Update network_transport files based on MbedTLSv3.6.3 (FreeRTOS#1340)

kar-rahul-aws · web-flow · commit 0cbfaab47d61 · 2025-04-21T20:21:08.000+05:30
Update network_transport files based on MbedTLSv3.6.3
diff --git a/FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls.c b/FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls.c
@@ -462,13 +462,19 @@ static void setOptionalConfigurations( SSLContext_t * pSslContext,
     {
         mbedtlsError = mbedtls_ssl_set_hostname( &( pSslContext->context ),
                                                  pHostName );
+    }
+    /* MbedTLS-3.6.3 requires calling the mbedtls_ssl_set_hostname() before calling mbedtls_ssl_handshake(). */
+    else
+    {
+        mbedtlsError = mbedtls_ssl_set_hostname( &( pSslContext->context ),
+                                                 NULL );
+    }
 
-        if( mbedtlsError != 0 )
-        {
-            LogError( ( "Failed to set server name: mbedTLSError= %s : %s.",
-                        mbedtlsHighLevelCodeOrDefault( mbedtlsError ),
-                        mbedtlsLowLevelCodeOrDefault( mbedtlsError ) ) );
-        }
+    if( mbedtlsError != 0 )
+    {
+        LogError( ( "Failed to set server name: mbedTLSError= %s : %s.",
+                    mbedtlsHighLevelCodeOrDefault( mbedtlsError ),
+                    mbedtlsLowLevelCodeOrDefault( mbedtlsError ) ) );
     }
 
     /* Set Maximum Fragment Length if enabled. */
diff --git a/FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls_pkcs11.c b/FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls_pkcs11.c
@@ -463,15 +463,21 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
         {
             mbedtlsError = mbedtls_ssl_set_hostname( &( pTlsTransportParams->sslContext.context ),
                                                      pHostName );
+        }
+        /* MbedTLS-3.6.3 requires calling the mbedtls_ssl_set_hostname() before calling mbedtls_ssl_handshake(). */
+        else
+        {
+            mbedtlsError = mbedtls_ssl_set_hostname( &( pTlsTransportParams->sslContext.context ),
+                                                     NULL );
+        }
 
-            if( mbedtlsError != 0 )
-            {
-                LogError( ( "Failed to set server name: mbedTLSError= %s : %s.",
-                            mbedtlsHighLevelCodeOrDefault( mbedtlsError ),
-                            mbedtlsLowLevelCodeOrDefault( mbedtlsError ) ) );
+        if( mbedtlsError != 0 )
+        {
+            LogError( ( "Failed to set server name: mbedTLSError= %s : %s.",
+                        mbedtlsHighLevelCodeOrDefault( mbedtlsError ),
+                        mbedtlsLowLevelCodeOrDefault( mbedtlsError ) ) );
 
-                returnStatus = TLS_TRANSPORT_INTERNAL_ERROR;
-            }
+            returnStatus = TLS_TRANSPORT_INTERNAL_ERROR;
         }
     }
 
