[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Sat Aug 13 12:15:02 UTC 2016


The branch master has been updated
       via  e92813234318635639dba0168c7ef5568757449b (commit)
      from  ce7a2232f881e241515925bef13229656a0d6d58 (commit)


- Log -----------------------------------------------------------------
commit e92813234318635639dba0168c7ef5568757449b
Author: Rich Salz <rsalz at openssl.org>
Date:   Fri Aug 12 15:02:00 2016 -0400

    GH1446: Add SSL_SESSION_get0_cipher
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/1451)

-----------------------------------------------------------------------

Summary of changes:
 ...ON_get0_hostname.pod => SSL_SESSION_get0_cipher.pod} | 17 +++++++++++------
 include/openssl/ssl.h                                   |  1 +
 ssl/ssl_sess.c                                          |  5 +++++
 util/libssl.num                                         |  1 +
 4 files changed, 18 insertions(+), 6 deletions(-)
 copy doc/ssl/{SSL_SESSION_get0_hostname.pod => SSL_SESSION_get0_cipher.pod} (51%)

diff --git a/doc/ssl/SSL_SESSION_get0_hostname.pod b/doc/ssl/SSL_SESSION_get0_cipher.pod
similarity index 51%
copy from doc/ssl/SSL_SESSION_get0_hostname.pod
copy to doc/ssl/SSL_SESSION_get0_cipher.pod
index 6fb12be..fdd36ed 100644
--- a/doc/ssl/SSL_SESSION_get0_hostname.pod
+++ b/doc/ssl/SSL_SESSION_get0_cipher.pod
@@ -2,29 +2,34 @@
 
 =head1 NAME
 
-SSL_SESSION_get0_hostname - retrieve the SNI hostname associated with a session
+SSL_SESSION_get0_cipher - retrieve the SSL cipher associated with a session
 
 =head1 SYNOPSIS
 
  #include <openssl/ssl.h>
 
- const char *SSL_SESSION_get0_hostname(const SSL_SESSSION *s);
+ const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSSION *s);
 
 =head1 DESCRIPTION
 
-SSL_SESSION_get0_hostname() retrieves the SNI value that was sent by the
-client when the session was created, or NULL if no value was sent.
+SSL_SESSION_get0_cipher() retrieves the cipher that was used by the
+connection when the session was created, or NULL if it cannot be determined.
 
-The value returned is a pointer to memory maintained within B<s> and
-should not be free'd.
+The value returned is a pointer to an object maintained within B<s> and
+should not be released.
 
 =head1 SEE ALSO
 
 L<ssl(3)>,
 L<d2i_SSL_SESSION(3)>,
 L<SSL_SESSION_get_time(3)>,
+L<SSL_SESSION_get0_hostname(3)>,
 L<SSL_SESSION_free(3)>
 
+=head1 HISTORY
+
+SSL_SESSION_get0_cipher() was first added to OpenSSL 1.1.0
+
 =head1 COPYRIGHT
 
 Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index e58ad30..0145707 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1395,6 +1395,7 @@ __owur long SSL_SESSION_get_timeout(const SSL_SESSION *s);
 __owur long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
 __owur int SSL_SESSION_get_protocol_version(const SSL_SESSION *s);
 __owur const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s);
+__owur const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *s);
 __owur int SSL_SESSION_has_ticket(const SSL_SESSION *s);
 __owur unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s);
 void SSL_SESSION_get0_ticket(const SSL_SESSION *s, unsigned char **tick,
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 44bc8a3..4a58fa5 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -827,6 +827,11 @@ int SSL_SESSION_get_protocol_version(const SSL_SESSION *s)
     return s->ssl_version;
 }
 
+const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *s)
+{
+    return s->cipher;
+}
+
 const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s)
 {
     return s->tlsext_hostname;
diff --git a/util/libssl.num b/util/libssl.num
index a285dcf..02dface 100644
--- a/util/libssl.num
+++ b/util/libssl.num
@@ -400,3 +400,4 @@ SSL_CTX_dane_set_flags                  400	1_1_0	EXIST::FUNCTION:
 SSL_dane_set_flags                      401	1_1_0	EXIST::FUNCTION:
 SSL_CTX_dane_clear_flags                402	1_1_0	EXIST::FUNCTION:
 SSL_dane_clear_flags                    403	1_1_0	EXIST::FUNCTION:
+SSL_SESSION_get0_cipher                 404	1_1_0	EXIST::FUNCTION:


More information about the openssl-commits mailing list