mbedtls: Set hostname for TURN connections

 - New API tlsSessionStartWithHostname can receive optional hostname and set the same
 - It is recommened to set the hostname and is on by default for mbedtls v3.6.3 and above
 - Since we receive ICE server credentials via secure API and anyway are use DTLS as WebRTC standard,
 we could skip this, but let's follow the recommendation as precaution

Author: vikramdattu

src/source/Crypto/Tls.h

@@ -119,6 +119,9 @@ INT32 tlsSessionCertificateVerifyCallback(INT32, X509_STORE_CTX*);
 //       a callback signature.
 INT32 tlsSessionSendCallback(PVOID, const unsigned char*, ULONG);
 INT32 tlsSessionReceiveCallback(PVOID, unsigned char*, ULONG);
+
+// Add hostname parameter for mbedTLS 3.x compatibility
+STATUS tlsSessionStartWithHostname(PTlsSession, BOOL, PCHAR);
 #else
 #error "A Crypto implementation is required."
 #endif

src/source/Crypto/Tls_mbedtls.c

@@ -100,7 +100,7 @@ INT32 tlsSessionReceiveCallback(PVOID customData, unsigned char* buf, ULONG len)
     return STATUS_FAILED(retStatus) ? -retStatus : readBytes;
 }
 
-STATUS tlsSessionStart(PTlsSession pTlsSession, BOOL isServer)
+STATUS tlsSessionStartWithHostname(PTlsSession pTlsSession, BOOL isServer, PCHAR hostname)
 {
     ENTERS();
     STATUS retStatus = STATUS_SUCCESS;
@@ -114,9 +114,25 @@ STATUS tlsSessionStart(PTlsSession pTlsSession, BOOL isServer)
         STATUS_CREATE_SSL_FAILED);
 
     mbedtls_ssl_conf_ca_chain(&pTlsSession->sslCtxConfig, &pTlsSession->cacert, NULL);
-    mbedtls_ssl_conf_authmode(&pTlsSession->sslCtxConfig, MBEDTLS_SSL_VERIFY_REQUIRED);
+
+    // For mbedTLS 3.x, use appropriate verification mode
+    if (hostname != NULL) {
+        // If a hostname is provided, use strict verification
+        mbedtls_ssl_conf_authmode(&pTlsSession->sslCtxConfig, MBEDTLS_SSL_VERIFY_REQUIRED);
+    } else {
+        // Otherwise, use optional verification for IP-based connections
+        mbedtls_ssl_conf_authmode(&pTlsSession->sslCtxConfig, MBEDTLS_SSL_VERIFY_OPTIONAL);
+    }
+
     mbedtls_ssl_conf_rng(&pTlsSession->sslCtxConfig, mbedtls_ctr_drbg_random, &pTlsSession->ctrDrbg);
     CHK(mbedtls_ssl_setup(&pTlsSession->sslCtx, &pTlsSession->sslCtxConfig) == 0, STATUS_SSL_CTX_CREATION_FAILED);
+
+    // Set the hostname for certificate verification (for mbedTLS 3.x compatibility)
+    if (!isServer && hostname != NULL) {
+        // Use the provided hostname for certificate verification
+        CHK(mbedtls_ssl_set_hostname(&pTlsSession->sslCtx, hostname) == 0, STATUS_SSL_CTX_CREATION_FAILED);
+    }
+
     mbedtls_ssl_set_mtu(&pTlsSession->sslCtx, DEFAULT_MTU_SIZE_BYTES);
     mbedtls_ssl_set_bio(&pTlsSession->sslCtx, pTlsSession, tlsSessionSendCallback, tlsSessionReceiveCallback, NULL);
 
@@ -134,6 +150,11 @@ STATUS tlsSessionStart(PTlsSession pTlsSession, BOOL isServer)
     return retStatus;
 }
 
+STATUS tlsSessionStart(PTlsSession pTlsSession, BOOL isServer)
+{
+    return tlsSessionStartWithHostname(pTlsSession, isServer, NULL);
+}
+
 STATUS tlsSessionProcessPacket(PTlsSession pTlsSession, PBYTE pData, UINT32 bufferLen, PUINT32 pDataLen)
 {
     ENTERS();

src/source/Ice/SocketConnection.c

@@ -30,6 +30,7 @@ STATUS createSocketConnection(KVS_IP_FAMILY_TYPE familyType, KVS_SOCKET_PROTOCOL
 
     pSocketConnection->secureConnection = FALSE;
     pSocketConnection->protocol = protocol;
+    pSocketConnection->hostname = NULL;
     if (protocol == KVS_SOCKET_PROTOCOL_TCP) {
         pSocketConnection->peerIpAddr = *pPeerIpAddr;
         CHK_STATUS(socketConnect(pPeerIpAddr, pSocketConnection->localSocket));
@@ -105,6 +106,10 @@ STATUS freeSocketConnection(PSocketConnection* ppSocketConnection)
         freeTlsSession(&pSocketConnection->pTlsSession);
     }
 
