Commit 831eef2c authored by Nick Mathewson's avatar Nick Mathewson Committed by Matt Caswell
Browse files

Add SSL_get_client_ciphers() to return ciphers from ClientHello 



On the server side, if you want to know which ciphers the client
offered, you had to use session->ciphers.  But that field is no
longer visible, so we need a method to get at it.

Signed-off-by: default avatarNick Mathewson <nickm@torproject.org>
Signed-off-by: default avatarMatt Caswell <matt@openssl.org>
Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
parent 15a06488

doc/ssl/SSL_get_ciphers.pod

+5 −0
Original line number Diff line number Diff line
@@ -9,6 +9,7 @@ SSL_get_ciphers, SSL_get_cipher_list - get list of available SSL_CIPHERs 
 #include <openssl/ssl.h>



 STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl);

 STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *ssl);

 const char *SSL_get_cipher_list(const SSL *ssl, int priority);



=head1 DESCRIPTION
@@ -17,6 +18,10 @@ SSL_get_ciphers() returns the stack of available SSL_CIPHERs for B<ssl>, 
sorted by preference. If B<ssl> is NULL or no ciphers are available, NULL

is returned.



SSL_get_client_ciphers() returns the stack of available SSL_CIPHERS matching the

list sent by the client for B<ssl>. If B<ssl> is NULL, no ciphers are

available, or B<ssl> is not operating in server mode, NULL is returned.



SSL_get_cipher_list() returns a pointer to the name of the SSL_CIPHER

listed for B<ssl> with B<priority>. If B<ssl> is NULL, no ciphers are

available, or there are less ciphers than B<priority> available, NULL

include/openssl/ssl.h

+1 −0
Original line number Diff line number Diff line
@@ -1583,6 +1583,7 @@ __owur const SSL_METHOD *DTLS_server_method(void); /* DTLS 1.0 and 1.2 */ 
__owur const SSL_METHOD *DTLS_client_method(void); /* DTLS 1.0 and 1.2 */



__owur STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);

__owur STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *s);

__owur STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s);



__owur int SSL_do_handshake(SSL *s);

ssl/ssl_lib.c

+7 −0
Original line number Diff line number Diff line
@@ -1258,6 +1258,13 @@ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s) 
    return (NULL);

}



STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *s)

{

    if ((s == NULL) || (s->session == NULL) || !s->server)

        return NULL;

    return s->session->ciphers;

}



STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s)

{

    STACK_OF(SSL_CIPHER) *sk = NULL, *ciphers;