Add an option to disable NPN on a per-SSL basis. Right whether NPN is advertised can only be configured globally on the SSL_CTX. Rather than adding two pointers to each SSL*, add an options bit to disable it so we may plumb in a field trial to disable NPN. Chromium wants to be able to route a bit in to disable NPN, but it uses SSL_CTX incorrectly and has a global one, so it can't disconnect the callback. (That really needs to get fixed. Although it's not clear this necessarily wants to be lifted up to SSL_CTX as far as Chromium's SSLClientSocket is concerned since NPN doesn't interact with the session cache.) BUG=526713 Change-Id: I49c86828b963eb341c6ea6a442557b7dfa190ed3 Reviewed-on: https://boringssl-review.googlesource.com/6351 Reviewed-by: Adam Langley <alangley@gmail.com>

commit: 091c4b98696d0fc5d5e3a7f380d8d18625e08566 [log] [tgz]
author: David Benjamin <davidben@chromium.org> Mon Oct 26 13:33:21 2015 -0400
committer: Adam Langley <alangley@gmail.com> Mon Oct 26 19:56:52 2015 +0000
tree: f5269e36d92f7fc29f00704565d5bb3c845891c8
parent: ff905b09fc498150646e47d0b2340937782aeaa7 [diff] [blame]
diff --git a/ssl/test/test_config.cc b/ssl/test/test_config.cc
index 4e19be6..54492df 100644
--- a/ssl/test/test_config.cc
+++ b/ssl/test/test_config.cc

@@ -97,6 +97,7 @@
   { "-expect-verify-result", &TestConfig::expect_verify_result },
   { "-renegotiate-once", &TestConfig::renegotiate_once },
   { "-renegotiate-freely", &TestConfig::renegotiate_freely },
+  { "-disable-npn", &TestConfig::disable_npn },
 };
 
 const Flag<std::string> kStringFlags[] = {
commit	091c4b98696d0fc5d5e3a7f380d8d18625e08566	[log] [tgz]
author	David Benjamin <davidben@chromium.org>	Mon Oct 26 13:33:21 2015 -0400
committer	Adam Langley <alangley@gmail.com>	Mon Oct 26 19:56:52 2015 +0000
tree	f5269e36d92f7fc29f00704565d5bb3c845891c8
parent	ff905b09fc498150646e47d0b2340937782aeaa7 [diff] [blame]