|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@deftypefun {int} {gnutls_rehandshake} (gnutls_session_t @var{session})
|
|
Packit Service |
4684c1 |
@var{session}: is a @code{gnutls_session_t} type.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
This function can only be called in server side, and
|
|
Packit Service |
4684c1 |
instructs a TLS 1.2 or earlier client to renegotiate
|
|
Packit Service |
4684c1 |
parameters (perform a handshake), by sending a
|
|
Packit Service |
4684c1 |
hello request message.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
If this function succeeds, the calling application
|
|
Packit Service |
4684c1 |
should call @code{gnutls_record_recv()} until @code{GNUTLS_E_REHANDSHAKE}
|
|
Packit Service |
4684c1 |
is returned to clear any pending data. If the @code{GNUTLS_E_REHANDSHAKE}
|
|
Packit Service |
4684c1 |
error code is not seen, then the handshake request was
|
|
Packit Service |
4684c1 |
not followed by the peer (the TLS protocol does not require
|
|
Packit Service |
4684c1 |
the client to do, and such compliance should be handled
|
|
Packit Service |
4684c1 |
by the application protocol).
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
Once the @code{GNUTLS_E_REHANDSHAKE} error code is seen, the
|
|
Packit Service |
4684c1 |
calling application should proceed to calling
|
|
Packit Service |
4684c1 |
@code{gnutls_handshake()} to negotiate the new
|
|
Packit Service |
4684c1 |
parameters.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
If the client does not wish to renegotiate parameters he
|
|
Packit Service |
4684c1 |
may reply with an alert message, and in that case the return code seen
|
|
Packit Service |
4684c1 |
by subsequent @code{gnutls_record_recv()} will be
|
|
Packit Service |
4684c1 |
@code{GNUTLS_E_WARNING_ALERT_RECEIVED} with the specific alert being
|
|
Packit Service |
4684c1 |
@code{GNUTLS_A_NO_RENEGOTIATION} . A client may also choose to ignore
|
|
Packit Service |
4684c1 |
this request.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
Under TLS 1.3 this function is equivalent to @code{gnutls_session_key_update()}
|
|
Packit Service |
4684c1 |
with the @code{GNUTLS_KU_PEER} flag. In that case subsequent calls to
|
|
Packit Service |
4684c1 |
@code{gnutls_record_recv()} will not return @code{GNUTLS_E_REHANDSHAKE} , and
|
|
Packit Service |
4684c1 |
calls to @code{gnutls_handshake()} in server side are a no-op.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
This function always fails with @code{GNUTLS_E_INVALID_REQUEST} when
|
|
Packit Service |
4684c1 |
called in client side.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@strong{Returns:} @code{GNUTLS_E_SUCCESS} on success, otherwise a negative error code.
|
|
Packit Service |
4684c1 |
@end deftypefun
|