Remove public api mbedtls_ssl_reset_hostname()

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2025-02-03 20:54:00 +00:00 · 2022-10-09 09:21:22 +00:00 · 2022-10-09 09:21:22 +00:00 · adf84a4a8c
commit adf84a4a8c
parent fb8ac46add
4 changed files with 6 additions and 59 deletions
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -1182,7 +1182,6 @@ struct mbedtls_ssl_session
 #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */

 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS)
-    uint8_t MBEDTLS_PRIVATE(endpoint);          /*!< 0: client, 1: server */
    uint8_t MBEDTLS_PRIVATE(ticket_flags);      /*!< Ticket flags */
    uint32_t MBEDTLS_PRIVATE(ticket_age_add);               /*!< Randomly generated value used to obscure the age of the ticket */
    uint8_t MBEDTLS_PRIVATE(resumption_key_len);            /*!< resumption_key length */
@ -1200,12 +1199,14 @@ struct mbedtls_ssl_session

 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
    mbedtls_ssl_tls13_application_secrets MBEDTLS_PRIVATE(app_secrets);
-#endif
+
+    uint8_t MBEDTLS_PRIVATE(endpoint);          /*!< 0: client, 1: server */
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
    uint8_t MBEDTLS_PRIVATE(hostname_len);            /*!< host_name length */
    char *MBEDTLS_PRIVATE(hostname);             /*!< host name binded with tickets */
    uint8_t hostname_mismatch;                   /*!< whether new host_name match with saved one */
 #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
 };

 /*
@ -3667,27 +3668,6 @@ void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf,
 *                 On too long input failure, old hostname is unchanged.
 */
 int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname );
-
-/**
- * \brief          Reset the hostname to the new server name when reconnection.
- *
- * \param ssl           SSL context
- * \param hostname      the server hostname, may be NULL
- * \param rec_hostname  the server rec_hostname, may be NULL
-
- * \note           Maximum hostname length MBEDTLS_SSL_MAX_HOST_NAME_LEN.
- *
- * \return         0 if successful, MBEDTLS_ERR_SSL_ALLOC_FAILED on
- *                 allocation failure, MBEDTLS_ERR_SSL_BAD_INPUT_DATA on
- *                 too long input rec_hostname.
- *
- *                 Rec_hostname set to the one provided on success.
- *                 On allocation failure hostname is unchanged.
- *                 On too long input failure, old hostname is unchanged.
- */
-int mbedtls_ssl_reset_hostname( mbedtls_ssl_context *ssl,
-                                const char *hostname,
-                                const char *rec_hostname );
 #endif /* MBEDTLS_X509_CRT_PARSE_C */

 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -2484,39 +2484,6 @@ int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname )

    return( 0 );
 }
-
-int mbedtls_ssl_reset_hostname( mbedtls_ssl_context *ssl,
-                                const char *hostname,
-                                const char *rec_hostname )
-{
-    /* Initialize to suppress unnecessary compiler warning */
-    size_t rec_hostname_len = 0;
-
-    if( hostname == NULL || rec_hostname == NULL )
-        return( 0 );
-
-    rec_hostname_len = strlen( rec_hostname );
-    if( rec_hostname_len > MBEDTLS_SSL_MAX_HOST_NAME_LEN )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    if( rec_hostname_len == strlen( hostname ) &&
-        memcmp( hostname, rec_hostname, rec_hostname_len ) == 0 )
-        return( 0 );
-
-    if( ssl->hostname != NULL )
-    {
-        mbedtls_platform_zeroize( ssl->hostname, strlen( ssl->hostname ) );
-        mbedtls_free( ssl->hostname );
-        ssl->hostname = NULL;
-        ssl->hostname = mbedtls_calloc( 1, rec_hostname_len + 1 );
-        if( ssl->hostname == NULL )
-            return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-        memcpy( ssl->hostname, rec_hostname, rec_hostname_len );
-        ssl->hostname[rec_hostname_len] = '\0';
-    }
-
-    return( 0 );
-}
 #endif /* MBEDTLS_X509_CRT_PARSE_C */

 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@ -3119,10 +3119,10 @@ reconnect:
        }

 #if defined(MBEDTLS_X509_CRT_PARSE_C)
-        if( ( ret = mbedtls_ssl_reset_hostname( &ssl, opt.server_name,
+        if( ( ret = mbedtls_ssl_set_hostname( &ssl,
                                                opt.reco_server_name ) ) != 0 )
        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_reset_hostname returned %d\n\n",
+            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n",
                            ret );
            goto exit;
        }
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@ -12909,7 +12909,7 @@ run_test    "TLS 1.3: NewSessionTicket: servername negative check, m->m" \
            -c "got new session ticket." \
            -c "Saving session for reuse... ok" \
            -c "Reconnecting with saved session" \
-            -c "hostname mismatch the session ticker, should not resume"    \
+            -c "hostname mismatch the session ticket, should not resume"    \
            -s "=> write NewSessionTicket msg" \
            -s "server state: MBEDTLS_SSL_NEW_SESSION_TICKET" \
            -s "server state: MBEDTLS_SSL_NEW_SESSION_TICKET_FLUSH"