Linux: add next-protocol-negotiation to libssl.

This is an experimental, client only implementation of
next-protocol-negotiation:

http://www.imperialviolet.org/binary/draft-agl-tls-nextprotoneg-00.html

This only affects the internal copy of libssl and is only active when
built with use_system_ssl=0, which is not currently the default.

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@33327 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 10 insertions, 1 deletions

diff --git a/net/base/ssl_config_service.h b/net/base/ssl_config_service.h
index a4d3cb4..45c1fc6 100644
--- a/net/base/ssl_config_service.h
+++ b/net/base/ssl_config_service.h
@@ -18,7 +18,8 @@ struct SSLConfig {
   // Default to SSL 2.0 off, SSL 3.0 on, and TLS 1.0 on.
   SSLConfig()
       : rev_checking_enabled(true),  ssl2_enabled(false), ssl3_enabled(true),
-        tls1_enabled(true), send_client_cert(false), verify_ev_cert(false) {
+        tls1_enabled(true), send_client_cert(false), verify_ev_cert(false),
+        next_protos("\007http1.1") {
   }
 
   bool rev_checking_enabled;  // True if server certificate revocation
@@ -57,6 +58,14 @@ struct SSLConfig {
 
   bool verify_ev_cert;  // True if we should verify the certificate for EV.
 
+  // The list of application level protocols supported. If set, this will
+  // enable Next Protocol Negotiation (if supported). This is a list of 8-bit
+  // length prefixed strings. The order of the protocols doesn't matter expect
+  // for one case: if the server supports Next Protocol Negotiation, but there
+  // is no overlap between the server's and client's protocol sets, then the
+  // first protocol in this list will be requested by the client.
+  std::string next_protos;
+
   scoped_refptr<X509Certificate> client_cert;
 };