Google Git
Sign in
boringssl / boringssl / 3390fd88d716ea599d659c2b72b9a6cd4bb36442^! / .
commit3390fd88d716ea599d659c2b72b9a6cd4bb36442[log] [tgz]
authorWatson Ladd <watson@cloudflare.com>Thu Mar 07 13:06:00 2019 -0800
committerCQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>Thu Mar 07 21:55:09 2019 +0000
tree613459df79ce290dc7d8ef772128afbfbb79aae4
parentf9c8d30897c0acdb8ba8358ae8c0970a65bd7e2d [diff]
Correct outdated comments

Change-Id: Idc3a41d025fefa9017fce108bed63cb8af426c9b
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/35244
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 5d8c5c0..a539b20 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h

@@ -3069,7 +3069,7 @@
 // host may use a delegated credential to sign the handshake. Once issued,
 // credentials can't be revoked. In order to mitigate the damage in case the
 // credential secret key is compromised, the credential is only valid for a
-// short time (days, hours, or even minutes). This library implements draft-02
+// short time (days, hours, or even minutes). This library implements draft-03
 // of the protocol spec.
 //
 // The extension ID has not been assigned; we're using 0xff02 for the time
@@ -3082,7 +3082,7 @@
 // SSL_set1_delegated_credential configures the delegated credential (DC) that
 // will be sent to the peer for the current connection. |dc| is the DC in wire
 // format, and |pkey| or |key_method| is the corresponding private key.
-// Currently (as of draft-02), only servers may configure a DC to use in the
+// Currently (as of draft-03), only servers may configure a DC to use in the
 // handshake.
 //
 // The DC will only be used if the protocol version is correct and the signature

diff --git a/ssl/ssl_cert.cc b/ssl/ssl_cert.cc
index 1b01e7f..54df38f 100644
--- a/ssl/ssl_cert.cc
+++ b/ssl/ssl_cert.cc

@@ -804,9 +804,7 @@
 
 // ssl_can_serve_dc returns true if the host has configured a DC that it can
 // serve in the handshake. Specifically, it checks that a DC has been
-// configured, that the DC protocol version is the same as the negotiated
-// protocol version, and that the DC signature algorithm is supported by the
-// peer.
+// configured and that the DC signature algorithm is supported by the peer.
 static bool ssl_can_serve_dc(const SSL_HANDSHAKE *hs) {
   // Check that a DC has been configured.
   const CERT *cert = hs->config->cert.get();