diff options
author | Todd Short <tshort@akamai.com> | 2016-03-05 08:47:55 -0500 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2016-03-08 09:03:05 -0500 |
commit | 817cd0d52f0462039d1fe60462150be7f59d2002 (patch) | |
tree | dd075e91d6add68a3c4f493db1e66cce11c990a9 /CHANGES | |
parent | f18ce934889a36db42b7988e8acca9ac4f23299f (diff) |
GH787: Fix ALPN
* Perform ALPN after the SNI callback; the SSL_CTX may change due to
that processing
* Add flags to indicate that we actually sent ALPN, to properly error
out if unexpectedly received.
* clean up ssl3_free() no need to explicitly clear when doing memset
* document ALPN functions
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 4 |
1 files changed, 4 insertions, 0 deletions
@@ -4,6 +4,10 @@ Changes between 1.0.2g and 1.1.0 [xx XXX xxxx] + *) Modify behavior of ALPN to invoke callback after SNI/servername + callback, such that updates to the SSL_CTX affect ALPN. + [Todd Short] + *) Changes to the DEFAULT cipherlist: - Prefer (EC)DHE handshakes over plain RSA. - Prefer AEAD ciphers over legacy ciphers. |