1*e71b7053SJung-uk Kim=pod 2*e71b7053SJung-uk Kim 3*e71b7053SJung-uk Kim=head1 NAME 4*e71b7053SJung-uk Kim 5*e71b7053SJung-uk KimSSL_client_version, SSL_get_version, SSL_is_dtls, SSL_version - get the 6*e71b7053SJung-uk Kimprotocol information of a connection 7*e71b7053SJung-uk Kim 8*e71b7053SJung-uk Kim=head1 SYNOPSIS 9*e71b7053SJung-uk Kim 10*e71b7053SJung-uk Kim #include <openssl/ssl.h> 11*e71b7053SJung-uk Kim 12*e71b7053SJung-uk Kim int SSL_client_version(const SSL *s); 13*e71b7053SJung-uk Kim 14*e71b7053SJung-uk Kim const char *SSL_get_version(const SSL *ssl); 15*e71b7053SJung-uk Kim 16*e71b7053SJung-uk Kim int SSL_is_dtls(const SSL *ssl); 17*e71b7053SJung-uk Kim 18*e71b7053SJung-uk Kim int SSL_version(const SSL *s); 19*e71b7053SJung-uk Kim 20*e71b7053SJung-uk Kim=head1 DESCRIPTION 21*e71b7053SJung-uk Kim 22*e71b7053SJung-uk KimSSL_client_version() returns the numeric protocol version advertised by the 23*e71b7053SJung-uk Kimclient in the legacy_version field of the ClientHello when initiating the 24*e71b7053SJung-uk Kimconnection. Note that, for TLS, this value will never indicate a version greater 25*e71b7053SJung-uk Kimthan TLSv1.2 even if TLSv1.3 is subsequently negotiated. SSL_get_version() 26*e71b7053SJung-uk Kimreturns the name of the protocol used for the connection. SSL_version() returns 27*e71b7053SJung-uk Kimthe numeric protocol version used for the connection. They should only be called 28*e71b7053SJung-uk Kimafter the initial handshake has been completed. Prior to that the results 29*e71b7053SJung-uk Kimreturned from these functions may be unreliable. 30*e71b7053SJung-uk Kim 31*e71b7053SJung-uk KimSSL_is_dtls() returns one if the connection is using DTLS, zero if not. 32*e71b7053SJung-uk Kim 33*e71b7053SJung-uk Kim=head1 RETURN VALUES 34*e71b7053SJung-uk Kim 35*e71b7053SJung-uk Kim 36*e71b7053SJung-uk KimSSL_get_version() returns one of the following strings: 37*e71b7053SJung-uk Kim 38*e71b7053SJung-uk Kim=over 4 39*e71b7053SJung-uk Kim 40*e71b7053SJung-uk Kim=item SSLv3 41*e71b7053SJung-uk Kim 42*e71b7053SJung-uk KimThe connection uses the SSLv3 protocol. 43*e71b7053SJung-uk Kim 44*e71b7053SJung-uk Kim=item TLSv1 45*e71b7053SJung-uk Kim 46*e71b7053SJung-uk KimThe connection uses the TLSv1.0 protocol. 47*e71b7053SJung-uk Kim 48*e71b7053SJung-uk Kim=item TLSv1.1 49*e71b7053SJung-uk Kim 50*e71b7053SJung-uk KimThe connection uses the TLSv1.1 protocol. 51*e71b7053SJung-uk Kim 52*e71b7053SJung-uk Kim=item TLSv1.2 53*e71b7053SJung-uk Kim 54*e71b7053SJung-uk KimThe connection uses the TLSv1.2 protocol. 55*e71b7053SJung-uk Kim 56*e71b7053SJung-uk Kim=item TLSv1.3 57*e71b7053SJung-uk Kim 58*e71b7053SJung-uk KimThe connection uses the TLSv1.3 protocol. 59*e71b7053SJung-uk Kim 60*e71b7053SJung-uk Kim=item unknown 61*e71b7053SJung-uk Kim 62*e71b7053SJung-uk KimThis indicates an unknown protocol version. 63*e71b7053SJung-uk Kim 64*e71b7053SJung-uk Kim=back 65*e71b7053SJung-uk Kim 66*e71b7053SJung-uk KimSSL_version() and SSL_client_version() return an integer which could include any 67*e71b7053SJung-uk Kimof the following: 68*e71b7053SJung-uk Kim 69*e71b7053SJung-uk Kim=over 4 70*e71b7053SJung-uk Kim 71*e71b7053SJung-uk Kim=item SSL3_VERSION 72*e71b7053SJung-uk Kim 73*e71b7053SJung-uk KimThe connection uses the SSLv3 protocol. 74*e71b7053SJung-uk Kim 75*e71b7053SJung-uk Kim=item TLS1_VERSION 76*e71b7053SJung-uk Kim 77*e71b7053SJung-uk KimThe connection uses the TLSv1.0 protocol. 78*e71b7053SJung-uk Kim 79*e71b7053SJung-uk Kim=item TLS1_1_VERSION 80*e71b7053SJung-uk Kim 81*e71b7053SJung-uk KimThe connection uses the TLSv1.1 protocol. 82*e71b7053SJung-uk Kim 83*e71b7053SJung-uk Kim=item TLS1_2_VERSION 84*e71b7053SJung-uk Kim 85*e71b7053SJung-uk KimThe connection uses the TLSv1.2 protocol. 86*e71b7053SJung-uk Kim 87*e71b7053SJung-uk Kim=item TLS1_3_VERSION 88*e71b7053SJung-uk Kim 89*e71b7053SJung-uk KimThe connection uses the TLSv1.3 protocol (never returned for 90*e71b7053SJung-uk KimSSL_client_version()). 91*e71b7053SJung-uk Kim 92*e71b7053SJung-uk Kim=back 93*e71b7053SJung-uk Kim 94*e71b7053SJung-uk Kim=head1 SEE ALSO 95*e71b7053SJung-uk Kim 96*e71b7053SJung-uk KimL<ssl(7)> 97*e71b7053SJung-uk Kim 98*e71b7053SJung-uk Kim=head1 HISTORY 99*e71b7053SJung-uk Kim 100*e71b7053SJung-uk KimSSL_is_dtls() was added in OpenSSL 1.1.0. 101*e71b7053SJung-uk Kim 102*e71b7053SJung-uk Kim=head1 COPYRIGHT 103*e71b7053SJung-uk Kim 104*e71b7053SJung-uk KimCopyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. 105*e71b7053SJung-uk Kim 106*e71b7053SJung-uk KimLicensed under the OpenSSL license (the "License"). You may not use 107*e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 108*e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 109*e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 110*e71b7053SJung-uk Kim 111*e71b7053SJung-uk Kim=cut 112