Add support for sending TLSv1.3 cookies

This just adds the various extension functions. More changes will be required to actually use them. Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4435)
author: Matt Caswell <matt@openssl.org> 2017-09-11 15:43:56 +0100
committer: Matt Caswell <matt@openssl.org> 2018-01-24 18:02:35 +0000
commit: 43054d3d734a8fa8a3d2da20c206a47d4060b7bd (patch)
tree: 8b38e327d08c5a42560ca70eec3df53a82f429f3 /ssl/ssl_lib.c
parent: 14262ca950b8a75014e5495a2b93e1baa62d33a9 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 8094e2fde8..1457fc68f6 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2939,6 +2939,10 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
                        sizeof(ret->ext.tick_aes_key)) <= 0))
         ret->options |= SSL_OP_NO_TICKET;
 
+    if (RAND_bytes(ret->ext.cookie_hmac_key,
+                   sizeof(ret->ext.cookie_hmac_key)) <= 0)
+        goto err;
+
 #ifndef OPENSSL_NO_SRP
     if (!SSL_CTX_SRP_CTX_init(ret))
         goto err;
author	Matt Caswell <matt@openssl.org>	2017-09-11 15:43:56 +0100
committer	Matt Caswell <matt@openssl.org>	2018-01-24 18:02:35 +0000
commit	43054d3d734a8fa8a3d2da20c206a47d4060b7bd (patch)
tree	8b38e327d08c5a42560ca70eec3df53a82f429f3 /ssl/ssl_lib.c
parent	14262ca950b8a75014e5495a2b93e1baa62d33a9 (diff)