From 663ff827ed039b3822790ea0503dfde7ca9bf1d9 Mon Sep 17 00:00:00 2001
From: Greg Wilkins <gregw@intalio.com>
Date: Thu, 9 Apr 2015 10:31:45 +1000
Subject: [PATCH] Blacklist ciphers only for h2-16 and later

---
 .../jetty/http2/server/HTTP2ServerConnectionFactory.java    | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/jetty-http2/http2-server/src/main/java/org/eclipse/jetty/http2/server/HTTP2ServerConnectionFactory.java b/jetty-http2/http2-server/src/main/java/org/eclipse/jetty/http2/server/HTTP2ServerConnectionFactory.java
index 6065219ef62..147a7066253 100644
--- a/jetty-http2/http2-server/src/main/java/org/eclipse/jetty/http2/server/HTTP2ServerConnectionFactory.java
+++ b/jetty-http2/http2-server/src/main/java/org/eclipse/jetty/http2/server/HTTP2ServerConnectionFactory.java
@@ -64,8 +64,12 @@ public class HTTP2ServerConnectionFactory extends AbstractHTTP2ServerConnectionF
     @Override
     public boolean isAcceptable(String protocol, String tlsProtocol, String tlsCipher)
     {
+        // TODO remove this draft protection
+        if ("h2-14".equals(protocol))
+            return true;
+        
         // Implement 9.2.2
-        return !HTTP2Cipher.isBlackListProtocol(tlsProtocol) || !HTTP2Cipher.isBlackListCipher(tlsCipher);
+        return !(HTTP2Cipher.isBlackListProtocol(tlsProtocol) && HTTP2Cipher.isBlackListCipher(tlsCipher));
     }
 
     public class HTTPServerSessionListener extends ServerSessionListener.Adapter implements Stream.Listener