OLD | NEW |
| (Empty) |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef NET_SSL_SSL_CONNECTION_STATUS_FLAGS_H_ | |
6 #define NET_SSL_SSL_CONNECTION_STATUS_FLAGS_H_ | |
7 | |
8 #include "base/logging.h" | |
9 #include "base/macros.h" | |
10 | |
11 namespace net { | |
12 | |
13 // Status flags for SSLInfo::connection_status. | |
14 enum { | |
15 // The lower 16 bits are reserved for the TLS ciphersuite id. | |
16 SSL_CONNECTION_CIPHERSUITE_MASK = 0xffff, | |
17 | |
18 // The next two bits are reserved for the compression used. | |
19 SSL_CONNECTION_COMPRESSION_SHIFT = 16, | |
20 SSL_CONNECTION_COMPRESSION_MASK = 3, | |
21 | |
22 // We fell back to an older protocol version for this connection. | |
23 SSL_CONNECTION_VERSION_FALLBACK = 1 << 18, | |
24 | |
25 // The server doesn't support the renegotiation_info extension. If this bit | |
26 // is not set then either the extension isn't supported, or we don't have any | |
27 // knowledge either way. (The latter case will occur when we use an SSL | |
28 // library that doesn't report it, like SChannel.) | |
29 SSL_CONNECTION_NO_RENEGOTIATION_EXTENSION = 1 << 19, | |
30 | |
31 // The next three bits are reserved for the SSL version. | |
32 SSL_CONNECTION_VERSION_SHIFT = 20, | |
33 SSL_CONNECTION_VERSION_MASK = 7, | |
34 | |
35 // 1 << 31 (the sign bit) is reserved so that the SSL connection status will | |
36 // never be negative. | |
37 }; | |
38 | |
39 // NOTE: the SSL version enum constants must be between 0 and | |
40 // SSL_CONNECTION_VERSION_MASK, inclusive. | |
41 enum { | |
42 SSL_CONNECTION_VERSION_UNKNOWN = 0, // Unknown SSL version. | |
43 SSL_CONNECTION_VERSION_SSL2 = 1, | |
44 SSL_CONNECTION_VERSION_SSL3 = 2, | |
45 SSL_CONNECTION_VERSION_TLS1 = 3, | |
46 SSL_CONNECTION_VERSION_TLS1_1 = 4, | |
47 SSL_CONNECTION_VERSION_TLS1_2 = 5, | |
48 // Reserve 6 for TLS 1.3. | |
49 SSL_CONNECTION_VERSION_QUIC = 7, | |
50 SSL_CONNECTION_VERSION_MAX, | |
51 }; | |
52 static_assert(SSL_CONNECTION_VERSION_MAX - 1 <= SSL_CONNECTION_VERSION_MASK, | |
53 "SSL_CONNECTION_VERSION_MASK too small"); | |
54 | |
55 inline uint16 SSLConnectionStatusToCipherSuite(int connection_status) { | |
56 return static_cast<uint16>(connection_status); | |
57 } | |
58 | |
59 inline int SSLConnectionStatusToVersion(int connection_status) { | |
60 return (connection_status >> SSL_CONNECTION_VERSION_SHIFT) & | |
61 SSL_CONNECTION_VERSION_MASK; | |
62 } | |
63 | |
64 inline void SSLConnectionStatusSetCipherSuite(uint16 cipher_suite, | |
65 int* connection_status) { | |
66 // Clear out the old ciphersuite. | |
67 *connection_status &= ~SSL_CONNECTION_CIPHERSUITE_MASK; | |
68 // Set the new ciphersuite. | |
69 *connection_status |= cipher_suite; | |
70 } | |
71 | |
72 inline void SSLConnectionStatusSetVersion(int version, int* connection_status) { | |
73 DCHECK_GT(version, 0); | |
74 DCHECK_LT(version, SSL_CONNECTION_VERSION_MAX); | |
75 | |
76 // Clear out the old version. | |
77 *connection_status &= | |
78 ~(SSL_CONNECTION_VERSION_MASK << SSL_CONNECTION_VERSION_SHIFT); | |
79 // Set the new version. | |
80 *connection_status |= | |
81 ((version & SSL_CONNECTION_VERSION_MASK) << SSL_CONNECTION_VERSION_SHIFT); | |
82 } | |
83 | |
84 } // namespace net | |
85 | |
86 #endif // NET_SSL_SSL_CONNECTION_STATUS_FLAGS_H_ | |
OLD | NEW |