Keep track of whether mbedtls_ssl_set_hostname() has been called Use a special marker as ssl->hostname if mbedtls_ssl_set_hostname() has been called with NULL. If mbedtls_ssl_set_hostname() has never been called, the field is NULL, as before. No behavior change apart from now emitting a different log message depending on whether mbedtls_ssl_set_hostname() has been called with NULL or not at all. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

commit: 6b8859467c2c1142c31a8d0add0b5b6cdd49c4e1 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Wed Feb 12 23:53:25 2025 +0100
committer: Gilles Peskine <Gilles.Peskine@arm.com> Thu Feb 13 21:24:01 2025 +0100
tree: 6c3ce9d0989e372810dbbae7720c938aa0e6187b
parent: ce00ac4a29b8a096c2e9158e571ee4c4c1273f32 [diff] [blame]
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index a7bfd7b..566ec0e 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h

@@ -1892,6 +1892,10 @@
      * If this is \p NULL, the peer name verification is skipped,
      * the server_name extension is not sent, and the server name is ignored
      * in TLS 1.3 session resumption using tickets.
+     *
+     * This can be a special value to indicate that mbedtls_ssl_set_hostname()
+     * has been called with \p NULL, as opposed to never having been called.
+     * See `mbedtls_ssl_get_hostname_pointer()` in `ssl_tls.c`.
      */
     char *MBEDTLS_PRIVATE(hostname);
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
commit	6b8859467c2c1142c31a8d0add0b5b6cdd49c4e1	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Wed Feb 12 23:53:25 2025 +0100
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Thu Feb 13 21:24:01 2025 +0100
tree	6c3ce9d0989e372810dbbae7720c938aa0e6187b
parent	ce00ac4a29b8a096c2e9158e571ee4c4c1273f32 [diff] [blame]