From 94714ec341cc278db386fd998b8dd7a2aa4180bb Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Fri, 5 Jul 2019 18:07:14 +0300
Subject: [PATCH] OpenSSL: Add tls_connection_get_cipher_suite()

This can be used to fetch the 16-bit TLS cipher suite identifier.

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 src/crypto/tls.h         |  7 +++++++
 src/crypto/tls_openssl.c | 11 +++++++++++
 2 files changed, 18 insertions(+)

diff --git a/src/crypto/tls.h b/src/crypto/tls.h
index e199187e8..3e7e9c750 100644
--- a/src/crypto/tls.h
+++ b/src/crypto/tls.h
@@ -659,4 +659,11 @@ void tls_connection_remove_session(struct tls_connection *conn);
  */
 int tls_get_tls_unique(struct tls_connection *conn, u8 *buf, size_t max_len);
 
+/**
+ * tls_connection_get_cipher_suite - Get current TLS cipher suite
+ * @conn: Connection context data from tls_connection_init()
+ * Returns: TLS cipher suite of the current connection or 0 on error
+ */
+u16 tls_connection_get_cipher_suite(struct tls_connection *conn);
+
 #endif /* TLS_H */
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index cc96a582c..19271d3d6 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -5354,3 +5354,14 @@ int tls_get_tls_unique(struct tls_connection *conn, u8 *buf, size_t max_len)
 
 	return len;
 }
+
+
+u16 tls_connection_get_cipher_suite(struct tls_connection *conn)
+{
+	const SSL_CIPHER *cipher;
+
+	cipher = SSL_get_current_cipher(conn->ssl);
+	if (!cipher)
+		return 0;
+	return SSL_CIPHER_get_protocol_id(cipher);
+}