commit 5d85fcaa34131f9003c79f6fadd7c5f543af1a9f
author Richard J. Moore <rich@kde.org> Sun Jan 11 17:04:43 2015 +0000
committer Jim Shaver <dcypherd@gmail.com> Wed May 27 17:36:46 2015 -0400
tree 092cf538f2651152e510431d78a8c2daa4b670a1
parent 389f78bc3bfe1862e0c5226a9955ca33e5c4eca8

Add support for querying the negotiated TLS version.

OpenSSL/SSL.py

diff --git a/OpenSSL/SSL.py b/OpenSSL/SSL.py
index e67bd13..2ee0512 100644
--- a/OpenSSL/SSL.py
+++ b/OpenSSL/SSL.py
@@ -1938,6 +1938,17 @@
         return _ffi.buffer(data[0], data_len[0])[:]
 
 
+    def get_protocol_version(self):
+        """
+        Obtain the protocol version of the current connection.
+
+        :returns: The TLS version of the current connection, for example
+            the value for TLS 1.2 would be 0x303.
+        :rtype: :py:class:`int`
+        """
+        version = _lib.SSL_version(self._ssl)
+        return version
+
 
 ConnectionType = Connection
 

OpenSSL/test/test_ssl.py

diff --git a/OpenSSL/test/test_ssl.py b/OpenSSL/test/test_ssl.py
index 1f231c9..7605dc0 100644
--- a/OpenSSL/test/test_ssl.py
+++ b/OpenSSL/test/test_ssl.py
@@ -2745,6 +2745,20 @@
         self.assertEqual(server_cipher_bits, client_cipher_bits)
 
 
+    def test_get_protocol_version(self):
+        """
+        :py:obj:`Connection.get_protocol_version` returns a :py:class:`int`
+        giving the protocol version of the current connection.
+        """
+        server, client = self._loopback()
+        server_protocol_version, client_protocol_version = \
+            server.get_protocol_version(), client.get_protocol_version()
+
+        self.assertIsInstance(server_protocol_version, int)
+        self.assertIsInstance(client_protocol_version, int)
+
+        self.assertEqual(server_protocol_version, client_protocol_version)
+
 
 class ConnectionGetCipherListTests(TestCase):
     """