From 88f19d86d9fb2d50b5a80b6cad0a6b38dfc2bf12 Mon Sep 17 00:00:00 2001 From: raja-ashok Date: Mon, 8 Jul 2019 18:13:24 +0530 Subject: [PATCH] Update man page for new API SSL_get_negotiated_group() Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9323) --- doc/man3/SSL_CTX_set1_curves.pod | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/doc/man3/SSL_CTX_set1_curves.pod b/doc/man3/SSL_CTX_set1_curves.pod index bb58a4dbf0..13b1c0e44a 100644 --- a/doc/man3/SSL_CTX_set1_curves.pod +++ b/doc/man3/SSL_CTX_set1_curves.pod @@ -4,8 +4,8 @@ SSL_CTX_set1_groups, SSL_CTX_set1_groups_list, SSL_set1_groups, SSL_set1_groups_list, SSL_get1_groups, SSL_get_shared_group, -SSL_CTX_set1_curves, SSL_CTX_set1_curves_list, SSL_set1_curves, -SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve +SSL_get_negotiated_group, SSL_CTX_set1_curves, SSL_CTX_set1_curves_list, +SSL_set1_curves, SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve - EC supported curve functions =head1 SYNOPSIS @@ -20,6 +20,7 @@ SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve int SSL_get1_groups(SSL *ssl, int *groups); int SSL_get_shared_group(SSL *s, int n); + int SSL_get_negotiated_group(SSL *s); int SSL_CTX_set1_curves(SSL_CTX *ctx, int *clist, int clistlen); int SSL_CTX_set1_curves_list(SSL_CTX *ctx, char *list); @@ -68,6 +69,9 @@ most applications will only be interested in the first shared group so B is normally set to zero. If the value B is out of range, NID_undef is returned. +SSL_get_negotiated_group() returns the negotiated group on a TLSv1.3 connection +for key exchange. This can be called by either client or server. + All these functions are implemented as macros. The curve functions are synonyms for the equivalently named group functions and @@ -96,6 +100,10 @@ is -1. When called on a client B, SSL_get_shared_group() has no meaning and returns -1. +SSL_get_negotiated_group() returns the NID of the negotiated group on a +TLSv1.3 connection for key exchange. Or it returns NID_undef if no negotiated +group. + =head1 SEE ALSO L @@ -103,7 +111,8 @@ L =head1 HISTORY The curve functions were added in OpenSSL 1.0.2. The equivalent group -functions were added in OpenSSL 1.1.1. +functions were added in OpenSSL 1.1.1. The SSL_get_negotiated_group() function +was added in OpenSSL 3.0.0. =head1 COPYRIGHT -- 2.34.1