diff options
| author | lloyd <[email protected]> | 2012-07-12 21:25:46 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2012-07-12 21:25:46 +0000 |
| commit | 43836c6fd15a944dce1ca25bb0d019ede3ef75e7 (patch) | |
| tree | a6ea3bd16cb4b4d2ea94428ccafaa2bd54d8ba6a /src/tls/tls_version.h | |
| parent | 71c8f3803819464db90226c22e77f5a13ef2c38d (diff) | |
Changes to version handling in support of DTLS work.
Add a few 'feature tests' to Protocol_Version which helps avoid some
explicit comparisons. Additionally, remove the relational comparisons,
except for operator> which is still used in a few locations.
TLS::Policy has changed and no longer has min_version. The new hook
that replaces it is acceptable_protocol_version, which should return
true if and only if we are willing to negotiate the version
returned. This leads to a somewhat cleaner result and additionally
allows one to do maybe interesting though mostly useless things like
allowing TLS 1.0 or 1.2 but not 1.1.
Fix the version sent in the (unused) DTLS hello verify message.
Diffstat (limited to 'src/tls/tls_version.h')
| -rw-r--r-- | src/tls/tls_version.h | 50 |
1 files changed, 23 insertions, 27 deletions
diff --git a/src/tls/tls_version.h b/src/tls/tls_version.h index 18d9f1674..4d1beb8cb 100644 --- a/src/tls/tls_version.h +++ b/src/tls/tls_version.h @@ -25,7 +25,10 @@ class BOTAN_DLL Protocol_Version SSL_V3 = 0x0300, TLS_V10 = 0x0301, TLS_V11 = 0x0302, - TLS_V12 = 0x0303 + TLS_V12 = 0x0303, + + DTLS_V10 = 0xFEFF, + DTLS_V12 = 0xFEFD }; Protocol_Version() : m_version(0) {} @@ -49,6 +52,11 @@ class BOTAN_DLL Protocol_Version bool valid() const { return (m_version != 0); } /** + * @return true if this is a protocol version we know about + */ + bool known_version() const; + + /** * @return major version of the protocol version */ byte major_version() const { return get_byte(0, m_version); } @@ -64,52 +72,40 @@ class BOTAN_DLL Protocol_Version std::string to_string() const; /** - * @return if this version is equal to other + * @return true iff this is a DTLS version */ - bool operator==(const Protocol_Version& other) const - { - return (m_version == other.m_version); - } + bool is_datagram_protocol() const; /** - * @return if this version is not equal to other + * @return true if this version supports negotiable signature algorithms */ - bool operator!=(const Protocol_Version& other) const - { - return (m_version != other.m_version); - } + bool supports_negotiable_signature_algorithms() const; /** - * @return if this version is later than or equal to other + * @return true if this version uses explicit IVs for block ciphers */ - bool operator>=(const Protocol_Version& other) const - { - return (m_version >= other.m_version); - } + bool supports_explicit_cbc_ivs() const; /** - * @return if this version is later than other + * @return if this version is equal to other */ - bool operator>(const Protocol_Version& other) const + bool operator==(const Protocol_Version& other) const { - return (m_version > other.m_version); + return (m_version == other.m_version); } /** - * @return if this version is earlier than or equal to other + * @return if this version is not equal to other */ - bool operator<=(const Protocol_Version& other) const + bool operator!=(const Protocol_Version& other) const { - return (m_version <= other.m_version); + return (m_version != other.m_version); } /** - * @return if this version is earlier than other + * @return if this version is later than other */ - bool operator<(const Protocol_Version& other) const - { - return (m_version < other.m_version); - } + bool operator>(const Protocol_Version& other) const; private: u16bit m_version; |