From 3edabd3ccb7aac89af5a63cfb2378e33a8be05d7 Mon Sep 17 00:00:00 2001 From: Christian Heimes Date: Thu, 14 Sep 2017 09:28:39 +0200 Subject: Provide getters for min/max proto version OpenSSL 1.1.0 made SSL_CTX and SSL structs opaque and introduced a new API to set the minimum and maximum protocol version for SSL_CTX with TLS_method(). Add getters to introspect the configured versions: int SSL_CTX_get_min_proto_version(SSL_CTX *ctx); int SSL_CTX_get_max_proto_version(SSL_CTX *ctx); int SSL_get_min_proto_version(SSL *ssl); int SSL_get_max_proto_version(SSL *ssl); NOTE: The getters do not resolv the version in case when the minimum or maxium version are configured as '0' (meaning auto-select lowest and highst version number). Signed-off-by: Christian Heimes Reviewed-by: Rich Salz Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/4364) --- util/private.num | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'util/private.num') diff --git a/util/private.num b/util/private.num index d705613a0c..8c2fa396ab 100644 --- a/util/private.num +++ b/util/private.num @@ -233,6 +233,8 @@ SSL_CTX_disable_ct define SSL_CTX_get0_chain_certs define SSL_CTX_get_default_read_ahead define SSL_CTX_get_max_cert_list define +SSL_CTX_get_max_proto_version define +SSL_CTX_get_min_proto_version define SSL_CTX_get_mode define SSL_CTX_get_read_ahead define SSL_CTX_get_session_cache_mode define @@ -302,6 +304,8 @@ SSL_get_cipher_name define SSL_get_cipher_version define SSL_get_extms_support define SSL_get_max_cert_list define +SSL_get_max_proto_version define +SSL_get_min_proto_version define SSL_get_mode define SSL_get_peer_signature_nid define SSL_get_secure_renegotiation_support define -- cgit v1.2.3