diff options
author | Benjamin Kaduk <bkaduk@akamai.com> | 2017-08-01 22:28:14 +0200 |
---|---|---|
committer | Benjamin Kaduk <kaduk@mit.edu> | 2017-08-15 17:52:21 +0200 |
commit | 0aed6e449da5f06a23fd191bb86bfdd71bde6f9c (patch) | |
tree | e31f4434d478de9232454cefc7ccf769ebdb8c16 /util/libssl.num | |
parent | Move ALPN handling from finalizer to delayed call (diff) | |
download | openssl-0aed6e449da5f06a23fd191bb86bfdd71bde6f9c.tar.xz openssl-0aed6e449da5f06a23fd191bb86bfdd71bde6f9c.zip |
Add SSL_get_pending_cipher()
The existing function SSL_get_current_cipher() queries the
current session for the ciphersuite in use, but there is no way
for application code to determine what ciphersuite has been
negotiated and will be used in the future, prior to ChangeCipherState
(or the TLS 1.3 equivalent) causing the new cipher to take effect and
become visible in the session information. Expose this information
to appropriate application callbacks to use during the handshake.
The name SSL_get_pending_cipher() was chosen for compatibility with
BoringSSL's routine of that name.
Improve the note on macro implementations in SSL_get_current_cipher.pod
while here.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4070)
Diffstat (limited to 'util/libssl.num')
-rw-r--r-- | util/libssl.num | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/util/libssl.num b/util/libssl.num index 78fb65a685..7d4c01e80f 100644 --- a/util/libssl.num +++ b/util/libssl.num @@ -463,3 +463,4 @@ OPENSSL_cipher_name 463 1_1_1 EXIST::FUNCTION: SSL_alloc_buffers 464 1_1_1 EXIST::FUNCTION: SSL_free_buffers 465 1_1_1 EXIST::FUNCTION: SSL_SESSION_dup 466 1_1_1 EXIST::FUNCTION: +SSL_get_pending_cipher 467 1_1_1 EXIST::FUNCTION: |