From ddba302a0fa3b11d8cfa01d590ace853229e8f35 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 19 Apr 2018 13:32:45 +0100 Subject: [PATCH] Update version docs Make it clear that you should not attempt to get the version before the first handshake is complete. Fixes #2893 Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/6013) --- doc/man3/SSL_get_version.pod | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/doc/man3/SSL_get_version.pod b/doc/man3/SSL_get_version.pod index f8dd85e17f..c649c2914e 100644 --- a/doc/man3/SSL_get_version.pod +++ b/doc/man3/SSL_get_version.pod @@ -20,15 +20,14 @@ protocol information of a connection =head1 DESCRIPTION SSL_client_version() returns the protocol version used by the client when -initiating the connection. - -SSL_get_version() returns the name of the protocol used for the -connection. +initiating the connection. SSL_get_version() returns the name of the protocol +used for the connection. SSL_version() returns the protocol version used for the +connection. They should only be called after the initial handshake has been +completed. Prior to that the results returned from these functions may be +unreliable. SSL_is_dtls() returns one if the connection is using DTLS, zero if not. -SSL_version() returns the protocol version used for the connection. - =head1 RETURN VALUES SSL_get_version() returns one of the following strings: @@ -57,7 +56,7 @@ The connection uses the TLSv1.3 protocol. =item unknown -This indicates that no version has been set (no connection established). +This indicates an unknown protocol version. =back