diff options
author | Matt Caswell <matt@openssl.org> | 2017-09-11 15:43:56 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-01-24 18:02:35 +0000 |
commit | 43054d3d734a8fa8a3d2da20c206a47d4060b7bd (patch) | |
tree | 8b38e327d08c5a42560ca70eec3df53a82f429f3 /ssl/ssl_lib.c | |
parent | 14262ca950b8a75014e5495a2b93e1baa62d33a9 (diff) |
Add support for sending TLSv1.3 cookies
This just adds the various extension functions. More changes will be
required to actually use them.
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)
Diffstat (limited to 'ssl/ssl_lib.c')
-rw-r--r-- | ssl/ssl_lib.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 8094e2fde8..1457fc68f6 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -2939,6 +2939,10 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth) sizeof(ret->ext.tick_aes_key)) <= 0)) ret->options |= SSL_OP_NO_TICKET; + if (RAND_bytes(ret->ext.cookie_hmac_key, + sizeof(ret->ext.cookie_hmac_key)) <= 0) + goto err; + #ifndef OPENSSL_NO_SRP if (!SSL_CTX_SRP_CTX_init(ret)) goto err; |