26 static int ssl_write_hostname_ext(mbedtls_ssl_context *ssl,  in ssl_write_hostname_ext()  argument
36     if (ssl->hostname == NULL) {  in ssl_write_hostname_ext()
42                            ssl->hostname));  in ssl_write_hostname_ext()
44     hostname_len = strlen(ssl->hostname);  in ssl_write_hostname_ext()
88     memcpy(p, ssl->hostname, hostname_len);  in ssl_write_hostname_ext()
93     mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_SERVERNAME);  in ssl_write_hostname_ext()
114 static int ssl_write_alpn_ext(mbedtls_ssl_context *ssl,  in ssl_write_alpn_ext()  argument
123     if (ssl->conf->alpn_list == NULL) {  in ssl_write_alpn_ext()
145     for (const char **cur = ssl->conf->alpn_list; *cur != NULL; cur++) {  in ssl_write_alpn_ext()
167     mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_ALPN);  in ssl_write_alpn_ext()
217 static int ssl_write_supported_groups_ext(mbedtls_ssl_context *ssl,  in ssl_write_supported_groups_ext()  argument
226     const uint16_t *group_list = mbedtls_ssl_get_groups(ssl);  in ssl_write_supported_groups_ext()
308         ssl, MBEDTLS_TLS_EXT_SUPPORTED_GROUPS);  in ssl_write_supported_groups_ext()
318     mbedtls_ssl_context *ssl,  in ssl_write_client_hello_cipher_suites()  argument
340     ciphersuite_list = ssl->conf->ciphersuite_list;  in ssl_write_client_hello_cipher_suites()
356         if (mbedtls_ssl_validate_ciphersuite(ssl, ciphersuite_info,  in ssl_write_client_hello_cipher_suites()
357                                              ssl->handshake->min_tls_version,  in ssl_write_client_hello_cipher_suites()
358                                              ssl->tls_version) != 0) {  in ssl_write_client_hello_cipher_suites()
384     renegotiating = (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE);  in ssl_write_client_hello_cipher_suites()
436 static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl,  in ssl_write_client_hello_body()  argument
443     mbedtls_ssl_handshake_params *handshake = ssl->handshake;  in ssl_write_client_hello_body()
457         (MBEDTLS_SSL_VERSION_TLS1_2 <= ssl->tls_version);  in ssl_write_client_hello_body()
463         (MBEDTLS_SSL_VERSION_TLS1_3 <= ssl->tls_version);  in ssl_write_client_hello_body()
472     mbedtls_ssl_write_version(p, ssl->conf->transport,  in ssl_write_client_hello_body()
506     MBEDTLS_SSL_CHK_BUF_PTR(p, end, ssl->session_negotiate->id_len + 1);  in ssl_write_client_hello_body()
507     *p++ = (unsigned char) ssl->session_negotiate->id_len;  in ssl_write_client_hello_body()
508     memcpy(p, ssl->session_negotiate->id, ssl->session_negotiate->id_len);  in ssl_write_client_hello_body()
509     p += ssl->session_negotiate->id_len;  in ssl_write_client_hello_body()
511     MBEDTLS_SSL_DEBUG_BUF(3, "session id", ssl->session_negotiate->id,  in ssl_write_client_hello_body()
512                           ssl->session_negotiate->id_len);  in ssl_write_client_hello_body()
520     if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {  in ssl_write_client_hello_body()
544     ret = ssl_write_client_hello_cipher_suites(ssl, p, end,  in ssl_write_client_hello_body()
580     ret = ssl_write_hostname_ext(ssl, p, end, &output_len);  in ssl_write_client_hello_body()
588     ret = ssl_write_alpn_ext(ssl, p, end, &output_len);  in ssl_write_client_hello_body()
597         ret = mbedtls_ssl_tls13_write_client_hello_exts(ssl, p, end,  in ssl_write_client_hello_body()
612         if (propose_tls13 && mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) {  in ssl_write_client_hello_body()
624             ret = ssl_write_supported_groups_ext(ssl, p, end,  in ssl_write_client_hello_body()
640                         (propose_tls13 && mbedtls_ssl_conf_tls13_is_ephemeral_enabled(ssl));  in ssl_write_client_hello_body()
647         ret = mbedtls_ssl_write_sig_alg_ext(ssl, p, end, &output_len);  in ssl_write_client_hello_body()
657         ret = mbedtls_ssl_tls12_write_client_hello_exts(ssl, p, end,  in ssl_write_client_hello_body()
671     if (propose_tls13 && mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl)) {  in ssl_write_client_hello_body()
673             ssl, p, end, &output_len, binders_len);  in ssl_write_client_hello_body()
699 static int ssl_generate_random(mbedtls_ssl_context *ssl)  in ssl_generate_random()  argument
702     unsigned char *randbytes = ssl->handshake->randbytes;  in ssl_generate_random()
717     if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_2) {  in ssl_generate_random()
729     ret = ssl->conf->f_rng(ssl->conf->p_rng,  in ssl_generate_random()
