Make function mbedtls_ssl_set_hostname(...) as optional
Now function mbedtls_ssl_set_hostname is compile-time configurable
in config.h with define MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION.
This affects to many x509 API's. See config.h for details.
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index b6a3b60..7efb411 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1386,10 +1386,10 @@
/*
* User settings
*/
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
char *hostname; /*!< expected peer CN for verification
(and SNI if available) */
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
#if defined(MBEDTLS_SSL_ALPN)
const char *alpn_chosen; /*!< negotiated protocol */
@@ -2921,7 +2921,7 @@
const int *hashes );
#endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
/**
* \brief Set or reset the hostname to check against the received
* server certificate. It sets the ServerName TLS extension,
@@ -2941,7 +2941,7 @@
* On too long input failure, old hostname is unchanged.
*/
int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
/**