Keep track of whether mbedtls_ssl_set_hostname() has been called

No behavior change apart from now emitting a different log message depending
on whether mbedtls_ssl_set_hostname() has been called with NULL or not at all.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 9f91861..2d54172 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -51,6 +51,12 @@
 #define MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED
 #endif
 
+/** Flag values for mbedtls_ssl_context::flags. */
+typedef enum {
+    /** Set if mbedtls_ssl_set_hostname() has been called. */
+    MBEDTLS_SSL_CONTEXT_FLAG_HOSTNAME_SET = 1,
+} mbedtls_ssl_context_flags_t;
+
 #define MBEDTLS_SSL_INITIAL_HANDSHAKE           0
 #define MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS   1   /* In progress */
 #define MBEDTLS_SSL_RENEGOTIATION_DONE          2   /* Done or aborted */
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index dd1beb9..998cac2 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2529,12 +2529,7 @@
 static int mbedtls_ssl_has_set_hostname_been_called(
     const mbedtls_ssl_context *ssl)
 {
-    /* We can't tell the difference between the case where
-     * mbedtls_ssl_set_hostname() has not been called at all, and
-     * the case where it was last called with NULL. For the time
-     * being, we assume the latter, i.e. we behave as if there had
-     * been an implicit call to mbedtls_ssl_set_hostname(ssl, NULL). */
-    return ssl->hostname != NULL;
+    return (ssl->flags & MBEDTLS_SSL_CONTEXT_FLAG_HOSTNAME_SET) != 0;
 }
 #endif
 
@@ -2580,6 +2575,8 @@
         ssl->hostname[hostname_len] = '\0';
     }
 
+    ssl->flags |= MBEDTLS_SSL_CONTEXT_FLAG_HOSTNAME_SET;
+
     return 0;
 }
 #endif /* MBEDTLS_X509_CRT_PARSE_C */