Fix some out of date comments

Fix various references to s3_clnt.c and s3_srvr.c which don't exist
any more.

GitHub Issue #765

Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Matt Caswell 2016-05-17 11:51:00 +01:00
parent 2647e2617e
commit d4d7894379
3 changed files with 6 additions and 6 deletions

View file

@ -434,13 +434,13 @@ int ssl_get_new_session(SSL *s, int session)
* Note that:
* (a) ssl_get_prev_session() does lookahead into the
* ClientHello extensions to find the session ticket.
* When ssl_get_prev_session() fails, s3_srvr.c calls
* ssl_get_new_session() in ssl3_get_client_hello().
* When ssl_get_prev_session() fails, statem_srvr.c calls
* ssl_get_new_session() in tls_process_client_hello().
* At that point, it has not yet parsed the extensions,
* however, because of the lookahead, it already knows
* whether a ticket is expected or not.
*
* (b) s3_clnt.c calls ssl_get_new_session() before parsing
* (b) statem_clnt.c calls ssl_get_new_session() before parsing
* ServerHello extensions, and before recording the session
* ID received from the server, so this block is a noop.
*/

View file

@ -1352,7 +1352,7 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt)
s->session->peer_chain = sk;
/*
* Inconsistency alert: cert_chain does include the peer's certificate,
* which we don't include in s3_srvr.c
* which we don't include in statem_srvr.c
*/
x = sk_X509_value(sk, 0);
sk = NULL;

View file

@ -368,7 +368,7 @@ static int send_certificate_request(SSL *s)
&& (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
/*
* ... except when the application insists on
* verification (against the specs, but s3_clnt.c accepts
* verification (against the specs, but statem_clnt.c accepts
* this for SSL 3)
*/
|| (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
@ -2931,7 +2931,7 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
s->session->peer_chain = sk;
/*
* Inconsistency alert: cert_chain does *not* include the peer's own
* certificate, while we do include it in s3_clnt.c
* certificate, while we do include it in statem_clnt.c
*/
sk = NULL;
ret = MSG_PROCESS_CONTINUE_READING;