setting hostname is required for tls1.3 in mbedtls

author: Dirk Engling <erdgeist@erdgeist.org> 2026-01-21 23:51:57 +0100
committer: Dirk Engling <erdgeist@erdgeist.org> 2026-01-21 23:51:57 +0100
commit: d7ecb3d0a7bb1f34def28296deafbb407bee4a77 (patch)
tree: 7918c1d77b4578acbe10a75b5c8c063d31e616dd
parent: bbf5d1685442431812387c77ed1cfd546824de88 (diff)
3 files changed, 4 insertions, 4 deletions
diff --git a/vchat-connection.c b/vchat-connection.c
index dea69d0..d0abc0d 100644
--- a/vchat-connection.c
+++ b/vchat-connection.c
@@ -166,7 +166,7 @@ int vc_connect(const char *server, const char *port) {
 #endif
 #ifdef TLS_LIB_MBEDTLS
  if (_engine == TLS_ENGINE_MBEDTLS)
-    result = vc_mbedtls_connect(serverfd, &vc_store);
+    result = vc_mbedtls_connect(server, serverfd, &vc_store);
 #endif
  vc_cleanup_x509store(&vc_store);
diff --git a/vchat-tls.c b/vchat-tls.c
index eaa12f4..05df4d2 100644
--- a/vchat-tls.c
+++ b/vchat-tls.c
@@ -475,7 +475,7 @@ static void vc_tls_report_error(int error, char *message) {
  writecf(FS_ERR, tmpstr);
 }
-int vc_mbedtls_connect(int serverfd, vc_x509store_t *vc_store) {
+int vc_mbedtls_connect(const char *servername, int serverfd, vc_x509store_t *vc_store) {
  /* Some aliases for shorter references */
  mbedstate *s = &_mbedtls_state;
  mbedtls_ssl_config *conf = &_mbedtls_state._conf;
@@ -601,7 +601,7 @@ int vc_mbedtls_connect(int serverfd, vc_x509store_t *vc_store) {
        ret, "Can not configure parameters on tls context, mbedtls reports: ");
    return -1;
  }
-  /* TODO: mbedtls_ssl_set_hostname(&ssl, SERVER_NAME) */
+  mbedtls_ssl_set_hostname(ssl, strdup(servername));
  mbedtls_ssl_set_bio(ssl, (void *)(intptr_t)serverfd, static_tcp_send,
                      static_tcp_recv, NULL);
diff --git a/vchat-tls.h b/vchat-tls.h
index 2771173..60856e2 100644
--- a/vchat-tls.h
+++ b/vchat-tls.h
@@ -40,7 +40,7 @@ char *vc_openssl_version();
 #ifdef TLS_LIB_MBEDTLS
 void vc_mbedtls_init_x509store(vc_x509store_t *);
-int vc_mbedtls_connect(int serverfd, vc_x509store_t *);
+int vc_mbedtls_connect(const char* servername, int serverfd, vc_x509store_t *);
 ssize_t vc_mbedtls_sendmessage(const void *buf, size_t size);
 ssize_t vc_mbedtls_receivemessage(void *buf, size_t size);
 void vc_mbedtls_cleanup();
author	Dirk Engling <erdgeist@erdgeist.org>	2026-01-21 23:51:57 +0100
committer	Dirk Engling <erdgeist@erdgeist.org>	2026-01-21 23:51:57 +0100
commit	d7ecb3d0a7bb1f34def28296deafbb407bee4a77 (patch)
tree	7918c1d77b4578acbe10a75b5c8c063d31e616dd
parent	bbf5d1685442431812387c77ed1cfd546824de88 (diff)

diff --git a/vchat-connection.c b/vchat-connection.c index dea69d0..d0abc0d 100644 --- a/vchat-connection.c +++ b/vchat-connection.c
@@ -166,7 +166,7 @@ int vc_connect(const char server, const char port) {
166	#endif	166	#endif
167	#ifdef TLS_LIB_MBEDTLS	167	#ifdef TLS_LIB_MBEDTLS
168	if (_engine == TLS_ENGINE_MBEDTLS)	168	if (_engine == TLS_ENGINE_MBEDTLS)
169	result = vc_mbedtls_connect(serverfd, &vc_store);	169	result = vc_mbedtls_connect(server, serverfd, &vc_store);
170	#endif	170	#endif
171	vc_cleanup_x509store(&vc_store);	171	vc_cleanup_x509store(&vc_store);
172		172


diff --git a/vchat-tls.c b/vchat-tls.c index eaa12f4..05df4d2 100644 --- a/vchat-tls.c +++ b/vchat-tls.c
@@ -475,7 +475,7 @@ static void vc_tls_report_error(int error, char *message) {
475	writecf(FS_ERR, tmpstr);	475	writecf(FS_ERR, tmpstr);
476	}	476	}
477		477
478	int vc_mbedtls_connect(int serverfd, vc_x509store_t *vc_store) {	478	int vc_mbedtls_connect(const char servername, int serverfd, vc_x509store_t vc_store) {
479	/* Some aliases for shorter references */	479	/* Some aliases for shorter references */
480	mbedstate *s = &_mbedtls_state;	480	mbedstate *s = &_mbedtls_state;
481	mbedtls_ssl_config *conf = &_mbedtls_state._conf;	481	mbedtls_ssl_config *conf = &_mbedtls_state._conf;
@@ -601,7 +601,7 @@ int vc_mbedtls_connect(int serverfd, vc_x509store_t *vc_store) {
601	ret, "Can not configure parameters on tls context, mbedtls reports: ");	601	ret, "Can not configure parameters on tls context, mbedtls reports: ");
602	return -1;	602	return -1;
603	}	603	}
604	/* TODO: mbedtls_ssl_set_hostname(&ssl, SERVER_NAME) */	604	mbedtls_ssl_set_hostname(ssl, strdup(servername));
605		605
606	mbedtls_ssl_set_bio(ssl, (void *)(intptr_t)serverfd, static_tcp_send,	606	mbedtls_ssl_set_bio(ssl, (void *)(intptr_t)serverfd, static_tcp_send,
607	static_tcp_recv, NULL);	607	static_tcp_recv, NULL);


diff --git a/vchat-tls.h b/vchat-tls.h index 2771173..60856e2 100644 --- a/vchat-tls.h +++ b/vchat-tls.h
@@ -40,7 +40,7 @@ char *vc_openssl_version();
40		40
41	#ifdef TLS_LIB_MBEDTLS	41	#ifdef TLS_LIB_MBEDTLS
42	void vc_mbedtls_init_x509store(vc_x509store_t *);	42	void vc_mbedtls_init_x509store(vc_x509store_t *);
43	int vc_mbedtls_connect(int serverfd, vc_x509store_t *);	43	int vc_mbedtls_connect(const char* servername, int serverfd, vc_x509store_t *);
44	ssize_t vc_mbedtls_sendmessage(const void *buf, size_t size);	44	ssize_t vc_mbedtls_sendmessage(const void *buf, size_t size);
45	ssize_t vc_mbedtls_receivemessage(void *buf, size_t size);	45	ssize_t vc_mbedtls_receivemessage(void *buf, size_t size);
46	void vc_mbedtls_cleanup();	46	void vc_mbedtls_cleanup();