@@ -501,10 +501,11 @@
  *
  * ALPN Callback for Servers --
  *
  *	Perform server-side protocol (http/1.1, h2, h3, etc.) selection for the
  *	incoming connection. Called after Hello and server callbacks
+ *	Where 'out' is selected protocol and 'in' is the peer advertised list.
  *
  * Results:
  *	None
  *
  * Side effects:
@@ -527,24 +528,26 @@
     Tcl_Obj *cmdPtr;
     int code, res;
 
     dprintf("Called");
 
-    if (statePtr->callback == (Tcl_Obj*)NULL) {
-	return SSL_TLSEXT_ERR_OK;
-    } else if (ssl == NULL) {
+    if (ssl == NULL || arg == NULL) {
 	return SSL_TLSEXT_ERR_NOACK;
     }
 
     /* Select protocol */
     if (SSL_select_next_proto(out, outlen, statePtr->protos, statePtr->protos_len,
 	in, inlen) == OPENSSL_NPN_NEGOTIATED) {
 	res = SSL_TLSEXT_ERR_OK;
     } else {
-	/* No overlap, so first client protocol used */
+	/* No overlap, so use first client protocol */
 	res = SSL_TLSEXT_ERR_NOACK;
     }
+
+    if (statePtr->callback == (Tcl_Obj*)NULL) {
+	return SSL_TLSEXT_ERR_OK;
+    }
 
     cmdPtr = Tcl_DuplicateObj(statePtr->callback);
     Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj("alpn", -1));
     Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj(*out, -1));
 
@@ -600,20 +603,22 @@
     int code;
     char *servername = NULL;
 
     dprintf("Called");
 
-    if (statePtr->callback == (Tcl_Obj*)NULL) {
-	return SSL_TLSEXT_ERR_OK;
-    } else if (ssl == NULL) {
+    if (ssl == NULL || arg == NULL) {
 	return SSL_TLSEXT_ERR_NOACK;
     }
 
     servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
     if (!servername || servername[0] == '\0') {
         return SSL_TLSEXT_ERR_NOACK;
     }
+
+    if (statePtr->callback == (Tcl_Obj*)NULL) {
+	return SSL_TLSEXT_ERR_OK;
+    }
 
     cmdPtr = Tcl_DuplicateObj(statePtr->callback);
     Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj("sni", -1));
     Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj(servername , -1));
 
@@ -673,11 +678,11 @@
 
     dprintf("Called");
 
     if (statePtr->callback == (Tcl_Obj*)NULL) {
 	return SSL_CLIENT_HELLO_SUCCESS;
-    } else if (ssl == NULL) {
+    } else if (ssl == NULL || arg == NULL) {
 	return SSL_CLIENT_HELLO_ERROR;
     }
 
     /* Get names */
     if (!SSL_client_hello_get0_ext(ssl, TLSEXT_TYPE_server_name, &p, &remaining) || remaining <= 2) {
@@ -1354,14 +1359,16 @@
     statePtr->p_bio	= BIO_new_tcl(statePtr, BIO_NOCLOSE);
     statePtr->bio	= BIO_new(BIO_f_ssl());
 
     if (server) {
 	/* Server callbacks */
-	SSL_CTX_set_alpn_select_cb(statePtr->ctx, ALPNCallback, (void *)statePtr);
 	SSL_CTX_set_tlsext_servername_arg(statePtr->ctx, (void *)statePtr);
 	SSL_CTX_set_tlsext_servername_callback(statePtr->ctx, SNICallback);
 	SSL_CTX_set_client_hello_cb(statePtr->ctx, HelloCallback, (void *)statePtr);
+	if (statePtr->protos != NULL) {
+	    SSL_CTX_set_alpn_select_cb(statePtr->ctx, ALPNCallback, (void *)statePtr);
+	}
 
 	/* Enable server to send cert request after handshake (TLS 1.3 only) */
 	if (request && post_handshake) {
 	    SSL_verify_client_post_handshake(statePtr->ssl);
 	}
@@ -1592,11 +1599,11 @@
 
     SSL_CTX_set_app_data(ctx, (void*)interp);	/* remember the interpreter */
     SSL_CTX_set_options(ctx, SSL_OP_ALL);	/* all SSL bug workarounds */
     SSL_CTX_set_options(ctx, off);		/* disable protocol versions */
 #if OPENSSL_VERSION_NUMBER < 0x10101000L
-    SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);	/* handle new handshakes in background */
+    SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);	/* handle new handshakes in background. On by default in OpenSSL 1.1.1. */
 #endif
     SSL_CTX_sess_set_cache_size(ctx, 128);
 
     /* Set user defined ciphers, cipher suites, and security level */
     if ((ciphers != NULL) && !SSL_CTX_set_cipher_list(ctx, ciphers)) {