Hi, the values are taken from ssl_ciph.c and ssl_lib.c respectively. The text for SSL_CIPHER_get_version() is an almost verbatim copy from doc/ssl/ssl.pod -> Dealing with ciphers.
Regards, Stefan
Index: SSL_CIPHER_get_name.pod =================================================================== RCS file: /home/stefan/Documents/Sources/openssl/openssl/doc/ssl/SSL_CIPHER_get_name.pod,v retrieving revision 1.7 diff -u -r1.7 SSL_CIPHER_get_name.pod --- SSL_CIPHER_get_name.pod 12 Sep 2009 23:17:38 -0000 1.7 +++ SSL_CIPHER_get_name.pod 8 Dec 2012 03:39:24 -0000 @@ -23,8 +23,10 @@ B<alg_bits> is not NULL, it contains the number of bits processed by the chosen algorithm. If B<cipher> is NULL, 0 is returned. -SSL_CIPHER_get_version() returns the protocol version for B<cipher>, currently -"SSLv2", "SSLv3", or "TLSv1". If B<cipher> is NULL, "(NONE)" is returned. +SSL_CIPHER_get_version() returns a string which indicates the +SSL/TLS protocol version to which B<cipher> belongs (i.e. where it was defined +in the specification the first time). Possible values are B<TLSv1/SSLv3> and +B<SSLv2> SSL_CIPHER_description() returns a textual description of the cipher used into the buffer B<buf> of length B<len> provided. B<len> must be at least @@ -40,6 +42,9 @@ does use the full 128 bits (which would be returned for B<alg_bits>), of which however 88bits are fixed. The search space is hence only 40 bits. +SSL_CIPHER_get_version() should possibly return "TLSv1.2", but it does +not. Use SSL_CIPHER_description() instead. + The string returned by SSL_CIPHER_description() in case of success consists of cleartext information separated by one or more blanks in the following sequence: @@ -52,7 +57,8 @@ =item <protocol version> -Protocol version: B<SSLv2>, B<SSLv3>. The TLSv1 ciphers are flagged with SSLv3. +Protocol version: B<SSLv2>, B<SSLv3>, B<TLSv1.2>. The TLSv1.0 ciphers are +flagged with SSLv3. No new ciphers were added by TLSv1.1. =item Kx=<key exchange> @@ -90,6 +96,11 @@ EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1 RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 EXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export + CDH-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(128) Mac=SHA256 + +A complete list can be retrieved using: + + openssl ciphers -v 'ALL:eNULL' =head1 BUGS Index: SSL_get_version.pod =================================================================== RCS file: /home/stefan/Documents/Sources/openssl/openssl/doc/ssl/SSL_get_version.pod,v retrieving revision 1.2 diff -u -r1.2 SSL_get_version.pod --- SSL_get_version.pod 30 Mar 2005 11:50:14 -0000 1.2 +++ SSL_get_version.pod 8 Dec 2012 03:44:16 -0000 @@ -12,7 +12,7 @@ =head1 DESCRIPTION -SSL_get_cipher_version() returns the name of the protocol used for the +SSL_get_version() returns the name of the protocol used for the connection B<ssl>. =head1 RETURN VALUES @@ -31,7 +31,15 @@ =item TLSv1 -The connection uses the TLSv1 protocol. +The connection uses the TLSv1.0 protocol. + +=item TLSv1.1 + +The connection uses the TLSv1.1 protocol. + +=item TLSv1.2 + +The connection uses the TLSv1.2 protocol. =item unknown
signature.asc
Description: PGP signature
