Disable HTTP/2 over NPN (with OpenSSL).

net/ssl/ssl_config.h

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_SSL_SSL_CONFIG_H_
 #define NET_SSL_SSL_CONFIG_H_
 
 #include <stdint.h>
 
 #include "base/memory/ref_counted.h"
@@ skipping 136 matching lines @@
                           // version (one still needs to decrement
                           // version_max).
 
   // If cert_io_enabled is false, then certificate verification will not
   // result in additional HTTP requests. (For example: to fetch missing
   // intermediates or to perform OCSP/CRL fetches.) It also implies that online
   // revocation checking is disabled.
   // NOTE: Only used by NSS.
   bool cert_io_enabled;
 
-  // The list of supported application level protocols supported in decreasing
-  // order of preference.  For ALPN (Application Layer Protocol Negotation),
-  // protocols will be advertised in this order.  For NPN (Next Protocol
-  // Negotiation), the last item on the list is selected if there is no overlap
-  // between |next_protos| and the protocols supported by the server, otherwise
-  // server preference is observed and the order of |next_protos| is irrelevant.
-  NextProtoVector next_protos;
+  // The list of application level protocols supported with ALPN (Application
+  // Layer Protocol Negotation), in decreasing order of preference.  Protocols
+  // will be advertised in this order during TLS handshake.
+  NextProtoVector alpn_protos;
+
+  // The list of application level protocols supported with NPN (Next Protocol
+  // Negotiation).  The last item on the list is selected if there is no overlap
+  // between |npn_protos| and the protocols supported by the server, otherwise
+  // server preference is observed and the order of |npn_protos| is irrelevant.
+  // TODO(bnc): Deprecate NPN, see https://crbug.com/526713.

[davidben, 2015/10/13 20:55:59]

I would add in a new paragraph.

// Note: Due to NSS limitations, ports which use NSS (only iOS) will use
|alpn_protos| for both NPN and ALPN. However, if |npn_protos| is empty, NPN will
still be disabled.

[Bence, 2015/10/14 14:55:59]

Done.

+  NextProtoVector npn_protos;
 
   // True if renegotiation should be allowed for the default application-level
   // protocol when the peer negotiates neither ALPN nor NPN.
   bool renego_allowed_default;
 
   // The list of application-level protocols to enable renegotiation for.
   NextProtoVector renego_allowed_for_protos;
 
   scoped_refptr<X509Certificate> client_cert;
 };
 
 }  // namespace net
 
 #endif  // NET_SSL_SSL_CONFIG_H_