Add the SSL_stateless() function

This enables sending and receiving of the TLSv1.3 cookie on the server side as appropriate. Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4435)
author: Matt Caswell <matt@openssl.org> 2017-09-13 13:48:48 +0100
committer: Matt Caswell <matt@openssl.org> 2018-01-24 18:02:36 +0000
commit: 042c57539bfe7bbd642cdf6410c56327e91ad908 (patch)
tree: eb558bae6aeccc4cf8a2d9e595c0a64bafc57a6d /ssl/ssl_lib.c
parent: 10ee72461254643bd152a7f3f6112edb6f517d4b (diff)
download: openssl-new-042c57539bfe7bbd642cdf6410c56327e91ad908.tar.gz
1 files changed, 17 insertions, 0 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 1457fc68f6..b0d016a03d 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -5295,3 +5295,20 @@ __owur unsigned int ssl_get_split_send_fragment(const SSL *ssl)
     /* return current SSL connection setting */
     return ssl->split_send_fragment;
 }
+
+int SSL_stateless(SSL *s)
+{
+    int ret;
+
+    /* Ensure there is no state left over from a previous invocation */
+    if (!SSL_clear(s))
+        return -1;
+
+    ERR_clear_error();
+
+    s->s3->flags |= TLS1_FLAGS_STATELESS;
+    ret = SSL_accept(s);
+    s->s3->flags &= ~TLS1_FLAGS_STATELESS;
+
+    return ret;
+}
author	Matt Caswell <matt@openssl.org>	2017-09-13 13:48:48 +0100
committer	Matt Caswell <matt@openssl.org>	2018-01-24 18:02:36 +0000
commit	042c57539bfe7bbd642cdf6410c56327e91ad908 (patch)
tree	eb558bae6aeccc4cf8a2d9e595c0a64bafc57a6d /ssl/ssl_lib.c
parent	10ee72461254643bd152a7f3f6112edb6f517d4b (diff)
download	openssl-new-042c57539bfe7bbd642cdf6410c56327e91ad908.tar.gz