CVSROOT: /cvs
Module name: src
Changes by: t...@cvs.openbsd.org 2025/04/30 07:50:50
Modified files:
lib/libssl : ssl_tlsext.c
Log message:
tlsext: stop sending SNI before ALPN in clients
All supported releases of LibreSSL ensure that the corresponding callbacks
are called in a predefined order rather than honoring the order in which a
client sends its extensions. Therefore the ALPN callback for apache-httpd's
virtual host setups can rely on SNI information being available and we no
longer need to work around this on hte client side. Cuts the amount of code
needed for tlsext randomization in half.
ok jsing
