diff options
author | Matt Caswell <matt@openssl.org> | 2018-04-27 11:38:19 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-05-02 23:39:23 +0100 |
commit | bd05644df71602f76db5335b8077ba4dbbb6b427 (patch) | |
tree | c446505ebadbbd6443e045f092d4d6a7254dcfc9 /doc | |
parent | d7d6d9531a0a9bb40a5f8b0256c04fa7a3e9b0c6 (diff) |
Add some documentation for SSL_get_shared_ciphers()
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6115)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/ssl/SSL_get_ciphers.pod | 19 | ||||
-rw-r--r-- | doc/ssl/ssl.pod | 2 |
2 files changed, 19 insertions, 2 deletions
diff --git a/doc/ssl/SSL_get_ciphers.pod b/doc/ssl/SSL_get_ciphers.pod index aecadd9138..7697d27917 100644 --- a/doc/ssl/SSL_get_ciphers.pod +++ b/doc/ssl/SSL_get_ciphers.pod @@ -2,7 +2,10 @@ =head1 NAME -SSL_get_ciphers, SSL_get_cipher_list - get list of available SSL_CIPHERs +SSL_get_ciphers, +SSL_get_cipher_list, +SSL_get_shared_ciphers +- get list of available SSL_CIPHERs =head1 SYNOPSIS @@ -10,6 +13,7 @@ SSL_get_ciphers, SSL_get_cipher_list - get list of available SSL_CIPHERs STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl); const char *SSL_get_cipher_list(const SSL *ssl, int priority); + char *SSL_get_shared_ciphers(const SSL *s, char *buf, int size); =head1 DESCRIPTION @@ -22,6 +26,19 @@ listed for B<ssl> with B<priority>. If B<ssl> is NULL, no ciphers are available, or there are less ciphers than B<priority> available, NULL is returned. +SSL_get_shared_ciphers() creates a colon separated and NUL terminated list of +SSL_CIPHER names that are available in both the client and the server. B<buf> is +the buffer that should be populated with the list of names and B<size> is the +size of that buffer. A pointer to B<buf> is returned on success or NULL on +error. If the supplied buffer is not large enough to contain the complete list +of names then a truncated list of names will be returned. Note that just because +a ciphersuite is available (i.e. it is configured in the cipher list) and shared +by both the client and the server it does not mean that it is enabled (for +example some ciphers may not be usable by a server if there is not a suitable +certificate configured). This function will return available shared ciphersuites +whether or not they are enabled. This is a server side function only and must +only be called after the completion of the initial handshake. + =head1 NOTES The details of the ciphers obtained by SSL_get_ciphers() can be obtained using diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod index 70cca178a2..5408d61b31 100644 --- a/doc/ssl/ssl.pod +++ b/doc/ssl/ssl.pod @@ -572,7 +572,7 @@ connection defined in the B<SSL> structure. =item SSL_SESSION *B<SSL_get_session>(const SSL *ssl); -=item char *B<SSL_get_shared_ciphers>(const SSL *ssl, char *buf, int len); +=item char *B<SSL_get_shared_ciphers>(const SSL *ssl, char *buf, int size); =item int B<SSL_get_shutdown>(const SSL *ssl); |