Index: net/socket/ssl_client_socket.h |
diff --git a/net/socket/ssl_client_socket.h b/net/socket/ssl_client_socket.h |
index 11b19a1ec02480d2423187e37a9cb8912367ffa4..b349d6fc9afde77560fe8e546d4b77ade363f08f 100644 |
--- a/net/socket/ssl_client_socket.h |
+++ b/net/socket/ssl_client_socket.h |
@@ -209,10 +209,18 @@ class NET_EXPORT SSLClientSocket : public SSLSocket { |
const SSLConfig& ssl_config, |
ChannelIDService* channel_id_service); |
+ // Determine if there is at least one enabled cipher suite and TLS version |
+ // that is up to Section 9.2 of the HTTP/2 specification. Note that the |
+ // server might still pick an inadequate cipher suite or TLS version. |
+ static bool IsSecurityAdequateForHTTP2( |
+ const SSLConfig& ssl_config, |
+ const std::vector<uint16>& cipher_suites); |
+ |
// Serializes |next_protos| in the wire format for ALPN: protocols are listed |
- // in order, each prefixed by a one-byte length. |
- static std::vector<uint8_t> SerializeNextProtos( |
- const std::vector<std::string>& next_protos); |
+ // in order, each prefixed by a one-byte length. Only advertises HTTP2 if |
+ // adequate cipher suites and TLS are also advertised. |
+ static std::vector<uint8_t> SerializeNextProtos(const SSLConfig& ssl_config, |
+ bool advertise_http2); |
// For unit testing only. |
// Returns the unverified certificate chain as presented by server. |