Add some documentation for SSL_get_shared_ciphers()

Reviewed-by: N Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6113)

Add some documentation for SSL_get_shared_ciphers()
Reviewed-by: N Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6113)
3bfa4756 · Matt Caswell · f054160a · 3bfa4756 · 3bfa4756
隐藏空白更改
内联并排

Showing with 22 addition and 4 deletion

doc/man3/SSL_get_ciphers.pod doc/man3/SSL_get_ciphers.pod +21 -3

doc/man7/ssl.pod doc/man7/ssl.pod +1 -1

未找到文件。
--- a/doc/man3/SSL_get_ciphers.pod
+++ b/doc/man3/SSL_get_ciphers.pod
@@ -2,9 +2,13 @@

 =head1 NAME

-SSL_get1_supported_ciphers, SSL_get_client_ciphers,
-SSL_get_ciphers, SSL_CTX_get_ciphers,
-SSL_bytes_to_cipher_list, SSL_get_cipher_list
+SSL_get1_supported_ciphers,
+SSL_get_client_ciphers,
+SSL_get_ciphers,
+SSL_CTX_get_ciphers,
+SSL_bytes_to_cipher_list,
+SSL_get_cipher_list,
+SSL_get_shared_ciphers
 - get list of available SSL_CIPHERs

 =head1 SYNOPSIS
@@ -19,6 +23,7 @@ SSL_bytes_to_cipher_list, SSL_get_cipher_list
                              int isv2format, STACK_OF(SSL_CIPHER) **sk,
                              STACK_OF(SSL_CIPHER) **scsvs);
 const char *SSL_get_cipher_list(const SSL *ssl, int priority);
+ char *SSL_get_shared_ciphers(const SSL *s, char *buf, int size);

 =head1 DESCRIPTION

@@ -58,6 +63,19 @@ listed for B<ssl> with B<priority>. If B<ssl> is NULL, no ciphers are
 available, or there are less ciphers than B<priority> available, NULL
 is returned.

+SSL_get_shared_ciphers() creates a colon separated and NUL terminated list of
+SSL_CIPHER names that are available in both the client and the server. B<buf> is
+the buffer that should be populated with the list of names and B<size> is the
+size of that buffer. A pointer to B<buf> is returned on success or NULL on
+error. If the supplied buffer is not large enough to contain the complete list
+of names then a truncated list of names will be returned. Note that just because
+a ciphersuite is available (i.e. it is configured in the cipher list) and shared
+by both the client and the server it does not mean that it is enabled (see the
+description of SSL_get1_supported_ciphers() above). This function will return
+available shared ciphersuites whether or not they are enabled. This is a server
+side function only and must only be called after the completion of the initial
+handshake.
+
 =head1 NOTES

 The details of the ciphers obtained by SSL_get_ciphers(), SSL_CTX_get_ciphers()

--- a/doc/man7/ssl.pod
+++ b/doc/man7/ssl.pod
@@ -570,7 +570,7 @@ fresh handle for each connection.

 =item SSL_SESSION *B<SSL_get_session>(const SSL *ssl);

-=item char *B<SSL_get_shared_ciphers>(const SSL *ssl, char *buf, int len);
+=item char *B<SSL_get_shared_ciphers>(const SSL *ssl, char *buf, int size);

 =item int B<SSL_get_shutdown>(const SSL *ssl);