mirror of
https://github.com/openssl/openssl.git
synced 2024-12-18 14:33:42 +08:00
Fix some out of date comments
Fix various references to s3_clnt.c and s3_srvr.c which don't exist any more. GitHub Issue #765 Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
parent
2647e2617e
commit
d4d7894379
@ -434,13 +434,13 @@ int ssl_get_new_session(SSL *s, int session)
|
||||
* Note that:
|
||||
* (a) ssl_get_prev_session() does lookahead into the
|
||||
* ClientHello extensions to find the session ticket.
|
||||
* When ssl_get_prev_session() fails, s3_srvr.c calls
|
||||
* ssl_get_new_session() in ssl3_get_client_hello().
|
||||
* When ssl_get_prev_session() fails, statem_srvr.c calls
|
||||
* ssl_get_new_session() in tls_process_client_hello().
|
||||
* At that point, it has not yet parsed the extensions,
|
||||
* however, because of the lookahead, it already knows
|
||||
* whether a ticket is expected or not.
|
||||
*
|
||||
* (b) s3_clnt.c calls ssl_get_new_session() before parsing
|
||||
* (b) statem_clnt.c calls ssl_get_new_session() before parsing
|
||||
* ServerHello extensions, and before recording the session
|
||||
* ID received from the server, so this block is a noop.
|
||||
*/
|
||||
|
@ -1352,7 +1352,7 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt)
|
||||
s->session->peer_chain = sk;
|
||||
/*
|
||||
* Inconsistency alert: cert_chain does include the peer's certificate,
|
||||
* which we don't include in s3_srvr.c
|
||||
* which we don't include in statem_srvr.c
|
||||
*/
|
||||
x = sk_X509_value(sk, 0);
|
||||
sk = NULL;
|
||||
|
@ -368,7 +368,7 @@ static int send_certificate_request(SSL *s)
|
||||
&& (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
|
||||
/*
|
||||
* ... except when the application insists on
|
||||
* verification (against the specs, but s3_clnt.c accepts
|
||||
* verification (against the specs, but statem_clnt.c accepts
|
||||
* this for SSL 3)
|
||||
*/
|
||||
|| (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
|
||||
@ -2931,7 +2931,7 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
|
||||
s->session->peer_chain = sk;
|
||||
/*
|
||||
* Inconsistency alert: cert_chain does *not* include the peer's own
|
||||
* certificate, while we do include it in s3_clnt.c
|
||||
* certificate, while we do include it in statem_clnt.c
|
||||
*/
|
||||
sk = NULL;
|
||||
ret = MSG_PROCESS_CONTINUE_READING;
|
||||
|
Loading…
Reference in New Issue
Block a user