736 static int ssl_prepare_client_hello(mbedtls_ssl_context *ssl)  in ssl_prepare_client_hello()  argument
740     mbedtls_ssl_session *session_negotiate = ssl->session_negotiate;  in ssl_prepare_client_hello()
751     if (ssl->handshake->resume != 0 &&  in ssl_prepare_client_hello()
761             ssl->handshake->resume = 0;  in ssl_prepare_client_hello()
772     if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) {  in ssl_prepare_client_hello()
773         ssl->handshake->min_tls_version = ssl->tls_version;  in ssl_prepare_client_hello()
777         if (ssl->handshake->resume) {  in ssl_prepare_client_hello()
778             ssl->tls_version = session_negotiate->tls_version;  in ssl_prepare_client_hello()
779             ssl->handshake->min_tls_version = ssl->tls_version;  in ssl_prepare_client_hello()
781             ssl->handshake->min_tls_version = ssl->conf->min_tls_version;  in ssl_prepare_client_hello()
791     if ((ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) ||  in ssl_prepare_client_hello()
792         (ssl->handshake->cookie == NULL))  in ssl_prepare_client_hello()
796         if (!ssl->handshake->hello_retry_request_flag)  in ssl_prepare_client_hello()
799             ret = ssl_generate_random(ssl);  in ssl_prepare_client_hello()
816     if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_2) {  in ssl_prepare_client_hello()
819             ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ||  in ssl_prepare_client_hello()
821             ssl->handshake->resume == 0) {  in ssl_prepare_client_hello()
832         if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) {  in ssl_prepare_client_hello()
847     if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) {  in ssl_prepare_client_hello()
871             ret = ssl->conf->f_rng(ssl->conf->p_rng,  in ssl_prepare_client_hello()
884     if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_3  &&  in ssl_prepare_client_hello()
885         ssl->handshake->resume) {  in ssl_prepare_client_hello()
886         int hostname_mismatch = ssl->hostname != NULL ||  in ssl_prepare_client_hello()
888         if (ssl->hostname != NULL && session_negotiate->hostname != NULL) {  in ssl_prepare_client_hello()
890                 ssl->hostname, session_negotiate->hostname) != 0;  in ssl_prepare_client_hello()
901                                                 ssl->hostname);  in ssl_prepare_client_hello()
913 int mbedtls_ssl_write_client_hello(mbedtls_ssl_context *ssl)  in mbedtls_ssl_write_client_hello()  argument
921     MBEDTLS_SSL_PROC_CHK(ssl_prepare_client_hello(ssl));  in mbedtls_ssl_write_client_hello()
924                              ssl, MBEDTLS_SSL_HS_CLIENT_HELLO,  in mbedtls_ssl_write_client_hello()
927     MBEDTLS_SSL_PROC_CHK(ssl_write_client_hello_body(ssl, buf,  in mbedtls_ssl_write_client_hello()
933     if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {  in mbedtls_ssl_write_client_hello()
934         ssl->out_msglen = msg_len + 4;  in mbedtls_ssl_write_client_hello()
935         mbedtls_ssl_send_flight_completed(ssl);  in mbedtls_ssl_write_client_hello()
946         mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO);  in mbedtls_ssl_write_client_hello()
948         if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) {  in mbedtls_ssl_write_client_hello()
953         if ((ret = mbedtls_ssl_flight_transmit(ssl)) != 0) {  in mbedtls_ssl_write_client_hello()
961         ret = mbedtls_ssl_add_hs_hdr_to_checksum(ssl,  in mbedtls_ssl_write_client_hello()
968         ret = ssl->handshake->update_checksum(ssl, buf, msg_len - binders_len);  in mbedtls_ssl_write_client_hello()
977                     ssl, buf + msg_len - binders_len, buf + msg_len));  in mbedtls_ssl_write_client_hello()
978             ret = ssl->handshake->update_checksum(ssl, buf + msg_len - binders_len,  in mbedtls_ssl_write_client_hello()
987         MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(ssl,  in mbedtls_ssl_write_client_hello()
995         mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO);  in mbedtls_ssl_write_client_hello()
998         if (ssl->handshake->min_tls_version <=  MBEDTLS_SSL_VERSION_TLS1_3 &&  in mbedtls_ssl_write_client_hello()
999             MBEDTLS_SSL_VERSION_TLS1_3 <= ssl->tls_version) {  in mbedtls_ssl_write_client_hello()
1000             ret = mbedtls_ssl_tls13_finalize_client_hello(ssl);  in mbedtls_ssl_write_client_hello()
1007         3, MBEDTLS_SSL_HS_CLIENT_HELLO, ssl->handshake->sent_extensions);  in mbedtls_ssl_write_client_hello()