summaryrefslogtreecommitdiffstats
path: root/crypto/ocsp
diff options
context:
space:
mode:
authorPauli <pauli@openssl.org>2021-05-31 14:29:34 +1000
committerPauli <pauli@openssl.org>2021-06-02 16:30:15 +1000
commit126e37716fc4c5dc55805b721c38f5ef94c75612 (patch)
tree1d1f071c86188afe0c9b09a4ff69beca9db1a4d4 /crypto/ocsp
parent29cfba8599a649bc70a9414e701c68efceab13a3 (diff)
ocsp: remove TODOs
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15539)
Diffstat (limited to 'crypto/ocsp')
-rw-r--r--crypto/ocsp/ocsp_vfy.c3
1 files changed, 1 insertions, 2 deletions
diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c
index 5e829fa972..7a4a45d537 100644
--- a/crypto/ocsp/ocsp_vfy.c
+++ b/crypto/ocsp/ocsp_vfy.c
@@ -51,12 +51,11 @@ static int ocsp_verify_signer(X509 *signer, int response,
&& X509_get_ext_by_NID(signer, NID_id_pkix_OCSP_noCheck, -1) >= 0)
/*
* Locally disable revocation status checking for OCSP responder cert.
- * Done here for CRLs; TODO should be done also for OCSP-based checks.
+ * Done here for CRLs; should be done also for OCSP-based checks.
*/
X509_VERIFY_PARAM_clear_flags(vp, X509_V_FLAG_CRL_CHECK);
X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_OCSP_HELPER);
X509_STORE_CTX_set_trust(ctx, X509_TRUST_OCSP_REQUEST);
- /* TODO: why is X509_TRUST_OCSP_REQUEST set? Seems to get ignored. */
ret = X509_verify_cert(ctx);
if (ret <= 0) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-01 07:40:37 +0000