xref: /netbsd-src/crypto/external/bsd/openssl.old/dist/doc/man3/SSL_get_version.pod (revision 4724848cf0da353df257f730694b7882798e5daf) 
1*4724848cSchristos=pod
2*4724848cSchristos
3*4724848cSchristos=head1 NAME
4*4724848cSchristos
5*4724848cSchristosSSL_client_version, SSL_get_version, SSL_is_dtls, SSL_version - get the
6*4724848cSchristosprotocol information of a connection
7*4724848cSchristos
8*4724848cSchristos=head1 SYNOPSIS
9*4724848cSchristos
10*4724848cSchristos #include <openssl/ssl.h>
11*4724848cSchristos
12*4724848cSchristos int SSL_client_version(const SSL *s);
13*4724848cSchristos
14*4724848cSchristos const char *SSL_get_version(const SSL *ssl);
15*4724848cSchristos
16*4724848cSchristos int SSL_is_dtls(const SSL *ssl);
17*4724848cSchristos
18*4724848cSchristos int SSL_version(const SSL *s);
19*4724848cSchristos
20*4724848cSchristos=head1 DESCRIPTION
21*4724848cSchristos
22*4724848cSchristosSSL_client_version() returns the numeric protocol version advertised by the
23*4724848cSchristosclient in the legacy_version field of the ClientHello when initiating the
24*4724848cSchristosconnection. Note that, for TLS, this value will never indicate a version greater
25*4724848cSchristosthan TLSv1.2 even if TLSv1.3 is subsequently negotiated. SSL_get_version()
26*4724848cSchristosreturns the name of the protocol used for the connection. SSL_version() returns
27*4724848cSchristosthe numeric protocol version used for the connection. They should only be called
28*4724848cSchristosafter the initial handshake has been completed. Prior to that the results
29*4724848cSchristosreturned from these functions may be unreliable.
30*4724848cSchristos
31*4724848cSchristosSSL_is_dtls() returns one if the connection is using DTLS, zero if not.
32*4724848cSchristos
33*4724848cSchristos=head1 RETURN VALUES
34*4724848cSchristos
35*4724848cSchristos
36*4724848cSchristosSSL_get_version() returns one of the following strings:
37*4724848cSchristos
38*4724848cSchristos=over 4
39*4724848cSchristos
40*4724848cSchristos=item SSLv3
41*4724848cSchristos
42*4724848cSchristosThe connection uses the SSLv3 protocol.
43*4724848cSchristos
44*4724848cSchristos=item TLSv1
45*4724848cSchristos
46*4724848cSchristosThe connection uses the TLSv1.0 protocol.
47*4724848cSchristos
48*4724848cSchristos=item TLSv1.1
49*4724848cSchristos
50*4724848cSchristosThe connection uses the TLSv1.1 protocol.
51*4724848cSchristos
52*4724848cSchristos=item TLSv1.2
53*4724848cSchristos
54*4724848cSchristosThe connection uses the TLSv1.2 protocol.
55*4724848cSchristos
56*4724848cSchristos=item TLSv1.3
57*4724848cSchristos
58*4724848cSchristosThe connection uses the TLSv1.3 protocol.
59*4724848cSchristos
60*4724848cSchristos=item unknown
61*4724848cSchristos
62*4724848cSchristosThis indicates an unknown protocol version.
63*4724848cSchristos
64*4724848cSchristos=back
65*4724848cSchristos
66*4724848cSchristosSSL_version() and SSL_client_version() return an integer which could include any
67*4724848cSchristosof the following:
68*4724848cSchristos
69*4724848cSchristos=over 4
70*4724848cSchristos
71*4724848cSchristos=item SSL3_VERSION
72*4724848cSchristos
73*4724848cSchristosThe connection uses the SSLv3 protocol.
74*4724848cSchristos
75*4724848cSchristos=item TLS1_VERSION
76*4724848cSchristos
77*4724848cSchristosThe connection uses the TLSv1.0 protocol.
78*4724848cSchristos
79*4724848cSchristos=item TLS1_1_VERSION
80*4724848cSchristos
81*4724848cSchristosThe connection uses the TLSv1.1 protocol.
82*4724848cSchristos
83*4724848cSchristos=item TLS1_2_VERSION
84*4724848cSchristos
85*4724848cSchristosThe connection uses the TLSv1.2 protocol.
86*4724848cSchristos
87*4724848cSchristos=item TLS1_3_VERSION
88*4724848cSchristos
89*4724848cSchristosThe connection uses the TLSv1.3 protocol (never returned for
90*4724848cSchristosSSL_client_version()).
91*4724848cSchristos
92*4724848cSchristos=back
93*4724848cSchristos
94*4724848cSchristos=head1 SEE ALSO
95*4724848cSchristos
96*4724848cSchristosL<ssl(7)>
97*4724848cSchristos
98*4724848cSchristos=head1 HISTORY
99*4724848cSchristos
100*4724848cSchristosThe SSL_is_dtls() function was added in OpenSSL 1.1.0.
101*4724848cSchristos
102*4724848cSchristos=head1 COPYRIGHT
103*4724848cSchristos
104*4724848cSchristosCopyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
105*4724848cSchristos
106*4724848cSchristosLicensed under the OpenSSL license (the "License").  You may not use
107*4724848cSchristosthis file except in compliance with the License.  You can obtain a copy
108*4724848cSchristosin the file LICENSE in the source distribution or at
109*4724848cSchristosL<https://www.openssl.org/source/license.html>.
110*4724848cSchristos
111*4724848cSchristos=cut
112