使用openssl以编程方式查找已协商的TLS版本
[英]Find programmatically using openssl which TLS version was negociated
问题描述
I'm using openssl in a non web application to commute a socket to TLS (STARTTLS protocol). 
我在非Web应用程序中使用openssl将套接字转换为TLS(STARTTLS协议)。 Everything works fine, but I would also like to know which version of TLS among the allowed ones was actually negociated. 一切正常,但是我也想知道实际上已协商了允许的TLS版本。
Is there any way to find this information using openssl API ? 有什么办法可以使用openssl API查找此信息?
Note: with openssl 1.1 and later the information is likely returned by the function SSL_SESSION_get_protocol_version() but I need to also find this information for previous openssl library versions (code in the wild, performing a major update of openssl for mere logging purpose is not an option). 注意:在openssl 1.1及更高版本中,信息可能由函数SSL_SESSION_get_protocol_version()返回,但我还需要查找以前的openssl库版本的信息(在野外代码中,仅出于记录目的而对openssl进行重大更新不是选项)。
1 个解决方案
解决方案1
1 已采纳 2019-01-25 18:00:58
You can use SSL_get_version() : 您可以使用SSL_get_version() :
SSL_get_version() returns the name of the protocol used for the connection
ssl.ssl的协议的名称。 It should only be called after the initial handshake has been completed.RETURN VALUES
The following strings can be returned:
SSLv2
The connection uses the SSLv2 protocol.SSLv3
The connection uses the SSLv3 protocol.TLSv1
The connection uses the TLSv1.0 protocol.TLSv1.1
The connection uses the TLSv1.1 protocol.TLSv1.2
The connection uses the TLSv1.2 protocol.unknown
This indicates an unknown protocol version.
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.