ALPN: complete handshake without accepting a client's protocols. (#876) * ALPN: complete handshake without accepting a client's protocols. The callback passed to `SSL_CTX_set_alpn_select_cb` can return `SSL_TLSEXT_ERR_NOACK` to allow the handshake to continue without accepting any of the client's offered protocols. This commit introduces `NO_OVERLAPPING_PROTOCOLS`, which the Python callback passed to `Context.set_alpn_select_callback` can return to achieve the same thing. It does not change the previous meaning of an empty string, which still terminates the handshake. * Update src/OpenSSL/SSL.py Co-Authored-By: Alex Gaynor <alex.gaynor@gmail.com> * Address @alex's review. * Use recorded value in test, fix lint error. * Cover TypeError branch in _ALPNHelper.callback

commit: 5d890a00af541abe379c2eea76ab668080eabff6 [log] [tgz]
author: Mark Williams <mrw@enotuniq.org> Sun Nov 17 19:56:26 2019 -0800
committer: Paul Kehrer <paul.l.kehrer@gmail.com> Mon Nov 18 11:56:26 2019 +0800
tree: e407dc7711d3a095416a30a8810087b7b6a34e37
parent: 079c963ddd4ebfd13a905829bc341dce85d94fbd [diff] [blame]
diff --git a/doc/api/ssl.rst b/doc/api/ssl.rst
index 1c09237..ead1452 100644
--- a/doc/api/ssl.rst
+++ b/doc/api/ssl.rst

@@ -119,6 +119,15 @@
     for details.
 
 
+.. py:data:: NO_OVERLAPPING_PROTOCOLS
+
+    A sentinel value that can be returned by the callback passed to
+    :py:meth:`Context.set_alpn_select_callback` to indicate that
+    the handshake can continue without a specific application protocol.
+
+    .. versionadded:: 19.1
+
+
 .. autofunction:: SSLeay_version
commit	5d890a00af541abe379c2eea76ab668080eabff6	[log] [tgz]
author	Mark Williams <mrw@enotuniq.org>	Sun Nov 17 19:56:26 2019 -0800
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	Mon Nov 18 11:56:26 2019 +0800
tree	e407dc7711d3a095416a30a8810087b7b6a34e37
parent	079c963ddd4ebfd13a905829bc341dce85d94fbd [diff] [blame]