Set SSL_OP_CIPHER_SERVER_PREFERENCE on QUIC TLS server's SSL_CTX. Protected by FLAGS_quic_restart_flag_quic_tls_prefer_server_cipher_and_curve_list. PiperOrigin-RevId: 351654205 Change-Id: Id2141a38561f49e74bd86d88ec8d44fda628efd6

diff --git a/quic/core/crypto/tls_server_connection.cc b/quic/core/crypto/tls_server_connection.cc
index 6318b39..fcabf72 100644
--- a/quic/core/crypto/tls_server_connection.cc
+++ b/quic/core/crypto/tls_server_connection.cc

@@ -43,6 +43,9 @@
   }
   SSL_CTX_set_select_certificate_cb(
       ssl_ctx.get(), &TlsServerConnection::EarlySelectCertCallback);
+  if (GetQuicRestartFlag(quic_tls_prefer_server_cipher_and_curve_list)) {
+    SSL_CTX_set_options(ssl_ctx.get(), SSL_OP_CIPHER_SERVER_PREFERENCE);
+  }
   return ssl_ctx;
 }
 

diff --git a/quic/core/quic_flags_list.h b/quic/core/quic_flags_list.h
index 96a23a5..8461aa7 100644
--- a/quic/core/quic_flags_list.h
+++ b/quic/core/quic_flags_list.h

@@ -81,4 +81,5 @@
 QUIC_FLAG(FLAGS_quic_restart_flag_quic_testonly_default_false, false)
 QUIC_FLAG(FLAGS_quic_restart_flag_quic_testonly_default_true, true)
 QUIC_FLAG(FLAGS_quic_restart_flag_quic_time_wait_list_support_multiple_cid_v2, false)
+QUIC_FLAG(FLAGS_quic_restart_flag_quic_tls_prefer_server_cipher_and_curve_list, false)
 QUIC_FLAG(FLAGS_quic_restart_flag_quic_use_reference_counted_sesssion_map, true)