net: support ALPN.

net/third_party/nss/ssl/ssl.h

Index: net/third_party/nss/ssl/ssl.h
diff --git a/net/third_party/nss/ssl/ssl.h b/net/third_party/nss/ssl/ssl.h
index 8e9ba249b882ac1c279b5479ae80268c3804b850..de2eada015116826ebe56d55e18550f3c6d32fe3 100644
--- a/net/third_party/nss/ssl/ssl.h
+++ b/net/third_party/nss/ssl/ssl.h
@@ -204,6 +204,9 @@ SSL_IMPORT SECStatus SSL_SetNextProtoCallback(PRFileDesc *fd,
  * protocol in server-preference order. If no matching protocol is found it
  * selects the first supported protocol.
  *
+ * In addition to SSL_SetNextProtoCallback, this allows the client to also
+ * support ALPN.

[Ryan Sleevi, 2013/07/02 00:41:43]

nit: I'm not sure I fully parse this comment. Does this mean
SSL_SetNextProtoCallback *also* supports ALPN? This function is documented as
being an *alternative* to SSL_SetNextProtoCallbac, so the "in addition" is
confusing.

[agl, 2013/07/02 17:43:01]

You're right, that was nonsense.

" * Using this function also allows the client to transparently support ALPN.
 * The same set of protocols will be advertised via ALPN and, if the server
 * uses ALPN to select a protocol, SSL_GetNextProto will return
 * SSL_NEXT_PROTO_SELECTED as the state.
"

+ *
  * The supported protocols are specified in |data| in wire-format (8-bit
  * length-prefixed). For example: "\010http/1.1\006spdy/2". */
 SSL_IMPORT SECStatus SSL_SetNextProtoNego(PRFileDesc *fd,
@@ -213,7 +216,8 @@ SSL_IMPORT SECStatus SSL_SetNextProtoNego(PRFileDesc *fd,
 typedef enum SSLNextProtoState { 
   SSL_NEXT_PROTO_NO_SUPPORT = 0, /* No peer support                */
   SSL_NEXT_PROTO_NEGOTIATED = 1, /* Mutual agreement               */
-  SSL_NEXT_PROTO_NO_OVERLAP = 2  /* No protocol overlap found      */
+  SSL_NEXT_PROTO_NO_OVERLAP = 2, /* No protocol overlap found      */
+  SSL_NEXT_PROTO_SELECTED   = 3, /* Server selected proto (ALPN)   */
 } SSLNextProtoState;
 
 /* SSL_GetNextProto can be used in the HandshakeCallback or any time after