add a note from wanoskarnet

author Roger Dingledine <arma@torproject.org>

Sun, 8 Jan 2012 14:03:03 +0000 (09:03 -0500)

committer Roger Dingledine <arma@torproject.org>

Sun, 8 Jan 2012 14:03:03 +0000 (09:03 -0500)
author Roger Dingledine <arma@torproject.org>
Sun, 8 Jan 2012 14:03:03 +0000 (09:03 -0500)
committer Roger Dingledine <arma@torproject.org>
Sun, 8 Jan 2012 14:03:03 +0000 (09:03 -0500)
diff --git a/src/common/tortls.c b/src/common/tortls.c

index ef61f71b3db072e4972897695f9f28e58ff52b9a..37074decfdf19e5b6dbe6cf0470dab8a28cfa845 100644 (file)
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -781,6 +781,11 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime,
     * with clients that are configured to use SSLv23_method(), so we should
     * probably never use it.
     */
+  /* XXX wanoskarnet says this comment is bunk -- that even if we turn
+   * this line on, clients configured to use SSLv23 would still able to
+   * talk to us. But he also says it's ok to leave it out. I suggest we
+   * delete this whole clause (the one that's #if 0'ed out). I'll leave
+   * it in place until Nick expresses an opinion. -RD */
    if (!(result->ctx = SSL_CTX_new(TLSv1_method())))
      goto error;
  #endif
author	Roger Dingledine <arma@torproject.org>
	Sun, 8 Jan 2012 14:03:03 +0000 (09:03 -0500)
committer	Roger Dingledine <arma@torproject.org>
	Sun, 8 Jan 2012 14:03:03 +0000 (09:03 -0500)