boringssl

History

David Benjamin 091c4b9869 Add an option to disable NPN on a per-SSL basis. Right whether NPN is advertised can only be configured globally on the SSL_CTX. Rather than adding two pointers to each SSL*, add an options bit to disable it so we may plumb in a field trial to disable NPN. Chromium wants to be able to route a bit in to disable NPN, but it uses SSL_CTX incorrectly and has a global one, so it can't disconnect the callback. (That really needs to get fixed. Although it's not clear this necessarily wants to be lifted up to SSL_CTX as far as Chromium's SSLClientSocket is concerned since NPN doesn't interact with the session cache.) BUG=526713 Change-Id: I49c86828b963eb341c6ea6a442557b7dfa190ed3 Reviewed-on: https://boringssl-review.googlesource.com/6351 Reviewed-by: Adam Langley <alangley@gmail.com>	2015-10-26 19:56:52 +00:00
..
openssl	Add an option to disable NPN on a per-SSL basis.	2015-10-26 19:56:52 +00:00

David Benjamin 091c4b9869 Add an option to disable NPN on a per-SSL basis.

Right whether NPN is advertised can only be configured globally on the SSL_CTX.
Rather than adding two pointers to each SSL*, add an options bit to disable it
so we may plumb in a field trial to disable NPN.

Chromium wants to be able to route a bit in to disable NPN, but it uses SSL_CTX
incorrectly and has a global one, so it can't disconnect the callback. (That
really needs to get fixed. Although it's not clear this necessarily wants to be
lifted up to SSL_CTX as far as Chromium's SSLClientSocket is concerned since
NPN doesn't interact with the session cache.)

BUG=526713

Change-Id: I49c86828b963eb341c6ea6a442557b7dfa190ed3
Reviewed-on: https://boringssl-review.googlesource.com/6351
Reviewed-by: Adam Langley <alangley@gmail.com>

2015-10-26 19:56:52 +00:00

openssl

Add an option to disable NPN on a per-SSL basis.

2015-10-26 19:56:52 +00:00