Commit 042c5753 authored by Matt Caswell's avatar Matt Caswell
Browse files

Add the SSL_stateless() function 



This enables sending and receiving of the TLSv1.3 cookie on the server side
as appropriate.

Reviewed-by: default avatarBen Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)
parent 10ee7246

include/openssl/ssl.h

+1 −0
Original line number Diff line number Diff line
@@ -1753,6 +1753,7 @@ __owur int SSL_get_changed_async_fds(SSL *s, OSSL_ASYNC_FD *addfd, 
                                     size_t *numdelfds);

# endif

__owur int SSL_accept(SSL *ssl);

__owur int SSL_stateless(SSL *s);

__owur int SSL_connect(SSL *ssl);

__owur int SSL_read(SSL *ssl, void *buf, int num);

__owur int SSL_read_ex(SSL *ssl, void *buf, size_t num, size_t *readbytes);

ssl/ssl_lib.c

+17 −0
Original line number Diff line number Diff line
@@ -5295,3 +5295,20 @@ __owur unsigned int ssl_get_split_send_fragment(const SSL *ssl) 
    /* return current SSL connection setting */

    return ssl->split_send_fragment;

}



int SSL_stateless(SSL *s)

{

    int ret;



    /* Ensure there is no state left over from a previous invocation */

    if (!SSL_clear(s))

        return -1;



    ERR_clear_error();



    s->s3->flags |= TLS1_FLAGS_STATELESS;

    ret = SSL_accept(s);

    s->s3->flags &= ~TLS1_FLAGS_STATELESS;



    return ret;

}

util/libssl.num

+1 −0
Original line number Diff line number Diff line
@@ -473,3 +473,4 @@ DTLS_set_timer_cb 473 1_1_1 EXIST::FUNCTION: 
SSL_CTX_set_tlsext_max_fragment_length  474	1_1_1	EXIST::FUNCTION:

SSL_set_tlsext_max_fragment_length      475	1_1_1	EXIST::FUNCTION:

SSL_SESSION_get_max_fragment_length     476	1_1_1	EXIST::FUNCTION:

SSL_stateless                           477	1_1_1	EXIST::FUNCTION: