[thirdparty/openssl.git] / doc / man3 / SSL_get_version.pod

=pod

=head1 NAME

SSL_client_version, SSL_get_version, SSL_is_dtls, SSL_version - get the
protocol information of a connection

=head1 SYNOPSIS

 #include <openssl/ssl.h>

 int SSL_client_version(const SSL *s);

 const char *SSL_get_version(const SSL *ssl);

 int SSL_is_dtls(const SSL *ssl);

 int SSL_version(const SSL *s);

=head1 DESCRIPTION

SSL_client_version() returns the numeric protocol version advertised by the
client in the legacy_version field of the ClientHello when initiating the
connection. Note that, for TLS, this value will never indicate a version greater
than TLSv1.2 even if TLSv1.3 is subsequently negotiated. SSL_get_version()
returns the name of the protocol used for the connection. SSL_version() returns
the numeric protocol version used for the connection. They should only be called
after the initial handshake has been completed. Prior to that the results
returned from these functions may be unreliable.

SSL_is_dtls() returns one if the connection is using DTLS, zero if not.

=head1 RETURN VALUES


SSL_get_version() returns one of the following strings:

=over 4

=item SSLv3

The connection uses the SSLv3 protocol.

=item TLSv1

The connection uses the TLSv1.0 protocol.

=item TLSv1.1

The connection uses the TLSv1.1 protocol.

=item TLSv1.2

The connection uses the TLSv1.2 protocol.

=item TLSv1.3

The connection uses the TLSv1.3 protocol.

=item unknown

This indicates an unknown protocol version.

=back

SSL_version() and SSL_client_version() return an integer which could include any
of the following:

=over 4

=item SSL3_VERSION

The connection uses the SSLv3 protocol.

=item TLS1_VERSION

The connection uses the TLSv1.0 protocol.

=item TLS1_1_VERSION

The connection uses the TLSv1.1 protocol.

=item TLS1_2_VERSION

The connection uses the TLSv1.2 protocol.

=item TLS1_3_VERSION

The connection uses the TLSv1.3 protocol (never returned for
SSL_client_version()).

=back

=head1 SEE ALSO

L<ssl(7)>

=head1 HISTORY

The SSL_is_dtls() function was added in OpenSSL 1.1.0.

=head1 COPYRIGHT

Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
2c1571b4 LJ	1	=pod
	2
	3	=head1 NAME
	4
86fde069 JS	5	SSL_client_version, SSL_get_version, SSL_is_dtls, SSL_version - get the
86fde069 JS	6	protocol information of a connection
2c1571b4 LJ	7
	8	=head1 SYNOPSIS
	9
	10	#include <openssl/ssl.h>
	11
86fde069 JS	12	int SSL_client_version(const SSL *s);
86fde069 JS	13
c3e64028	14	const char SSL_get_version(const SSL ssl);
2c1571b4	15
e417070c RS	16	int SSL_is_dtls(const SSL *ssl);
e417070c RS	17
86fde069 JS	18	int SSL_version(const SSL *s);
86fde069 JS	19
2c1571b4 LJ	20	=head1 DESCRIPTION
2c1571b4 LJ	21
8ec2bde9 MC	22	SSL_client_version() returns the numeric protocol version advertised by the
	23	client in the legacy_version field of the ClientHello when initiating the
	24	connection. Note that, for TLS, this value will never indicate a version greater
	25	than TLSv1.2 even if TLSv1.3 is subsequently negotiated. SSL_get_version()
	26	returns the name of the protocol used for the connection. SSL_version() returns
	27	the numeric protocol version used for the connection. They should only be called
	28	after the initial handshake has been completed. Prior to that the results
	29	returned from these functions may be unreliable.
2c1571b4	30
e417070c RS	31	SSL_is_dtls() returns one if the connection is using DTLS, zero if not.
e417070c RS	32
2c1571b4 LJ	33	=head1 RETURN VALUES
2c1571b4 LJ	34
8ec2bde9	35
8162f6f5	36	SSL_get_version() returns one of the following strings:
2c1571b4 LJ	37
	38	=over 4
	39
2c1571b4 LJ	40	=item SSLv3
	41
	42	The connection uses the SSLv3 protocol.
	43
	44	=item TLSv1
	45
fc1d88f0 RS	46	The connection uses the TLSv1.0 protocol.
	47
	48	=item TLSv1.1
	49
	50	The connection uses the TLSv1.1 protocol.
	51
	52	=item TLSv1.2
	53
	54	The connection uses the TLSv1.2 protocol.
2c1571b4	55
86fde069 JS	56	=item TLSv1.3
	57
	58	The connection uses the TLSv1.3 protocol.
	59
2c1571b4 LJ	60	=item unknown
2c1571b4 LJ	61
ddba302a	62	This indicates an unknown protocol version.
2c1571b4 LJ	63
	64	=back
	65
8ec2bde9 MC	66	SSL_version() and SSL_client_version() return an integer which could include any
8ec2bde9 MC	67	of the following:
86fde069	68
e1271ac2	69	=over 4
86fde069 JS	70
	71	=item SSL3_VERSION
	72
	73	The connection uses the SSLv3 protocol.
	74
	75	=item TLS1_VERSION
	76
	77	The connection uses the TLSv1.0 protocol.
	78
	79	=item TLS1_1_VERSION
	80
	81	The connection uses the TLSv1.1 protocol.
	82
	83	=item TLS1_2_VERSION
	84
	85	The connection uses the TLSv1.2 protocol.
	86
	87	=item TLS1_3_VERSION
	88
8ec2bde9 MC	89	The connection uses the TLSv1.3 protocol (never returned for
8ec2bde9 MC	90	SSL_client_version()).
86fde069	91
8c32663c RS	92	=back
8c32663c RS	93
2c1571b4 LJ	94	=head1 SEE ALSO
2c1571b4 LJ	95
b97fdb57	96	L<ssl(7)>
2c1571b4	97
e417070c RS	98	=head1 HISTORY
e417070c RS	99
fc5ecadd	100	The SSL_is_dtls() function was added in OpenSSL 1.1.0.
e417070c	101
e2f92610 RS	102	=head1 COPYRIGHT
e2f92610 RS	103
6ec5fce2	104	Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
e2f92610	105
4746f25a	106	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	107	this file except in compliance with the License. You can obtain a copy
	108	in the file LICENSE in the source distribution or at
	109	L<https://www.openssl.org/source/license.html>.
	110
	111	=cut