[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Sat Aug 13 12:15:02 UTC 2016

The branch master has been updated
       via  e92813234318635639dba0168c7ef5568757449b (commit)
      from  ce7a2232f881e241515925bef13229656a0d6d58 (commit)

- Log -----------------------------------------------------------------
commit e92813234318635639dba0168c7ef5568757449b
Author: Rich Salz <rsalz at openssl.org>
Date:   Fri Aug 12 15:02:00 2016 -0400

    GH1446: Add SSL_SESSION_get0_cipher
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/1451)


Summary of changes:
 ...ON_get0_hostname.pod => SSL_SESSION_get0_cipher.pod} | 17 +++++++++++------
 include/openssl/ssl.h                                   |  1 +
 ssl/ssl_sess.c                                          |  5 +++++
 util/libssl.num                                         |  1 +
 4 files changed, 18 insertions(+), 6 deletions(-)
 copy doc/ssl/{SSL_SESSION_get0_hostname.pod => SSL_SESSION_get0_cipher.pod} (51%)

diff --git a/doc/ssl/SSL_SESSION_get0_hostname.pod b/doc/ssl/SSL_SESSION_get0_cipher.pod
similarity index 51%
copy from doc/ssl/SSL_SESSION_get0_hostname.pod
copy to doc/ssl/SSL_SESSION_get0_cipher.pod
index 6fb12be..fdd36ed 100644
--- a/doc/ssl/SSL_SESSION_get0_hostname.pod
+++ b/doc/ssl/SSL_SESSION_get0_cipher.pod
@@ -2,29 +2,34 @@
 =head1 NAME
-SSL_SESSION_get0_hostname - retrieve the SNI hostname associated with a session
+SSL_SESSION_get0_cipher - retrieve the SSL cipher associated with a session
 =head1 SYNOPSIS
  #include <openssl/ssl.h>
- const char *SSL_SESSION_get0_hostname(const SSL_SESSSION *s);
+ const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSSION *s);
-SSL_SESSION_get0_hostname() retrieves the SNI value that was sent by the
-client when the session was created, or NULL if no value was sent.
+SSL_SESSION_get0_cipher() retrieves the cipher that was used by the
+connection when the session was created, or NULL if it cannot be determined.
-The value returned is a pointer to memory maintained within B<s> and
-should not be free'd.
+The value returned is a pointer to an object maintained within B<s> and
+should not be released.
 =head1 SEE ALSO
+=head1 HISTORY
+SSL_SESSION_get0_cipher() was first added to OpenSSL 1.1.0
 Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index e58ad30..0145707 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1395,6 +1395,7 @@ __owur long SSL_SESSION_get_timeout(const SSL_SESSION *s);
 __owur long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
 __owur int SSL_SESSION_get_protocol_version(const SSL_SESSION *s);
 __owur const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s);
+__owur const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *s);
 __owur int SSL_SESSION_has_ticket(const SSL_SESSION *s);
 __owur unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s);
 void SSL_SESSION_get0_ticket(const SSL_SESSION *s, unsigned char **tick,
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 44bc8a3..4a58fa5 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -827,6 +827,11 @@ int SSL_SESSION_get_protocol_version(const SSL_SESSION *s)
     return s->ssl_version;
+const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *s)
+    return s->cipher;
 const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s)
     return s->tlsext_hostname;
diff --git a/util/libssl.num b/util/libssl.num
index a285dcf..02dface 100644
--- a/util/libssl.num
+++ b/util/libssl.num
@@ -400,3 +400,4 @@ SSL_CTX_dane_set_flags                  400	1_1_0	EXIST::FUNCTION:
 SSL_dane_set_flags                      401	1_1_0	EXIST::FUNCTION:
 SSL_CTX_dane_clear_flags                402	1_1_0	EXIST::FUNCTION:
 SSL_dane_clear_flags                    403	1_1_0	EXIST::FUNCTION:
+SSL_SESSION_get0_cipher                 404	1_1_0	EXIST::FUNCTION:

More information about the openssl-commits mailing list