1.\" $OpenBSD: SSL_get_shared_ciphers.3,v 1.5 2021/01/09 10:50:02 tb Exp $ 2.\" 3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> 4.\" 5.\" Permission to use, copy, modify, and distribute this software for any 6.\" purpose with or without fee is hereby granted, provided that the above 7.\" copyright notice and this permission notice appear in all copies. 8.\" 9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16.\" 17.Dd $Mdocdate: January 9 2021 $ 18.Dt SSL_GET_SHARED_CIPHERS 3 19.Os 20.Sh NAME 21.Nm SSL_get_shared_ciphers 22.Nd ciphers supported by both client and server 23.Sh SYNOPSIS 24.In openssl/ssl.h 25.Ft char * 26.Fo SSL_get_shared_ciphers 27.Fa "const SSL *ssl" 28.Fa "char *buf" 29.Fa "int len" 30.Fc 31.Sh DESCRIPTION 32If 33.Fa ssl 34contains a session in server mode, 35.Fn SSL_get_shared_ciphers 36puts as many names of ciphers that are supported by both the client 37and the server into the buffer 38.Fa buf 39as the buffer is long enough to contain. 40Names are separated by colons. 41At most 42.Fa len 43bytes are written to 44.Fa buf 45including the terminating NUL character. 46.Sh RETURN VALUES 47.Fn SSL_get_shared_ciphers 48returns 49.Fa buf 50on success or 51.Dv NULL 52on failure. 53The following situations cause failure: 54.Bl -bullet 55.It 56.Xr SSL_is_server 3 57is false, i.e., 58.Ar ssl 59is not set to server mode. 60.It 61.Xr SSL_get_ciphers 3 62is 63.Dv NULL 64or empty, i.e., no ciphers are available for use by the server. 65.It 66.Xr SSL_get_session 3 67is 68.Dv NULL , 69i.e., 70.Ar ssl 71contains no session. 72.It 73.Xr SSL_get_client_ciphers 3 74is 75.Dv NULL 76or empty, i.e., 77.Ar ssl 78contains no information about ciphers supported by the client, 79or the client does not support any ciphers. 80.It 81The 82.Fa len 83argument is less than 2. 84.El 85.Sh SEE ALSO 86.Xr ssl 3 , 87.Xr SSL_get_ciphers 3 88.Sh HISTORY 89.Fn SSL_get_shared_ciphers 90first appeared in SSLeay 0.4.5b and has been available since 91.Ox 2.4 . 92.Sh BUGS 93If the list is too long to fit into 94.Fa len 95bytes, it is silently truncated after the last cipher name that fits, 96and all following ciphers are skipped. 97If the buffer is very short such that even the first cipher name 98does not fit, an empty string is returned even when some shared 99ciphers are actually available. 100.Pp 101There is no easy way to find out how much space is required for 102.Fa buf 103or whether the supplied space was sufficient. 104