Remove obsolete GnuTLS FIXME comment

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
sailfishos-mirror · Jun 11, 2012 · 80beecc · 80beecc
1 parent 929b7da
commit 80beecc
Showing 1 changed file with 0 additions and 12 deletions.
diff --git a/gnutls.c b/gnutls.c
@@ -1133,7 +1133,6 @@ int openconnect_open_https(struct openconnect_info *vpninfo)
 #endif
 		gnutls_certificate_set_verify_function (vpninfo->https_cred,
 							verify_peer);
-		/* FIXME: Ensure TLSv1.0, no options */
 
 		if (vpninfo->cafile) {
 			err = gnutls_certificate_set_x509_trust_file(vpninfo->https_cred,
@@ -1156,17 +1155,6 @@ int openconnect_open_https(struct openconnect_info *vpninfo)
 				return err;
 			}
 		}
-
-		/* We just want to do:
-		   SSL_CTX_set_purpose(vpninfo->https_ctx, X509_PURPOSE_ANY); 
-		   ... but it doesn't work with OpenSSL < 0.9.8k because of 
-		   problems with inheritance (fixed in v1.1.4.6 of
-		   crypto/x509/x509_vpm.c) so we have to play silly buggers
-		   instead. This trick doesn't work _either_ in < 0.9.7 but
-		   I don't know of _any_ workaround which will, and can't
-		   be bothered to find out either. */
-
-
 	}
 	gnutls_init (&vpninfo->https_sess, GNUTLS_CLIENT);
 	gnutls_session_set_ptr (vpninfo->https_sess, (void *) vpninfo);