diff options
| author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-11-30 20:40:53 +0000 |
|---|---|---|
| committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-11-30 20:40:53 +0000 |
| commit | 644bdcae0edf0cfa3ac9644edf3b52a0d3162489 (patch) | |
| tree | 64b3ab5519929c10d59e3b58f4415ffdafcde2c8 /net/base/ssl_info.h | |
| parent | 48f619d8bd9a264f14ce4b62a935e05df015432b (diff) | |
| download | chromium_src-644bdcae0edf0cfa3ac9644edf3b52a0d3162489.zip chromium_src-644bdcae0edf0cfa3ac9644edf3b52a0d3162489.tar.gz chromium_src-644bdcae0edf0cfa3ac9644edf3b52a0d3162489.tar.bz2 | |
Linux: add next-protocol-negotiation to libssl.
This is an experimental, client only implementation of
next-protocol-negotiation:
http://www.imperialviolet.org/binary/draft-agl-tls-nextprotoneg-00.html
This only affects the internal copy of libssl and is only active when
built with use_system_ssl=0, which is not currently the default.
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@33327 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/ssl_info.h')
| -rw-r--r-- | net/base/ssl_info.h | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/net/base/ssl_info.h b/net/base/ssl_info.h index 203b6de..5b637c7 100644 --- a/net/base/ssl_info.h +++ b/net/base/ssl_info.h @@ -5,6 +5,8 @@ #ifndef NET_BASE_SSL_INFO_H_ #define NET_BASE_SSL_INFO_H_ +#include <string> + #include "net/base/cert_status_flags.h" #include "net/base/x509_certificate.h" @@ -14,12 +16,25 @@ namespace net { // This is really a struct. All members are public. class SSLInfo { public: - SSLInfo() : cert_status(0), security_bits(-1) { } + // Next Protocol Negotiation (NPN) allows a TLS client and server to come to + // an agreement about the application level protocol to speak over a + // connection. See also the next_protos field in SSLConfig. + enum NextProtoStatus { + kNextProtoUnsupported = 0, // The server doesn't support NPN. + kNextProtoNegotiated = 1, // We agreed on a protocol, see next_proto + kNextProtoNoOverlap = 2, // No protocols in common. We requested + // |next_proto|. + }; + + SSLInfo() : cert_status(0), security_bits(-1), + next_proto_status(kNextProtoUnsupported) { } void Reset() { cert = NULL; security_bits = -1; cert_status = 0; + next_proto.clear(); + next_proto_status = kNextProtoUnsupported; } bool is_valid() const { return cert != NULL; } @@ -41,6 +56,9 @@ class SSLInfo { // 0 means the connection is not encrypted. // -1 means the security strength is unknown. int security_bits; + + NextProtoStatus next_proto_status; // One of kNextProto* + std::string next_proto; // The negotiated protocol, if any. }; } // namespace net |