Fix ssl_read wrt non-Application Data

commit: 9711920304f0bab506fc52ccc35b8059cce8d042 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu Oct 23 15:29:55 2014 +0200
committer: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu Oct 23 15:29:55 2014 +0200
tree: 99d93f43ce673e2fa1e013040737c544dd22cb29
parent: 3fdfcedebb222643935e06e6e4712c481c3282ac [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 9d0821c..7e47c45 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -16,10 +16,14 @@
    * Fix compiler warnings on iOS (found by Sander Niemeijer).
    * Don't print uninitialised buffer in ssl_mail_client (found by Marc Abel).
    * Fix net_accept() regarding non-blocking sockets (found by Luca Pesce).
+   * ssl_read() could return non-application data records on server while
+     renegotation was pending, and on client when a HelloRequest was received.
 
 Changes
    * X.509 certificates with more than one AttributeTypeAndValue per
      RelativeDistinguishedName are not accepted any more.
+   * ssl_read() now returns POLARSSL_ERR_NET_WANT_READ rather than
+     POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE on harmless alerts.
 
 = Version 1.2.11 released 2014-07-11
 Features
commit	9711920304f0bab506fc52ccc35b8059cce8d042	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Thu Oct 23 15:29:55 2014 +0200
committer	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Thu Oct 23 15:29:55 2014 +0200
tree	99d93f43ce673e2fa1e013040737c544dd22cb29
parent	3fdfcedebb222643935e06e6e4712c481c3282ac [diff] [blame]