+    if (pSocketConnection->hostname != NULL) {
+        MEMFREE(pSocketConnection->hostname);
+    }
+
     getIpAddrStr(&pSocketConnection->hostIpAddr, ipAddr, ARRAY_SIZE(ipAddr));
     DLOGD("close socket with ip: %s:%u. family:%d", ipAddr, (UINT16) getInt16(pSocketConnection->hostIpAddr.port),
           pSocketConnection->hostIpAddr.family);
@@ -186,7 +191,14 @@ STATUS socketConnectionInitSecureConnection(PSocketConnection pSocketConnection,
     callbacks.stateChangeFn = socketConnectionTlsSessionOnStateChange;
 
     CHK_STATUS(createTlsSession(&callbacks, &pSocketConnection->pTlsSession));
+
+#if KVS_USE_MBEDTLS
+    // Setting the hostname is recommended by mbedTLS and is default in mbedTLS 3.0 and above
+    // https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-1/
+    CHK_STATUS(tlsSessionStartWithHostname(pSocketConnection->pTlsSession, isServer, pSocketConnection->hostname));
+#else
     CHK_STATUS(tlsSessionStart(pSocketConnection->pTlsSession, isServer));
+#endif
     pSocketConnection->secureConnection = TRUE;
 
 CleanUp:

src/source/Ice/SocketConnection.h

@@ -44,6 +44,9 @@ struct __SocketConnection {
     ConnectionDataAvailableFunc dataAvailableCallbackFn;
     UINT64 dataAvailableCallbackCustomData;
     UINT64 tlsHandshakeStartTime;
+
+    /* Hostname for TLS verification */
+    PCHAR hostname;
 };
 typedef struct __SocketConnection* PSocketConnection;
 

src/source/Ice/TurnConnection.c

@@ -7,6 +7,38 @@
 extern StateMachineState TURN_CONNECTION_STATE_MACHINE_STATES[];
 extern UINT32 TURN_CONNECTION_STATE_MACHINE_STATE_COUNT;
 
+static STATUS getHostnameFromUrl(PCHAR url, PCHAR* ppHostname)
+{
+    ENTERS();
+    STATUS retStatus = STATUS_SUCCESS;
+    PCHAR urlStart = NULL;
+    PCHAR urlEnd = NULL;
+    UINT32 hostnameLen = 0;
+
+    CHK(url != NULL && ppHostname != NULL, STATUS_NULL_ARG);
+
+    // Skip protocol prefix (turn: or turns:)
+    urlStart = STRSTR(url, "://");
+    if (urlStart != NULL) {
+        urlStart += 3; // Skip "://"
+        urlEnd = STRCHR(urlStart, ':');
+        if (urlEnd != NULL) {
+            hostnameLen = urlEnd - urlStart;
+        } else {
+            // If no port is specified, use the entire string after "://"
+            hostnameLen = STRLEN(urlStart);
+        }
+
+        *ppHostname = MEMCALLOC(1, hostnameLen + 1);
+        CHK(*ppHostname != NULL, STATUS_NOT_ENOUGH_MEMORY);
+        STRNCPY(*ppHostname, urlStart, hostnameLen);
+    }
+
+CleanUp:
+    LEAVES();
+    return retStatus;
+}
+
 STATUS createTurnConnection(PIceServer pTurnServer, TIMER_QUEUE_HANDLE timerQueueHandle, TURN_CONNECTION_DATA_TRANSFER_MODE dataTransferMode,
                             KVS_SOCKET_PROTOCOL protocol, PTurnConnectionCallbacks pTurnConnectionCallbacks, PSocketConnection pTurnSocket,
                             PConnectionListener pConnectionListener, PTurnConnection* ppTurnConnection)
@@ -23,6 +55,13 @@ STATUS createTurnConnection(PIceServer pTurnServer, TIMER_QUEUE_HANDLE timerQueu
             !IS_EMPTY_STRING(pTurnServer->username),
         STATUS_INVALID_ARG);
 
+    // Set the TURN server hostname in the socket connection for TLS hostname verification
+    if (pTurnServer->url != NULL) {
+        PCHAR hostname = NULL;
+        CHK_STATUS(getHostnameFromUrl(pTurnServer->url, &hostname));
+        pTurnSocket->hostname = hostname;
+    }
+
     pTurnConnection = (PTurnConnection) MEMCALLOC(
         1, SIZEOF(TurnConnection) + DEFAULT_TURN_MESSAGE_RECV_CHANNEL_DATA_BUFFER_LEN * 2 + DEFAULT_TURN_MESSAGE_SEND_CHANNEL_DATA_BUFFER_LEN);
     CHK(pTurnConnection != NULL, STATUS_NOT_ENOUGH_MEMORY);
@@ -70,8 +109,13 @@ STATUS createTurnConnection(PIceServer pTurnServer, TIMER_QUEUE_HANDLE timerQueu
 
     CHK_LOG_ERR(retStatus);
 
-    if (STATUS_FAILED(retStatus) && pTurnConnection != NULL) {
-        freeTurnConnection(&pTurnConnection);
+    if (STATUS_FAILED(retStatus)) {
+        if (pTurnConnection != NULL) {
+            freeTurnConnection(&pTurnConnection);
+        }
+        if (pTurnSocket != NULL) {
+            SAFE_MEMFREE(pTurnSocket->hostname);
+        }
     }
 
     if (ppTurnConnection != NULL) {