1e71b7053SJung-uk Kim=pod 2e71b7053SJung-uk Kim 3e71b7053SJung-uk Kim=head1 NAME 4e71b7053SJung-uk Kim 5e71b7053SJung-uk KimSSL_client_version, SSL_get_version, SSL_is_dtls, SSL_version - get the 6e71b7053SJung-uk Kimprotocol information of a connection 7e71b7053SJung-uk Kim 8e71b7053SJung-uk Kim=head1 SYNOPSIS 9e71b7053SJung-uk Kim 10e71b7053SJung-uk Kim #include <openssl/ssl.h> 11e71b7053SJung-uk Kim 12e71b7053SJung-uk Kim int SSL_client_version(const SSL *s); 13e71b7053SJung-uk Kim 14e71b7053SJung-uk Kim const char *SSL_get_version(const SSL *ssl); 15e71b7053SJung-uk Kim 16e71b7053SJung-uk Kim int SSL_is_dtls(const SSL *ssl); 17e71b7053SJung-uk Kim 18e71b7053SJung-uk Kim int SSL_version(const SSL *s); 19e71b7053SJung-uk Kim 20e71b7053SJung-uk Kim=head1 DESCRIPTION 21e71b7053SJung-uk Kim 22e71b7053SJung-uk KimSSL_client_version() returns the numeric protocol version advertised by the 23e71b7053SJung-uk Kimclient in the legacy_version field of the ClientHello when initiating the 24e71b7053SJung-uk Kimconnection. Note that, for TLS, this value will never indicate a version greater 25e71b7053SJung-uk Kimthan TLSv1.2 even if TLSv1.3 is subsequently negotiated. SSL_get_version() 26e71b7053SJung-uk Kimreturns the name of the protocol used for the connection. SSL_version() returns 27e71b7053SJung-uk Kimthe numeric protocol version used for the connection. They should only be called 28e71b7053SJung-uk Kimafter the initial handshake has been completed. Prior to that the results 29e71b7053SJung-uk Kimreturned from these functions may be unreliable. 30e71b7053SJung-uk Kim 31e71b7053SJung-uk KimSSL_is_dtls() returns one if the connection is using DTLS, zero if not. 32e71b7053SJung-uk Kim 33e71b7053SJung-uk Kim=head1 RETURN VALUES 34e71b7053SJung-uk Kim 35e71b7053SJung-uk Kim 36e71b7053SJung-uk KimSSL_get_version() returns one of the following strings: 37e71b7053SJung-uk Kim 38e71b7053SJung-uk Kim=over 4 39e71b7053SJung-uk Kim 40e71b7053SJung-uk Kim=item SSLv3 41e71b7053SJung-uk Kim 42e71b7053SJung-uk KimThe connection uses the SSLv3 protocol. 43e71b7053SJung-uk Kim 44e71b7053SJung-uk Kim=item TLSv1 45e71b7053SJung-uk Kim 46e71b7053SJung-uk KimThe connection uses the TLSv1.0 protocol. 47e71b7053SJung-uk Kim 48e71b7053SJung-uk Kim=item TLSv1.1 49e71b7053SJung-uk Kim 50e71b7053SJung-uk KimThe connection uses the TLSv1.1 protocol. 51e71b7053SJung-uk Kim 52e71b7053SJung-uk Kim=item TLSv1.2 53e71b7053SJung-uk Kim 54e71b7053SJung-uk KimThe connection uses the TLSv1.2 protocol. 55e71b7053SJung-uk Kim 56e71b7053SJung-uk Kim=item TLSv1.3 57e71b7053SJung-uk Kim 58e71b7053SJung-uk KimThe connection uses the TLSv1.3 protocol. 59e71b7053SJung-uk Kim 60e71b7053SJung-uk Kim=item unknown 61e71b7053SJung-uk Kim 62e71b7053SJung-uk KimThis indicates an unknown protocol version. 63e71b7053SJung-uk Kim 64e71b7053SJung-uk Kim=back 65e71b7053SJung-uk Kim 66e71b7053SJung-uk KimSSL_version() and SSL_client_version() return an integer which could include any 67e71b7053SJung-uk Kimof the following: 68e71b7053SJung-uk Kim 69e71b7053SJung-uk Kim=over 4 70e71b7053SJung-uk Kim 71e71b7053SJung-uk Kim=item SSL3_VERSION 72e71b7053SJung-uk Kim 73e71b7053SJung-uk KimThe connection uses the SSLv3 protocol. 74e71b7053SJung-uk Kim 75e71b7053SJung-uk Kim=item TLS1_VERSION 76e71b7053SJung-uk Kim 77e71b7053SJung-uk KimThe connection uses the TLSv1.0 protocol. 78e71b7053SJung-uk Kim 79e71b7053SJung-uk Kim=item TLS1_1_VERSION 80e71b7053SJung-uk Kim 81e71b7053SJung-uk KimThe connection uses the TLSv1.1 protocol. 82e71b7053SJung-uk Kim 83e71b7053SJung-uk Kim=item TLS1_2_VERSION 84e71b7053SJung-uk Kim 85e71b7053SJung-uk KimThe connection uses the TLSv1.2 protocol. 86e71b7053SJung-uk Kim 87e71b7053SJung-uk Kim=item TLS1_3_VERSION 88e71b7053SJung-uk Kim 89e71b7053SJung-uk KimThe connection uses the TLSv1.3 protocol (never returned for 90e71b7053SJung-uk KimSSL_client_version()). 91e71b7053SJung-uk Kim 92e71b7053SJung-uk Kim=back 93e71b7053SJung-uk Kim 94e71b7053SJung-uk Kim=head1 SEE ALSO 95e71b7053SJung-uk Kim 96e71b7053SJung-uk KimL<ssl(7)> 97e71b7053SJung-uk Kim 98e71b7053SJung-uk Kim=head1 HISTORY 99e71b7053SJung-uk Kim 1006935a639SJung-uk KimThe SSL_is_dtls() function was added in OpenSSL 1.1.0. 101e71b7053SJung-uk Kim 102e71b7053SJung-uk Kim=head1 COPYRIGHT 103e71b7053SJung-uk Kim 104e71b7053SJung-uk KimCopyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. 105e71b7053SJung-uk Kim 106*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 107e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 108e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 109e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 110e71b7053SJung-uk Kim 111e71b7053SJung-uk Kim=cut 112