From 0cbfaab47d612511686afc91ee0b9c02a604c6a0 Mon Sep 17 00:00:00 2001 From: Rahul Kar <118818625+kar-rahul-aws@users.noreply.github.com> Date: Mon, 21 Apr 2025 20:21:08 +0530 Subject: [PATCH] Update network_transport files based on MbedTLSv3.6.3 (#1340) Update network_transport files based on MbedTLSv3.6.3 --- .../network_transport/transport_mbedtls.c | 18 +++++++++++------ .../transport_mbedtls_pkcs11.c | 20 ++++++++++++------- 2 files changed, 25 insertions(+), 13 deletions(-) diff --git a/FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls.c b/FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls.c index a0798e9e44..b668ea11dc 100644 --- a/FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls.c +++ b/FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls.c @@ -462,13 +462,19 @@ static void setOptionalConfigurations( SSLContext_t * pSslContext, { mbedtlsError = mbedtls_ssl_set_hostname( &( pSslContext->context ), pHostName ); + } + /* MbedTLS-3.6.3 requires calling the mbedtls_ssl_set_hostname() before calling mbedtls_ssl_handshake(). */ + else + { + mbedtlsError = mbedtls_ssl_set_hostname( &( pSslContext->context ), + NULL ); + } - if( mbedtlsError != 0 ) - { - LogError( ( "Failed to set server name: mbedTLSError= %s : %s.", - mbedtlsHighLevelCodeOrDefault( mbedtlsError ), - mbedtlsLowLevelCodeOrDefault( mbedtlsError ) ) ); - } + if( mbedtlsError != 0 ) + { + LogError( ( "Failed to set server name: mbedTLSError= %s : %s.", + mbedtlsHighLevelCodeOrDefault( mbedtlsError ), + mbedtlsLowLevelCodeOrDefault( mbedtlsError ) ) ); } /* Set Maximum Fragment Length if enabled. */ diff --git a/FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls_pkcs11.c b/FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls_pkcs11.c index 10d826c657..0a98b1f55b 100644 --- a/FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls_pkcs11.c +++ b/FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls_pkcs11.c @@ -463,15 +463,21 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext, { mbedtlsError = mbedtls_ssl_set_hostname( &( pTlsTransportParams->sslContext.context ), pHostName ); + } + /* MbedTLS-3.6.3 requires calling the mbedtls_ssl_set_hostname() before calling mbedtls_ssl_handshake(). */ + else + { + mbedtlsError = mbedtls_ssl_set_hostname( &( pTlsTransportParams->sslContext.context ), + NULL ); + } - if( mbedtlsError != 0 ) - { - LogError( ( "Failed to set server name: mbedTLSError= %s : %s.", - mbedtlsHighLevelCodeOrDefault( mbedtlsError ), - mbedtlsLowLevelCodeOrDefault( mbedtlsError ) ) ); + if( mbedtlsError != 0 ) + { + LogError( ( "Failed to set server name: mbedTLSError= %s : %s.", + mbedtlsHighLevelCodeOrDefault( mbedtlsError ), + mbedtlsLowLevelCodeOrDefault( mbedtlsError ) ) ); - returnStatus = TLS_TRANSPORT_INTERNAL_ERROR; - } + returnStatus = TLS_TRANSPORT_INTERNAL_ERROR; } }