File tree 4 files changed +56
-0
lines changed
4 files changed +56
-0
lines changed Original file line number Diff line number Diff line change @@ -352,6 +352,16 @@ EXP_FUNC int STDCALL ssl_handshake_status(const SSL *ssl);
352352 */
353353EXP_FUNC int STDCALL ssl_get_config (int offset );
354354
355+ /**
356+ * @brief Sets the hostname to be used for SNI
357+ * @see https://en.wikipedia.org/wiki/Server_Name_Indication
358+ * @param char* hostname
359+ * @return success from the operation
360+ * - 1 on success
361+ * - 0 on failure
362+ */
363+ EXP_FUNC int STDCALL ssl_set_hostname (SSL * ssl , const char * host_name );
364+
355365/**
356366 * @brief Display why the handshake failed.
357367 *
Original file line number Diff line number Diff line change @@ -568,6 +568,8 @@ SSL *ssl_new(SSL_CTX *ssl_ctx, int client_fd)
568568 ssl -> encrypt_ctx = malloc (sizeof (AES_CTX ));
569569 ssl -> decrypt_ctx = malloc (sizeof (AES_CTX ));
570570
571+ ssl -> host_name = NULL ;
572+
571573 SSL_CTX_UNLOCK (ssl_ctx -> mutex );
572574 return ssl ;
573575}
@@ -1849,6 +1851,29 @@ EXP_FUNC int STDCALL ssl_get_config(int offset)
18491851 }
18501852}
18511853
1854+ /**
1855+ * Sets the SNI hostname
1856+ */
1857+ EXP_FUNC int STDCALL ssl_set_hostname (SSL * ssl , const char * host_name ) {
1858+ if (host_name == NULL || strlen (host_name ) == 0 || strlen (host_name ) > 255 ) {
1859+ return 0 ;
1860+ }
1861+
1862+ if (ssl -> host_name != NULL ) {
1863+ free (ssl -> host_name );
1864+ }
1865+
1866+ ssl -> host_name = (char * )malloc (strlen (host_name )+ 1 );
1867+ if (ssl -> host_name == NULL ) {
1868+ // most probably there was no memory available
1869+ return 0 ;
1870+ }
1871+
1872+ strcpy (ssl -> host_name , host_name );
1873+
1874+ return 1 ;
1875+ }
1876+
18521877#ifdef CONFIG_SSL_CERT_VERIFICATION
18531878/**
18541879 * Authenticate a received certificate.
Original file line number Diff line number Diff line change @@ -198,6 +198,7 @@ struct _SSL
198198 uint8_t read_sequence [8 ]; /* 64 bit sequence number */
199199 uint8_t write_sequence [8 ]; /* 64 bit sequence number */
200200 uint8_t hmac_header [SSL_RECORD_SIZE ]; /* rx hmac */
201+ char * host_name ; /* Needed for the SNI support */
201202};
202203
203204typedef struct _SSL SSL ;
Original file line number Diff line number Diff line change @@ -220,6 +220,26 @@ static int send_client_hello(SSL *ssl)
220220
221221 buf [offset ++ ] = 1 ; /* no compression */
222222 buf [offset ++ ] = 0 ;
223+
224+ if (ssl -> host_name != NULL ) {
225+ unsigned int host_len = strlen (ssl -> host_name );
226+
227+ buf [offset ++ ] = 0 ;
228+ buf [offset ++ ] = host_len + 9 ; /* extensions length */
229+
230+ buf [offset ++ ] = 0 ;
231+ buf [offset ++ ] = 0 ; /* server_name(0) (65535) */
232+ buf [offset ++ ] = 0 ;
233+ buf [offset ++ ] = host_len + 5 ; /* server_name length */
234+ buf [offset ++ ] = 0 ;
235+ buf [offset ++ ] = host_len + 3 ; /* server_list length */
236+ buf [offset ++ ] = 0 ; /* host_name(0) (255) */
237+ buf [offset ++ ] = 0 ;
238+ buf [offset ++ ] = host_len ; /* host_name length */
239+ strncpy ((char * ) & buf [offset ], ssl -> host_name , host_len );
240+ offset += host_len ;
241+ }
242+
223243 buf [3 ] = offset - 4 ; /* handshake size */
224244
225245 return send_packet (ssl , PT_HANDSHAKE_PROTOCOL , NULL , offset );
You can’t perform that action at this time.
0 commit comments