Add SSL_SESSION_get0_cipher.

Conscrypt need this function right now. They ought to be fixed up to not
need this but, in the meantime, this API is also provided by OpenSSL and
will clear one most consumer reaching into SSL_SESSION.

Bumping the API since Conscrypt often involves multi-sided stuff.

Change-Id: I665ca6b6a17ef479133c29c23fc639f278128c69
Reviewed-on: https://boringssl-review.googlesource.com/27405
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
David Benjamin 2018-04-12 18:39:28 -04:00 committed by CQ bot account: commit-bot@chromium.org
parent 1414d86ff9
commit b8b1a9d8de
3 changed files with 14 additions and 1 deletions

View File

@ -155,7 +155,7 @@ extern "C" {
// A consumer may use this symbol in the preprocessor to temporarily build // A consumer may use this symbol in the preprocessor to temporarily build
// against multiple revisions of BoringSSL at the same time. It is not // against multiple revisions of BoringSSL at the same time. It is not
// recommended to do so for longer than is necessary. // recommended to do so for longer than is necessary.
#define BORINGSSL_API_VERSION 7 #define BORINGSSL_API_VERSION 8
#if defined(BORINGSSL_SHARED_LIBRARY) #if defined(BORINGSSL_SHARED_LIBRARY)

View File

@ -1749,6 +1749,15 @@ OPENSSL_EXPORT void SSL_SESSION_get0_ticket(const SSL_SESSION *session,
OPENSSL_EXPORT uint32_t OPENSSL_EXPORT uint32_t
SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *session); SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *session);
// SSL_SESSION_get0_cipher returns the cipher negotiated by the connection which
// established |session|.
//
// Note that, in TLS 1.3, there is no guarantee that resumptions with |session|
// will use that cipher. Prefer calling |SSL_get_current_cipher| on the |SSL|
// instead.
OPENSSL_EXPORT const SSL_CIPHER *SSL_SESSION_get0_cipher(
const SSL_SESSION *session);
// Session caching. // Session caching.
// //

View File

@ -990,6 +990,10 @@ uint32_t SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *session) {
return session->tlsext_tick_lifetime_hint; return session->tlsext_tick_lifetime_hint;
} }
const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *session) {
return session->cipher;
}
SSL_SESSION *SSL_magic_pending_session_ptr(void) { SSL_SESSION *SSL_magic_pending_session_ptr(void) {
return (SSL_SESSION *)&g_pending_session_magic; return (SSL_SESSION *)&g_pending_session_magic;
} }