perform sanity checks on server certificate type as soon as it is received instead of waiting until server key exchange
diff --git a/ssl/ssl.h b/ssl/ssl.h
index c5d4504..857cbf0 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -2800,6 +2800,7 @@
 #define SSL_R_UNSUPPORTED_STATUS_TYPE			 329
 #define SSL_R_USE_SRTP_NOT_NEGOTIATED			 369
 #define SSL_R_WRITE_BIO_NOT_SET				 260
+#define SSL_R_WRONG_CERTIFICATE_TYPE			 383
 #define SSL_R_WRONG_CIPHER_RETURNED			 261
 #define SSL_R_WRONG_CURVE				 378
 #define SSL_R_WRONG_MESSAGE_TYPE			 262