Only return VERIFY_FAILED from a single point

Everything else is a fatal error. Also improve documentation about that for
the vrfy callback.
diff --git a/ChangeLog b/ChangeLog
index 9bf6a17..d35457b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,9 @@
    * Certificate verification functions now set flags to -1 in case the full
      chain was not verified due to an internal error (including in the verify
      callback) or chain length limitations.
+   * With authmode set to optional, handshake is now aborted if the
+     verification of the peer's certificate failed due to an overlong chain or
+     a fatal error in the vrfy callback.
 
 = mbed TLS 2.5.1 released 2017-06-21