ssl_session_reset: preserve HOSTNAME_SET flag When we don't reset `ssl->hostname`, we must not reset the `MBEDTLS_SSL_CONTEXT_FLAG_HOSTNAME_SET` flag either. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

commit: fd89acc7357c53b432141bb2d341ca104f77bc85 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Mon Feb 24 18:45:49 2025 +0100
committer: Gilles Peskine <Gilles.Peskine@arm.com> Mon Feb 24 18:48:49 2025 +0100
tree: 2d19a318f41284e579acc0d16e8cea6ae0131ede
parent: eb2d29eb6bdce5b90e31ce2a8a4eb1826ee5d8b7 [diff] [blame]
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 2d54172..fd01aac 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h

@@ -57,6 +57,16 @@
     MBEDTLS_SSL_CONTEXT_FLAG_HOSTNAME_SET = 1,
 } mbedtls_ssl_context_flags_t;
 
+/** Flags from ::mbedtls_ssl_context_flags_t to keep in
+ * mbedtls_ssl_session_reset().
+ *
+ * The flags that are in this list are kept until explicitly updated or
+ * until mbedtls_ssl_free(). The flags that are not listed here are
+ * reset to 0 in mbedtls_ssl_session_reset().
+ */
+#define MBEDTLS_SSL_CONTEXT_FLAGS_KEEP_AT_SESSION       \
+    (MBEDTLS_SSL_CONTEXT_FLAG_HOSTNAME_SET)
+
 #define MBEDTLS_SSL_INITIAL_HANDSHAKE           0
 #define MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS   1   /* In progress */
 #define MBEDTLS_SSL_RENEGOTIATION_DONE          2   /* Done or aborted */
commit	fd89acc7357c53b432141bb2d341ca104f77bc85	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Mon Feb 24 18:45:49 2025 +0100
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Mon Feb 24 18:48:49 2025 +0100
tree	2d19a318f41284e579acc0d16e8cea6ae0131ede
parent	eb2d29eb6bdce5b90e31ce2a8a4eb1826ee5d8b7 [diff] [blame]