||
|
@ -96,6 +103,7 @@ static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
|
|||
* struct {
|
||||
* ServerName server_name_list<1..2^16-1>
|
||||
* } ServerNameList;
|
||||
*
|
||||
*/
|
||||
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF );
|
||||
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF );
|
||||
|
|
|
@ -6218,7 +6218,7 @@ int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname )
|
|||
|
||||
return( 0 );
|
||||
}
|
||||
#endif
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||
|
||||
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
|
||||
void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf,
|
||||
|
|
Loading…
Reference in a new issue