Fix some out of date comments
Fix various references to s3_clnt.c and s3_srvr.c which don't exist any more. GitHub Issue #765 Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Matt Caswell
parent
2647e2617e
commit
d4d7894379
3 changed files with 6 additions and 6 deletions
|
|
@ -434,13 +434,13 @@ int ssl_get_new_session(SSL *s, int session)
|
||||||
* Note that:
|
* Note that:
|
||||||
* (a) ssl_get_prev_session() does lookahead into the
|
* (a) ssl_get_prev_session() does lookahead into the
|
||||||
* ClientHello extensions to find the session ticket.
|
* ClientHello extensions to find the session ticket.
|
||||||
* When ssl_get_prev_session() fails, s3_srvr.c calls
|
* When ssl_get_prev_session() fails, statem_srvr.c calls
|
||||||
* ssl_get_new_session() in ssl3_get_client_hello().
|
* ssl_get_new_session() in tls_process_client_hello().
|
||||||
* At that point, it has not yet parsed the extensions,
|
* At that point, it has not yet parsed the extensions,
|
||||||
* however, because of the lookahead, it already knows
|
* however, because of the lookahead, it already knows
|
||||||
* whether a ticket is expected or not.
|
* whether a ticket is expected or not.
|
||||||
*
|
*
|
||||||
* (b) s3_clnt.c calls ssl_get_new_session() before parsing
|
* (b) statem_clnt.c calls ssl_get_new_session() before parsing
|
||||||
* ServerHello extensions, and before recording the session
|
* ServerHello extensions, and before recording the session
|
||||||
* ID received from the server, so this block is a noop.
|
* ID received from the server, so this block is a noop.
|
||||||
*/
|
*/
|
||||||
|
|
|
||||||
|
|
@ -1352,7 +1352,7 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt)
|
||||||
s->session->peer_chain = sk;
|
s->session->peer_chain = sk;
|
||||||
/*
|
/*
|
||||||
* Inconsistency alert: cert_chain does include the peer's certificate,
|
* Inconsistency alert: cert_chain does include the peer's certificate,
|
||||||
* which we don't include in s3_srvr.c
|
* which we don't include in statem_srvr.c
|
||||||
*/
|
*/
|
||||||
x = sk_X509_value(sk, 0);
|
x = sk_X509_value(sk, 0);
|
||||||
sk = NULL;
|
sk = NULL;
|
||||||
|
|
|
||||||
|
|
@ -368,7 +368,7 @@ static int send_certificate_request(SSL *s)
|
||||||
&& (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
|
&& (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
|
||||||
/*
|
/*
|
||||||
* ... except when the application insists on
|
* ... except when the application insists on
|
||||||
* verification (against the specs, but s3_clnt.c accepts
|
* verification (against the specs, but statem_clnt.c accepts
|
||||||
* this for SSL 3)
|
* this for SSL 3)
|
||||||
*/
|
*/
|
||||||
|| (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
|
|| (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
|
||||||
|
|
@ -2931,7 +2931,7 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
|
||||||
s->session->peer_chain = sk;
|
s->session->peer_chain = sk;
|
||||||
/*
|
/*
|
||||||
* Inconsistency alert: cert_chain does *not* include the peer's own
|
* Inconsistency alert: cert_chain does *not* include the peer's own
|
||||||
* certificate, while we do include it in s3_clnt.c
|
* certificate, while we do include it in statem_clnt.c
|
||||||
*/
|
*/
|
||||||
sk = NULL;
|
sk = NULL;
|
||||||
ret = MSG_PROCESS_CONTINUE_READING;
|
ret = MSG_PROCESS_CONTINUE_READING;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue