]>
Commit | Line | Data |
---|---|---|
2c1571b4 LJ |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
86fde069 JS |
5 | SSL_client_version, SSL_get_version, SSL_is_dtls, SSL_version - get the |
6 | protocol information of a connection | |
2c1571b4 LJ |
7 | |
8 | =head1 SYNOPSIS | |
9 | ||
10 | #include <openssl/ssl.h> | |
11 | ||
86fde069 JS |
12 | int SSL_client_version(const SSL *s); |
13 | ||
c3e64028 | 14 | const char *SSL_get_version(const SSL *ssl); |
2c1571b4 | 15 | |
e417070c RS |
16 | int SSL_is_dtls(const SSL *ssl); |
17 | ||
86fde069 JS |
18 | int SSL_version(const SSL *s); |
19 | ||
2c1571b4 LJ |
20 | =head1 DESCRIPTION |
21 | ||
8ec2bde9 MC |
22 | SSL_client_version() returns the numeric protocol version advertised by the |
23 | client in the legacy_version field of the ClientHello when initiating the | |
24 | connection. Note that, for TLS, this value will never indicate a version greater | |
25 | than TLSv1.2 even if TLSv1.3 is subsequently negotiated. SSL_get_version() | |
26 | returns the name of the protocol used for the connection. SSL_version() returns | |
27 | the numeric protocol version used for the connection. They should only be called | |
28 | after the initial handshake has been completed. Prior to that the results | |
29 | returned from these functions may be unreliable. | |
2c1571b4 | 30 | |
e417070c RS |
31 | SSL_is_dtls() returns one if the connection is using DTLS, zero if not. |
32 | ||
2c1571b4 LJ |
33 | =head1 RETURN VALUES |
34 | ||
8ec2bde9 | 35 | |
8162f6f5 | 36 | SSL_get_version() returns one of the following strings: |
2c1571b4 LJ |
37 | |
38 | =over 4 | |
39 | ||
2c1571b4 LJ |
40 | =item SSLv3 |
41 | ||
42 | The connection uses the SSLv3 protocol. | |
43 | ||
44 | =item TLSv1 | |
45 | ||
fc1d88f0 RS |
46 | The connection uses the TLSv1.0 protocol. |
47 | ||
48 | =item TLSv1.1 | |
49 | ||
50 | The connection uses the TLSv1.1 protocol. | |
51 | ||
52 | =item TLSv1.2 | |
53 | ||
54 | The connection uses the TLSv1.2 protocol. | |
2c1571b4 | 55 | |
86fde069 JS |
56 | =item TLSv1.3 |
57 | ||
58 | The connection uses the TLSv1.3 protocol. | |
59 | ||
2c1571b4 LJ |
60 | =item unknown |
61 | ||
ddba302a | 62 | This indicates an unknown protocol version. |
2c1571b4 LJ |
63 | |
64 | =back | |
65 | ||
8ec2bde9 MC |
66 | SSL_version() and SSL_client_version() return an integer which could include any |
67 | of the following: | |
86fde069 | 68 | |
e1271ac2 | 69 | =over 4 |
86fde069 JS |
70 | |
71 | =item SSL3_VERSION | |
72 | ||
73 | The connection uses the SSLv3 protocol. | |
74 | ||
75 | =item TLS1_VERSION | |
76 | ||
77 | The connection uses the TLSv1.0 protocol. | |
78 | ||
79 | =item TLS1_1_VERSION | |
80 | ||
81 | The connection uses the TLSv1.1 protocol. | |
82 | ||
83 | =item TLS1_2_VERSION | |
84 | ||
85 | The connection uses the TLSv1.2 protocol. | |
86 | ||
87 | =item TLS1_3_VERSION | |
88 | ||
8ec2bde9 MC |
89 | The connection uses the TLSv1.3 protocol (never returned for |
90 | SSL_client_version()). | |
86fde069 | 91 | |
8c32663c RS |
92 | =back |
93 | ||
2c1571b4 LJ |
94 | =head1 SEE ALSO |
95 | ||
b97fdb57 | 96 | L<ssl(7)> |
2c1571b4 | 97 | |
e417070c RS |
98 | =head1 HISTORY |
99 | ||
fc5ecadd | 100 | The SSL_is_dtls() function was added in OpenSSL 1.1.0. |
e417070c | 101 | |
e2f92610 RS |
102 | =head1 COPYRIGHT |
103 | ||
6ec5fce2 | 104 | Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 105 | |
4746f25a | 106 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
107 | this file except in compliance with the License. You can obtain a copy |
108 | in the file LICENSE in the source distribution or at | |
109 | L<https://www.openssl.org/source/license.html>. | |
110 | ||
111 | =cut |