Add SSL_get_pending_cipher()

The existing function SSL_get_current_cipher() queries the current session for the ciphersuite in use, but there is no way for application code to determine what ciphersuite has been negotiated and will be used in the future, prior to ChangeCipherState (or the TLS 1.3 equivalent) causing the new cipher to take effect and become visible in the session information. Expose this information to appropriate application callbacks to use during the handshake. The name SSL_get_pending_cipher() was chosen for compatibility with BoringSSL's routine of that name. Improve the note on macro implementations in SSL_get_current_cipher.pod while here. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4070)
author: Benjamin Kaduk <bkaduk@akamai.com> 2017-08-01 15:28:14 -0500
committer: Benjamin Kaduk <kaduk@mit.edu> 2017-08-15 10:52:21 -0500
commit: 0aed6e449da5f06a23fd191bb86bfdd71bde6f9c (patch)
tree: e31f4434d478de9232454cefc7ccf769ebdb8c16 /util/libssl.num
parent: 5626f634c31cfde48ccbbee243be29e0eb77171e (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/util/libssl.num b/util/libssl.num
index 78fb65a685..7d4c01e80f 100644
--- a/util/libssl.num
+++ b/util/libssl.num
@@ -463,3 +463,4 @@ OPENSSL_cipher_name                     463	1_1_1	EXIST::FUNCTION:
 SSL_alloc_buffers                       464	1_1_1	EXIST::FUNCTION:
 SSL_free_buffers                        465	1_1_1	EXIST::FUNCTION:
 SSL_SESSION_dup                         466	1_1_1	EXIST::FUNCTION:
+SSL_get_pending_cipher                  467	1_1_1	EXIST::FUNCTION:
author	Benjamin Kaduk <bkaduk@akamai.com>	2017-08-01 15:28:14 -0500
committer	Benjamin Kaduk <kaduk@mit.edu>	2017-08-15 10:52:21 -0500
commit	0aed6e449da5f06a23fd191bb86bfdd71bde6f9c (patch)
tree	e31f4434d478de9232454cefc7ccf769ebdb8c16 /util/libssl.num
parent	5626f634c31cfde48ccbbee243be29e0eb77171e (diff)