diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 3a8b73362..b89d4ed0d 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -995,7 +995,8 @@ typedef int mbedtls_ssl_send_t( void *ctx, * * \note That callback may be either blocking or non-blocking. * - * \param ctx Context for the send callback (typically a file descriptor) + * \param ctx Context for the receive callback (typically a file + * descriptor) * \param buf Buffer to write the received data to * \param len Length of the receive buffer * @@ -1019,7 +1020,7 @@ typedef int mbedtls_ssl_recv_t( void *ctx, * timeout delay expires, or the operation is interrupted by a * signal. * - * \param ctx Context for the send callback (typically a file descriptor) + * \param ctx Context for the receive callback (typically a file descriptor) * \param buf Buffer to write the received data to * \param len Length of the receive buffer * \param timeout Maximum nomber of millisecondes to wait for data @@ -1619,9 +1620,10 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, * want to use \c mbedtls_ssl_conf_psk_cb() instead. * * \note Currently clients can only register one pre-shared key. - * In other words, the servers' idendity hint is ignored. - * Please contact us if you need ability to set multiple PSKs - * on clients and select one based on the identity hint. + * In other words, the servers' identity hint is ignored. + * Support for setting multiple PSKs on clients and selecting + * one based on the identity hint is not a planned feature but + * feedback is welcomed. * * \param conf SSL configuration * \param psk pointer to the pre-shared key diff --git a/library/ssl_cli.c b/library/ssl_cli.c index bf6c22101..52ddf9a92 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -2600,7 +2600,7 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) * * Same goes for the hash in TLS 1.2's signature_algorithms: at this * point we only have one hash available (see comments in - * write_certificate_verify), so let's jsut use what we have. + * write_certificate_verify), so let's just use what we have. * * However, we still minimally parse the message to check it is at least * superficially sane.