1 files changed, 3 insertions, 3 deletions
diff --git a/vchat-tls.c b/vchat-tls.c
index eaa12f4..e230487 100644
--- a/vchat-tls.c
+++ b/vchat-tls.c
@@ -475,7 +475,7 @@ static void vc_tls_report_error(int error, char *message) {
  writecf(FS_ERR, tmpstr);
 }
-int vc_mbedtls_connect(int serverfd, vc_x509store_t *vc_store) {
+int vc_mbedtls_connect(const char *servername, int serverfd, vc_x509store_t *vc_store) {
  /* Some aliases for shorter references */
  mbedstate *s = &_mbedtls_state;
  mbedtls_ssl_config *conf = &_mbedtls_state._conf;
@@ -510,7 +510,7 @@ int vc_mbedtls_connect(int serverfd, vc_x509store_t *vc_store) {
  char *ciphers = getstroption(CF_CIPHERSUITE);
  if (!ciphers)
-    ciphers = "ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA";
+    ciphers = "TLS1-3-AES-256-GCM-SHA384:TLS1-3-AES-128-GCM-SHA256:TLS1-3-AES-128-CCM-SHA256:TLS1-3-AES-128-CCM-8-SHA256:TLS1-3-CHACHA20-POLY1305-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA";
  ciphers = strdup(ciphers);
  for (token = strtok(ciphers, ":"); token && suitecount < MAX_SUITES - 1;
       token = strtok(NULL, ":")) {
@@ -601,7 +601,7 @@ int vc_mbedtls_connect(int serverfd, vc_x509store_t *vc_store) {
        ret, "Can not configure parameters on tls context, mbedtls reports: ");
    return -1;
  }
-  /* TODO: mbedtls_ssl_set_hostname(&ssl, SERVER_NAME) */
+  mbedtls_ssl_set_hostname(ssl, strdup(servername));
  mbedtls_ssl_set_bio(ssl, (void *)(intptr_t)serverfd, static_tcp_send,
                      static_tcp_recv, NULL);

diff --git a/vchat-tls.c b/vchat-tls.c index eaa12f4..e230487 100644 --- a/vchat-tls.c +++ b/vchat-tls.c
@@ -475,7 +475,7 @@ static void vc_tls_report_error(int error, char *message) {
475	writecf(FS_ERR, tmpstr);	475	writecf(FS_ERR, tmpstr);
476	}	476	}
477		477
478	int vc_mbedtls_connect(int serverfd, vc_x509store_t *vc_store) {	478	int vc_mbedtls_connect(const char servername, int serverfd, vc_x509store_t vc_store) {
479	/* Some aliases for shorter references */	479	/* Some aliases for shorter references */
480	mbedstate *s = &_mbedtls_state;	480	mbedstate *s = &_mbedtls_state;
481	mbedtls_ssl_config *conf = &_mbedtls_state._conf;	481	mbedtls_ssl_config *conf = &_mbedtls_state._conf;
@@ -510,7 +510,7 @@ int vc_mbedtls_connect(int serverfd, vc_x509store_t *vc_store) {
510		510
511	char *ciphers = getstroption(CF_CIPHERSUITE);	511	char *ciphers = getstroption(CF_CIPHERSUITE);
512	if (!ciphers)	512	if (!ciphers)
513	ciphers = "ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA";	513	ciphers = "TLS1-3-AES-256-GCM-SHA384:TLS1-3-AES-128-GCM-SHA256:TLS1-3-AES-128-CCM-SHA256:TLS1-3-AES-128-CCM-8-SHA256:TLS1-3-CHACHA20-POLY1305-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA";
514	ciphers = strdup(ciphers);	514	ciphers = strdup(ciphers);
515	for (token = strtok(ciphers, ":"); token && suitecount < MAX_SUITES - 1;	515	for (token = strtok(ciphers, ":"); token && suitecount < MAX_SUITES - 1;
516	token = strtok(NULL, ":")) {	516	token = strtok(NULL, ":")) {
@@ -601,7 +601,7 @@ int vc_mbedtls_connect(int serverfd, vc_x509store_t *vc_store) {
601	ret, "Can not configure parameters on tls context, mbedtls reports: ");	601	ret, "Can not configure parameters on tls context, mbedtls reports: ");
602	return -1;	602	return -1;
603	}	603	}
604	/* TODO: mbedtls_ssl_set_hostname(&ssl, SERVER_NAME) */	604	mbedtls_ssl_set_hostname(ssl, strdup(servername));
605		605
606	mbedtls_ssl_set_bio(ssl, (void *)(intptr_t)serverfd, static_tcp_send,	606	mbedtls_ssl_set_bio(ssl, (void *)(intptr_t)serverfd, static_tcp_send,
607	static_tcp_recv, NULL);	607	static_tcp_recv, NULL);