man.bsd.lv manual page server

DESCRIPTION

SSL_CTX_get_ciphers() returns the stack of available SSL_CIPHERs for ctx.

SSL_get1_supported_ciphers() returns the stack of enabled SSL_CIPHERs for ssl as it would be sent in a ClientHello, sorted by preference. The list depends on settings like the cipher list, the supported protocol versions, the security level, and the enabled signature algorithms. The list of ciphers that would be sent in a ClientHello can differ from the list of ciphers that would be acceptable when acting as a server. For example, additional ciphers may be usable by a server if there is a gap in the list of supported protocols, and some ciphers may not be usable by a server if there is not a suitable certificate configured. If ssl is NULL or no ciphers are available, NULL is returned.

SSL_get_client_ciphers() returns the stack of available SSL_CIPHERs matching the list received from the client on ssl. If ssl is NULL, no ciphers are available, or ssl is not operating in server mode, NULL is returned.

SSL_get_ciphers(), SSL_CTX_get_ciphers(), and SSL_get_client_ciphers() return pointers to internal cipher stacks, which will be freed later on when the SSL or SSL_CTX object is freed. Therefore, the calling code must not free the return value itself.

The details of the ciphers obtained by SSL_get_ciphers(), SSL_CTX_get_ciphers(), SSL_get1_supported_ciphers(), and SSL_get_client_ciphers() can be obtained using the SSL_CIPHER_get_name(3) family of functions.

SSL_get_cipher_list() returns a pointer to the name of the SSL_CIPHER listed for ssl with priority. If ssl is NULL, no ciphers are available, or there are fewer ciphers than priority available, NULL is returned.

Call SSL_get_cipher_list() with priority starting from 0 to obtain the sorted list of available ciphers, until NULL is returned.