Follow BoringSSL's nomenclature in SSL_select_next_proto() - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2024-07-11 13:48:52 +0000
committer	tb <>	2024-07-11 13:48:52 +0000
commit	5260b37984fa00e9dd3c39361386fef0634a29dd (patch)
tree	947607486d185911b8a164dcc91eb9258875c27a /src/lib/libssl/man
parent	aaeb6af9ab85685268769224ce8866d0f7a3a0a6 (diff)
download	openbsd-5260b37984fa00e9dd3c39361386fef0634a29dd.tar.gz openbsd-5260b37984fa00e9dd3c39361386fef0634a29dd.tar.bz2 openbsd-5260b37984fa00e9dd3c39361386fef0634a29dd.zip

Follow BoringSSL's nomenclature in SSL_select_next_proto()

SSL_select_next_poto() was written with NPN in mind. NPN has a weird fallback mechanism which is baked into the API. This is makes no sense for ALPN, where the API behavior is undesirable since it a server should not end up choosing a protocol it doesn't (want to) support. Arguably, ALPN should simply have had its own API for protocol selection supporting the proper semantics, instead of shoehorning an NPN API into working for ALPN. Commit https://boringssl-review.googlesource.com/c/boringssl/+/17206/ renamed the arguments to work for both NPN and ALPN, with the slight downside of honoring client preference instead of the SHOULD in RFC 7301, section 3.2. This grates for most consumers in the wild, but so be it. The behavior is saner and safer. discussed with davidben ok beck

Diffstat (limited to 'src/lib/libssl/man')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: