I submitted a patch to support no_application_protocol alert on ALPN
about a year ago.
http://rt.openssl.org/Ticket/Display.html?id=3463
But no one replied me yet.
On 2015/05/29 8:20, Scott Mitchell wrote:
The ALPN RFC [1] states:
In the event that the server supports no protocols that the client
advertises, then the server SHALL respond with a fatal
"no_application_protocol" alert. [2]
This functionality is not yet implemented in OpenSSL. Now that HTTP/2
has be published as a RFC [3], and due to HTTP/2's dependency on ALPN,
it may be good to revisit the issue. The NPN specification is less
specific about what to do in the event of no matching protocols, but
the OpenSSL implementation also does not support failing the
handshake. NPN may be a lower priority than ALPN but it would be nice
to support consistent (as possible) behavior for the two extensions.
This issue was originally raised on github [4].
[1] https://tools.ietf.org/html/rfc7301
[2] https://tools.ietf.org/html/rfc7301#section-3.2
[3] https://tools.ietf.org/html/rfc7540
[4] https://github.com/openssl/openssl/issues/188
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
