Fix the SSL_stateless() return code

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 1daa348f9ca341ecfa0fd7041865af882afde0d6..f68031e57167d8dc295ac9b7dfdbbb611d5a923c 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -5303,7 +5303,7 @@ int SSL_stateless(SSL *s)
 
     /* Ensure there is no state left over from a previous invocation */
     if (!SSL_clear(s))
-        return -1;
+        return 0;
 
     ERR_clear_error();
 
@@ -5311,8 +5311,8 @@ int SSL_stateless(SSL *s)
     ret = SSL_accept(s);
     s->s3->flags &= ~TLS1_FLAGS_STATELESS;
 
-    if (s->ext.cookieok)
+    if (ret > 0 && s->ext.cookieok)
         return 1;
 
-    return ret;
+    return 0;
 }