diff options
Diffstat (limited to 'lib/vtls')
-rw-r--r-- | lib/vtls/gtls.c | 6 | ||||
-rw-r--r-- | lib/vtls/nss.c | 1 | ||||
-rw-r--r-- | lib/vtls/openssl.c | 5 | ||||
-rw-r--r-- | lib/vtls/polarssl.c | 4 | ||||
-rw-r--r-- | lib/vtls/schannel.c | 1 | ||||
-rw-r--r-- | lib/vtls/sectransp.c | 1 |
6 files changed, 1 insertions, 17 deletions
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 40e61c701..639fa58e2 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -1762,12 +1762,6 @@ static int Curl_gtls_seed(struct Curl_easy *data) if(!ssl_seeded || data->set.str[STRING_SSL_RANDOM_FILE] || data->set.str[STRING_SSL_EGDSOCKET]) { - - /* TODO: to a good job seeding the RNG - This may involve the gcry_control function and these options: - GCRYCTL_SET_RANDOM_SEED_FILE - GCRYCTL_SET_RNDEGD_SOCKET - */ ssl_seeded = TRUE; } return 0; diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c index dd563f035..491def106 100644 --- a/lib/vtls/nss.c +++ b/lib/vtls/nss.c @@ -1831,7 +1831,6 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex) /* list of all NSS objects we need to destroy in Curl_nss_close() */ Curl_llist_init(&BACKEND->obj_list, nss_destroy_object); - /* FIXME. NSS doesn't support multiple databases open at the same time. */ PR_Lock(nss_initlock); result = nss_init(conn->data); if(result) { diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 9b1b5d3be..df4553423 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -3227,11 +3227,6 @@ static CURLcode get_cert_chain(struct connectdata *conn, #endif break; } -#if 0 - case EVP_PKEY_EC: /* symbol not present in OpenSSL 0.9.6 */ - /* left TODO */ - break; -#endif } EVP_PKEY_free(pubkey); } diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c index a059e50ee..7ea26b442 100644 --- a/lib/vtls/polarssl.c +++ b/lib/vtls/polarssl.c @@ -911,9 +911,7 @@ const struct Curl_ssl Curl_ssl_polarssl = { Curl_none_check_cxn, /* check_cxn */ Curl_none_shutdown, /* shutdown */ Curl_polarssl_data_pending, /* data_pending */ - /* This might cause libcurl to use a weeker random! - * TODO: use Polarssl's CTR-DRBG or HMAC-DRBG - */ + /* This might cause libcurl to use a weeker random! */ Curl_none_random, /* random */ Curl_none_cert_status_request, /* cert_status_request */ Curl_polarssl_connect, /* connect */ diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 1f036249b..2480bbbe3 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -523,7 +523,6 @@ schannel_connect_step1(struct connectdata *conn, int sockindex) #endif schannel_cred.dwFlags = SCH_CRED_AUTO_CRED_VALIDATION; - /* TODO s/data->set.ssl.no_revoke/SSL_SET_OPTION(no_revoke)/g */ if(data->set.ssl.no_revoke) { schannel_cred.dwFlags |= SCH_CRED_IGNORE_NO_REVOCATION_CHECK | SCH_CRED_IGNORE_REVOCATION_OFFLINE; diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c index 80f38692f..ef618a471 100644 --- a/lib/vtls/sectransp.c +++ b/lib/vtls/sectransp.c @@ -1903,7 +1903,6 @@ static CURLcode sectransp_connect_step1(struct connectdata *conn, /* We want to enable 1/n-1 when using a CBC cipher unless the user specifically doesn't want us doing that: */ if(SSLSetSessionOption != NULL) { - /* TODO s/data->set.ssl.enable_beast/SSL_SET_OPTION(enable_beast)/g */ SSLSetSessionOption(BACKEND->ssl_ctx, kSSLSessionOptionSendOneByteRecord, !data->set.ssl.enable_beast); SSLSetSessionOption(BACKEND->ssl_ctx, kSSLSessionOptionFalseStart, |