aboutsummaryrefslogtreecommitdiff
path: root/lib/vtls
diff options
context:
space:
mode:
Diffstat (limited to 'lib/vtls')
-rw-r--r--lib/vtls/gtls.c6
-rw-r--r--lib/vtls/nss.c1
-rw-r--r--lib/vtls/openssl.c5
-rw-r--r--lib/vtls/polarssl.c4
-rw-r--r--lib/vtls/schannel.c1
-rw-r--r--lib/vtls/sectransp.c1
6 files changed, 1 insertions, 17 deletions
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index 40e61c701..639fa58e2 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -1762,12 +1762,6 @@ static int Curl_gtls_seed(struct Curl_easy *data)
if(!ssl_seeded || data->set.str[STRING_SSL_RANDOM_FILE] ||
data->set.str[STRING_SSL_EGDSOCKET]) {
-
- /* TODO: to a good job seeding the RNG
- This may involve the gcry_control function and these options:
- GCRYCTL_SET_RANDOM_SEED_FILE
- GCRYCTL_SET_RNDEGD_SOCKET
- */
ssl_seeded = TRUE;
}
return 0;
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index dd563f035..491def106 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -1831,7 +1831,6 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex)
/* list of all NSS objects we need to destroy in Curl_nss_close() */
Curl_llist_init(&BACKEND->obj_list, nss_destroy_object);
- /* FIXME. NSS doesn't support multiple databases open at the same time. */
PR_Lock(nss_initlock);
result = nss_init(conn->data);
if(result) {
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 9b1b5d3be..df4553423 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -3227,11 +3227,6 @@ static CURLcode get_cert_chain(struct connectdata *conn,
#endif
break;
}
-#if 0
- case EVP_PKEY_EC: /* symbol not present in OpenSSL 0.9.6 */
- /* left TODO */
- break;
-#endif
}
EVP_PKEY_free(pubkey);
}
diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c
index a059e50ee..7ea26b442 100644
--- a/lib/vtls/polarssl.c
+++ b/lib/vtls/polarssl.c
@@ -911,9 +911,7 @@ const struct Curl_ssl Curl_ssl_polarssl = {
Curl_none_check_cxn, /* check_cxn */
Curl_none_shutdown, /* shutdown */
Curl_polarssl_data_pending, /* data_pending */
- /* This might cause libcurl to use a weeker random!
- * TODO: use Polarssl's CTR-DRBG or HMAC-DRBG
- */
+ /* This might cause libcurl to use a weeker random! */
Curl_none_random, /* random */
Curl_none_cert_status_request, /* cert_status_request */
Curl_polarssl_connect, /* connect */
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index 1f036249b..2480bbbe3 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -523,7 +523,6 @@ schannel_connect_step1(struct connectdata *conn, int sockindex)
#endif
schannel_cred.dwFlags = SCH_CRED_AUTO_CRED_VALIDATION;
- /* TODO s/data->set.ssl.no_revoke/SSL_SET_OPTION(no_revoke)/g */
if(data->set.ssl.no_revoke) {
schannel_cred.dwFlags |= SCH_CRED_IGNORE_NO_REVOCATION_CHECK |
SCH_CRED_IGNORE_REVOCATION_OFFLINE;
diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c
index 80f38692f..ef618a471 100644
--- a/lib/vtls/sectransp.c
+++ b/lib/vtls/sectransp.c
@@ -1903,7 +1903,6 @@ static CURLcode sectransp_connect_step1(struct connectdata *conn,
/* We want to enable 1/n-1 when using a CBC cipher unless the user
specifically doesn't want us doing that: */
if(SSLSetSessionOption != NULL) {
- /* TODO s/data->set.ssl.enable_beast/SSL_SET_OPTION(enable_beast)/g */
SSLSetSessionOption(BACKEND->ssl_ctx, kSSLSessionOptionSendOneByteRecord,
!data->set.ssl.enable_beast);
SSLSetSessionOption(BACKEND->ssl_ctx, kSSLSessionOptionFalseStart,