On Thu, Nov 09, 2000 at 11:46:03AM -0500, Jeffrey Altman wrote:
> I need an API in OpenSSL to allow the negotiated cipher to be queried
> to determine if it is or is not Anonymous. I don't want to directly
> query the contents of the SSL_CIPHER algorithms in my code:
>
> ssl->session->cipher->algorithms & SSL_AUTH_MASK
>
> to determine if it is SSL_aNULL.
>
> I know I can use SSL_get_current_cipher(ssl) to retrieve the current
> cipher. Can we add
>
> int SSL_CIPHER_get_algorithms(SSL_CIPHER *c, int * algorithms)
>
> or something equivalent?
The "algorithms" won't help you much, as their structuring is "private",
e.g. SSL_aNULL is only define in ssl_locl.h which is not part of the API.
There is however the function SSL_CIPHER_description(), the output of
which will containt the properties of the cipher. In your case, you want
to look out for the "Au=...." part describing the authentication with
Au=None being the case for anonymous ciphers...
As I have just seen, the documentation I wrote for this function is a bit
short, as it does not contain the documentation about the precise format
of the string. Please use the source in ssl/ssl_ciph.c until I have extended
the documentation.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
