*
* All these functions return nonzero on success. Zero will terminate
* the handshake (and return a specific TLS Fatal alert, if the function
- * declaration has an "al" parameter).
+ * declaration has an "al" parameter). -1 for the "sending" functions
+ * will cause the TLS Extension to be omitted.
*
* "ext_type" is a TLS "ExtensionType" from 0-65535.
* "in" is a pointer to TLS "extension_data" being provided to the cb.
*
* For the server functions, a NULL custom_srv_ext_first_cb_fn means the
* ClientHello extension's data will be ignored, but the extension will still
- * be noted and custom_srv_ext_second_cb_fn will still be invoked. If
- * custom_srv_ext_second_cb_fn is NULL, an empty ServerHello extension is
- * sent.
+ * be noted and custom_srv_ext_second_cb_fn will still be invoked. A NULL
+ * custom_srv_ext_second_cb doesn't send a ServerHello extension.
*/
int SSL_CTX_set_custom_cli_ext(SSL_CTX *ctx, unsigned short ext_type,
custom_cli_ext_first_cb_fn fn1,
#define SSL_R_INVALID_COMPRESSION_ALGORITHM 341
#define SSL_R_INVALID_NULL_CMD_NAME 385
#define SSL_R_INVALID_PURPOSE 278
-#define SSL_R_INVALID_SERVERINFO_DATA 388
+#define SSL_R_INVALID_SERVERINFO_DATA 389
#define SSL_R_INVALID_SRP_USERNAME 357
#define SSL_R_INVALID_STATUS_RESPONSE 328
#define SSL_R_INVALID_TICKET_KEYS_LENGTH 325
#define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
+#define SSL_R_TOO_MANY_EMPTY_FRAGMENTS 388
#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235
#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236
#define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313
projects / openssl.git / blobdiff