Add changes.md entry noting the limitations of recursive SSL calls

QUIC can't currently make recursive SSL calls, as it potentially results
in deadlock

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26361)

diff --git a/CHANGES.md b/CHANGES.md
index 88989b0dee1f125308e6dfb42b44d62527de2df6..a9adbb4e3ef7ab1710bd7a0e4494b7eaa64e55d5 100644 (file)
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -30,6 +30,15 @@ OpenSSL 3.5
 
 ### Changes between 3.4 and 3.5 [xx XXX xxxx]
 
+* Added support for a new callback registration SSL_CTX_set_new_pending_conn_cb,
+  which allows for application notification of new connection SSL object
+  creation, which occurs independently of calls to SSL_accept_connection().
+  Note: QUIC objects passed through SSL callbacks should not have their state
+  mutated via calls back into the SSL api until such time as they have been
+  received via a call to SSL_accept_connection().
+
+  *Neil Horman*
+
 * ML-KEM as specified in FIPS 203.
 
   Based on the original implementation in BoringSSL, ported from C++ to C,