diff options
author | Matt Caswell <matt@openssl.org> | 2017-09-13 13:48:48 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-01-24 18:02:36 +0000 |
commit | 042c57539bfe7bbd642cdf6410c56327e91ad908 (patch) | |
tree | eb558bae6aeccc4cf8a2d9e595c0a64bafc57a6d /ssl/ssl_lib.c | |
parent | 10ee72461254643bd152a7f3f6112edb6f517d4b (diff) | |
download | openssl-new-042c57539bfe7bbd642cdf6410c56327e91ad908.tar.gz |
Add the SSL_stateless() function
This enables sending and receiving of the TLSv1.3 cookie on the server side
as appropriate.
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)
Diffstat (limited to 'ssl/ssl_lib.c')
-rw-r--r-- | ssl/ssl_lib.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 1457fc68f6..b0d016a03d 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -5295,3 +5295,20 @@ __owur unsigned int ssl_get_split_send_fragment(const SSL *ssl) /* return current SSL connection setting */ return ssl->split_send_fragment; } + +int SSL_stateless(SSL *s) +{ + int ret; + + /* Ensure there is no state left over from a previous invocation */ + if (!SSL_clear(s)) + return -1; + + ERR_clear_error(); + + s->s3->flags |= TLS1_FLAGS_STATELESS; + ret = SSL_accept(s); + s->s3->flags &= ~TLS1_FLAGS_STATELESS; + + return ret; +} |