[openssl-dev] How to get SSL version from SSL_SESSION using OpenSSL-1.1.x?
Matt Caswell
matt at openssl.org
Thu May 26 21:52:22 UTC 2016
On 26/05/16 22:48, TJ Saunders wrote:
>
>
>>> I'm currently working on updating proftpd and its various modules to
>>> work with the changed APIs in OpenSSL-1.1.x. My current obstacle(?) is
>>> to determine the SSL protocol version, given an SSL_SESSION pointer.
>>>
>>> Using OpenSSL-1.0.x, I currently use:
>>>
>>> ssl_version = sess->ssl_version;
>>>
>>> However, I don't see an equivalent accessor in the 1.1.x APIs. Have I
>>> missed something, or does such a thing not exist yet?
>>
>> I don't think such a thing exists at the moment. Out of interest why do
>> you need it?
>
> One of the modules maintains the server-side SSL session cache,
> comprised of SSL_SESSION objects. For debugging purposes, there's a
> tool to dump out the sessions in the cache. I had initially used
> SSL_SESSION_print() for this dump utility, but that prints out more of
> the session data (e.g. the master key) than I'd wanted. Thus I ended up
> writing my own code for printing out the fields of the SSL_SESSION which
> I thought would be of interest -- including the protocol version of the
> SSL_SESSION.
That sounds fairly reasonable. I suggest raising a github pull request
to add the accessor (or just an issue if you prefer).
Matt
More information about the openssl-dev
mailing list