Add the SSL_stateless() function

This enables sending and receiving of the TLSv1.3 cookie on the server side
as appropriate.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)

3 files changed, 19 insertions, 0 deletions

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 7aa98dab67..cfb069695b 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1753,6 +1753,7 @@ __owur int SSL_get_changed_async_fds(SSL *s, OSSL_ASYNC_FD *addfd,
                                      size_t *numdelfds);
 # endif
 __owur int SSL_accept(SSL *ssl);
+__owur int SSL_stateless(SSL *s);
 __owur int SSL_connect(SSL *ssl);
 __owur int SSL_read(SSL *ssl, void *buf, int num);
 __owur int SSL_read_ex(SSL *ssl, void *buf, size_t num, size_t *readbytes);
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 1457fc68f6..b0d016a03d 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -5295,3 +5295,20 @@ __owur unsigned int ssl_get_split_send_fragment(const SSL *ssl)
     /* return current SSL connection setting */
     return ssl->split_send_fragment;
 }
+
+int SSL_stateless(SSL *s)
+{
+    int ret;
+
+    /* Ensure there is no state left over from a previous invocation */
+    if (!SSL_clear(s))
+        return -1;
+
+    ERR_clear_error();
+
+    s->s3->flags |= TLS1_FLAGS_STATELESS;
+    ret = SSL_accept(s);
+    s->s3->flags &= ~TLS1_FLAGS_STATELESS;
+
+    return ret;
+}
diff --git a/util/libssl.num b/util/libssl.num
index 243c1fb2cf..abaa5bf548 100644
--- a/util/libssl.num
+++ b/util/libssl.num
@@ -473,3 +473,4 @@ DTLS_set_timer_cb                       473	1_1_1	EXIST::FUNCTION:
 SSL_CTX_set_tlsext_max_fragment_length  474	1_1_1	EXIST::FUNCTION:
 SSL_set_tlsext_max_fragment_length      475	1_1_1	EXIST::FUNCTION:
 SSL_SESSION_get_max_fragment_length     476	1_1_1	EXIST::FUNCTION:
+SSL_stateless                           477	1_1_1	EXIST::FUNCTION: