mirror of https://github.com/openssl/openssl
153 lines
3.2 KiB
Plaintext
153 lines
3.2 KiB
Plaintext
=pod
|
|
|
|
=head1 NAME
|
|
|
|
SSL_client_version, SSL_get_version, SSL_is_dtls, SSL_is_tls, SSL_is_quic,
|
|
SSL_version - get the protocol information of a connection
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
#include <openssl/ssl.h>
|
|
|
|
int SSL_client_version(const SSL *s);
|
|
|
|
const char *SSL_get_version(const SSL *ssl);
|
|
|
|
int SSL_is_dtls(const SSL *ssl);
|
|
int SSL_is_tls(const SSL *ssl);
|
|
int SSL_is_quic(const SSL *ssl);
|
|
|
|
int SSL_version(const SSL *s);
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
For SSL, TLS and DTLS protocols SSL_client_version() returns the numeric
|
|
protocol version advertised by the client in the legacy_version field of the
|
|
ClientHello when initiating the connection. Note that, for TLS, this value
|
|
will never indicate a version greater than TLSv1.2 even if TLSv1.3 is
|
|
subsequently negotiated. For QUIC connections it returns OSSL_QUIC1_VERSION.
|
|
|
|
SSL_get_version() returns the name of the protocol used for the connection.
|
|
SSL_version() returns the numeric protocol version used for the connection.
|
|
They should only be called after the initial handshake has been completed.
|
|
Prior to that the results returned from these functions may be unreliable.
|
|
|
|
SSL_is_dtls() returns 1 if the connection is using DTLS or 0 if not.
|
|
|
|
SSL_is_tls() returns 1 if the connection is using SSL/TLS or 0 if not.
|
|
|
|
SSL_is_quic() returns 1 if the connection is using QUIC or 0 if not.
|
|
|
|
=head1 RETURN VALUES
|
|
|
|
|
|
SSL_get_version() returns one of the following strings:
|
|
|
|
=over 4
|
|
|
|
=item SSLv3
|
|
|
|
The connection uses the SSLv3 protocol.
|
|
|
|
=item TLSv1
|
|
|
|
The connection uses the TLSv1.0 protocol.
|
|
|
|
=item TLSv1.1
|
|
|
|
The connection uses the TLSv1.1 protocol.
|
|
|
|
=item TLSv1.2
|
|
|
|
The connection uses the TLSv1.2 protocol.
|
|
|
|
=item TLSv1.3
|
|
|
|
The connection uses the TLSv1.3 protocol.
|
|
|
|
=item DTLSv0.9
|
|
|
|
The connection uses an obsolete pre-standardisation DTLS protocol
|
|
|
|
=item DTLSv1
|
|
|
|
The connection uses the DTLSv1 protocol
|
|
|
|
=item DTLSv1.2
|
|
|
|
The connection uses the DTLSv1.2 protocol
|
|
|
|
=item QUICv1
|
|
|
|
The connection uses the QUICv1 protocol.
|
|
|
|
=item unknown
|
|
|
|
This indicates an unknown protocol version.
|
|
|
|
=back
|
|
|
|
SSL_version() and SSL_client_version() return an integer which could include any
|
|
of the following:
|
|
|
|
=over 4
|
|
|
|
=item SSL3_VERSION
|
|
|
|
The connection uses the SSLv3 protocol.
|
|
|
|
=item TLS1_VERSION
|
|
|
|
The connection uses the TLSv1.0 protocol.
|
|
|
|
=item TLS1_1_VERSION
|
|
|
|
The connection uses the TLSv1.1 protocol.
|
|
|
|
=item TLS1_2_VERSION
|
|
|
|
The connection uses the TLSv1.2 protocol.
|
|
|
|
=item TLS1_3_VERSION
|
|
|
|
The connection uses the TLSv1.3 protocol (never returned for
|
|
SSL_client_version()).
|
|
|
|
=item DTLS1_BAD_VER
|
|
|
|
The connection uses an obsolete pre-standardisation DTLS protocol
|
|
|
|
=item DTLS1_VERSION
|
|
|
|
The connection uses the DTLSv1 protocol
|
|
|
|
=item DTLS1_2_VERSION
|
|
|
|
The connection uses the DTLSv1.2 protocol
|
|
|
|
=item OSSL_QUIC1_VERSION
|
|
|
|
The connection uses the QUICv1 protocol.
|
|
|
|
=back
|
|
|
|
=head1 SEE ALSO
|
|
|
|
L<ssl(7)>
|
|
|
|
=head1 HISTORY
|
|
|
|
The SSL_is_dtls() function was added in OpenSSL 1.1.0. The SSL_is_tls() and
|
|
SSL_is_quic() functions were added in OpenSSL 3.2.
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
Copyright 2001-2023 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
this file except in compliance with the License. You can obtain a copy
|
|
in the file LICENSE in the source distribution or at
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
=cut
|