1 files changed, 19 insertions, 1 deletions

diff --git a/net/base/ssl_info.h b/net/base/ssl_info.h
index 203b6de..5b637c7 100644
--- a/net/base/ssl_info.h
+++ b/net/base/ssl_info.h
@@ -5,6 +5,8 @@
 #ifndef NET_BASE_SSL_INFO_H_
 #define NET_BASE_SSL_INFO_H_
 
+#include <string>
+
 #include "net/base/cert_status_flags.h"
 #include "net/base/x509_certificate.h"
 
@@ -14,12 +16,25 @@ namespace net {
 // This is really a struct.  All members are public.
 class SSLInfo {
  public:
-  SSLInfo() : cert_status(0), security_bits(-1) { }
+  // Next Protocol Negotiation (NPN) allows a TLS client and server to come to
+  // an agreement about the application level protocol to speak over a
+  // connection.  See also the next_protos field in SSLConfig.
+  enum NextProtoStatus {
+    kNextProtoUnsupported = 0,  // The server doesn't support NPN.
+    kNextProtoNegotiated = 1,   // We agreed on a protocol, see next_proto
+    kNextProtoNoOverlap = 2,    // No protocols in common. We requested
+                                // |next_proto|.
+  };
+
+  SSLInfo() : cert_status(0), security_bits(-1),
+              next_proto_status(kNextProtoUnsupported) { }
 
   void Reset() {
     cert = NULL;
     security_bits = -1;
     cert_status = 0;
+    next_proto.clear();
+    next_proto_status = kNextProtoUnsupported;
   }
 
   bool is_valid() const { return cert != NULL; }
@@ -41,6 +56,9 @@ class SSLInfo {
   // 0 means the connection is not encrypted.
   // -1 means the security strength is unknown.
   int security_bits;
+
+  NextProtoStatus next_proto_status;  // One of kNextProto*
+  std::string next_proto; // The negotiated protocol, if any.
 };
 
 }  // namespace net