Add SSL_get_pending_cipher()
The existing function SSL_get_current_cipher() queries the current session for the ciphersuite in use, but there is no way for application code to determine what ciphersuite has been negotiated and will be used in the future, prior to ChangeCipherState (or the TLS 1.3 equivalent) causing the new cipher to take effect and become visible in the session information. Expose this information to appropriate application callbacks to use during the handshake. The name SSL_get_pending_cipher() was chosen for compatibility with BoringSSL's routine of that name. Improve the note on macro implementations in SSL_get_current_cipher.pod while here. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4070)
parent
5626f634
Please register or sign in to comment