GH787: Fix ALPN

* Perform ALPN after the SNI callback; the SSL_CTX may change due to that processing * Add flags to indicate that we actually sent ALPN, to properly error out if unexpectedly received. * clean up ssl3_free() no need to explicitly clear when doing memset * document ALPN functions Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org>
author: Todd Short <tshort@akamai.com> 2016-03-05 08:47:55 -0500
committer: Rich Salz <rsalz@openssl.org> 2016-03-08 09:03:05 -0500
commit: 817cd0d52f0462039d1fe60462150be7f59d2002 (patch)
tree: dd075e91d6add68a3c4f493db1e66cce11c990a9 /CHANGES
parent: f18ce934889a36db42b7988e8acca9ac4f23299f (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index f91ba054ed..9ff84fc185 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
 
  Changes between 1.0.2g and 1.1.0  [xx XXX xxxx]
 
+  *) Modify behavior of ALPN to invoke callback after SNI/servername
+     callback, such that updates to the SSL_CTX affect ALPN.
+     [Todd Short]
+
   *) Changes to the DEFAULT cipherlist:
        - Prefer (EC)DHE handshakes over plain RSA.
        - Prefer AEAD ciphers over legacy ciphers.
author	Todd Short <tshort@akamai.com>	2016-03-05 08:47:55 -0500
committer	Rich Salz <rsalz@openssl.org>	2016-03-08 09:03:05 -0500
commit	817cd0d52f0462039d1fe60462150be7f59d2002 (patch)
tree	dd075e91d6add68a3c4f493db1e66cce11c990a9 /CHANGES
parent	f18ce934889a36db42b7988e8acca9ac4f23299f (diff)