git.openssl.org Git - openssl.git/commit

author	Benjamin Kaduk <bkaduk@akamai.com>
	Tue, 1 Aug 2017 20:28:14 +0000 (15:28 -0500)
committer	Benjamin Kaduk <kaduk@mit.edu>
	Tue, 15 Aug 2017 15:52:21 +0000 (10:52 -0500)
commit	0aed6e449da5f06a23fd191bb86bfdd71bde6f9c
tree	e31f4434d478de9232454cefc7ccf769ebdb8c16	tree \| snapshot
parent	5626f634c31cfde48ccbbee243be29e0eb77171e	commit \| diff

Add SSL_get_pending_cipher()

The existing function SSL_get_current_cipher() queries the
current session for the ciphersuite in use, but there is no way
for application code to determine what ciphersuite has been
negotiated and will be used in the future, prior to ChangeCipherState
(or the TLS 1.3 equivalent) causing the new cipher to take effect and
become visible in the session information. Expose this information
to appropriate application callbacks to use during the handshake.

The name SSL_get_pending_cipher() was chosen for compatibility with
BoringSSL's routine of that name.

Improve the note on macro implementations in SSL_get_current_cipher.pod
while here.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4070)

doc/man3/SSL_get_current_cipher.pod		diff \| blob \| history
include/openssl/ssl.h		diff \| blob \| history
ssl/ssl_lib.c		diff \| blob \| history
util/libssl.num		diff \| blob \| history