@deftypefun {int} {gnutls_rehandshake} (gnutls_session_t @var{session})

@var{session}: is a @code{gnutls_session_t}  type.

This function can only be called in server side, and

instructs a TLS 1.2 or earlier client to renegotiate

parameters (perform a handshake), by sending a

hello request message.

If this function succeeds, the calling application

should call @code{gnutls_record_recv()}  until @code{GNUTLS_E_REHANDSHAKE} 

is returned to clear any pending data. If the @code{GNUTLS_E_REHANDSHAKE} 

error code is not seen, then the handshake request was

not followed by the peer (the TLS protocol does not require

the client to do, and such compliance should be handled

by the application protocol).

Once the @code{GNUTLS_E_REHANDSHAKE}  error code is seen, the

calling application should proceed to calling

@code{gnutls_handshake()}  to negotiate the new

parameters.

If the client does not wish to renegotiate parameters he

may reply with an alert message, and in that case the return code seen

by subsequent @code{gnutls_record_recv()}  will be

@code{GNUTLS_E_WARNING_ALERT_RECEIVED}  with the specific alert being

@code{GNUTLS_A_NO_RENEGOTIATION} .  A client may also choose to ignore

this request.

Under TLS 1.3 this function is equivalent to @code{gnutls_session_key_update()} 

with the @code{GNUTLS_KU_PEER}  flag. In that case subsequent calls to

@code{gnutls_record_recv()}  will not return @code{GNUTLS_E_REHANDSHAKE} , and

calls to @code{gnutls_handshake()}  in server side are a no-op.

This function always fails with @code{GNUTLS_E_INVALID_REQUEST}  when

called in client side.

@strong{Returns:} @code{GNUTLS_E_SUCCESS}  on success, otherwise a negative error code.

@end deftypefun