git.openssl.org Git - openssl.git/commit

author	Christian Heimes <christian@python.org>
	Thu, 14 Sep 2017 07:28:39 +0000 (09:28 +0200)
committer	Benjamin Kaduk <kaduk@mit.edu>
	Fri, 15 Sep 2017 15:31:54 +0000 (10:31 -0500)
commit	af51a74ade8bbab5ed49a3560dcb70d89896dc29
tree	574a21f32bc7b981049193c50367ed52c337e684	tree \| snapshot
parent	a8b85c5ffee1f5adf7a27fcc5613b752b1a28b63	commit \| diff

Provide getters for min/max proto version

OpenSSL 1.1.0 made SSL_CTX and SSL structs opaque and introduced a new
API to set the minimum and maximum protocol version for SSL_CTX with
TLS_method(). Add getters to introspect the configured versions:

  int SSL_CTX_get_min_proto_version(SSL_CTX *ctx);
  int SSL_CTX_get_max_proto_version(SSL_CTX *ctx);
  int SSL_get_min_proto_version(SSL *ssl);
  int SSL_get_max_proto_version(SSL *ssl);

NOTE: The getters do not resolv the version in case when the minimum or
maxium version are configured as '0' (meaning auto-select lowest and
highst version number).

Signed-off-by: Christian Heimes <christian@python.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(cherry picked from commit 3edabd3ccb7aac89af5a63cfb2378e33a8be05d7)

Updated for new manual page location and TLS 1.3.

(Merged from https://github.com/openssl/openssl/pull/4376)

doc/ssl/SSL_CTX_set_min_proto_version.pod		diff \| blob \| history
include/openssl/ssl.h		diff \| blob \| history
ssl/ssl_lib.c		diff \| blob \| history