diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-03-15 17:00:17 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-03-15 17:08:12 +0100 |
| commit | 304ef620819d87b9bf0c128da0eb4d9d394a2954 (patch) | |
| tree | a2769dff8a2ff8ac92226a19f6527f46ea426b5d | |
| parent | 9dca575622586e4c94ced9e453ae0a91f346d711 (diff) | |
| download | gnutls-tmp-remove-fixme.tar.gz | |
Removed all FIXME comments in codetmp-remove-fixme
We expand informational comments on limitations, but with removing
FIXME (keyword didn't help fixing these), and remove completely unhelpful
or comments about ideas.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| -rw-r--r-- | lib/algorithms/kx.c | 2 | ||||
| -rw-r--r-- | lib/buffers.c | 2 | ||||
| -rw-r--r-- | lib/cert-cred.c | 3 | ||||
| -rw-r--r-- | lib/constate.c | 2 | ||||
| -rw-r--r-- | lib/handshake.c | 4 | ||||
| -rw-r--r-- | lib/pkcs11.c | 1 | ||||
| -rw-r--r-- | lib/pkcs11_secret.c | 4 | ||||
| -rw-r--r-- | lib/pkcs11_write.c | 3 | ||||
| -rw-r--r-- | lib/str-unicode.c | 2 | ||||
| -rw-r--r-- | lib/x509/key_decode.c | 4 | ||||
| -rw-r--r-- | lib/x509/mpi.c | 4 | ||||
| -rw-r--r-- | lib/x509/verify-high.c | 8 | ||||
| -rw-r--r-- | src/certtool.c | 3 |
13 files changed, 13 insertions, 29 deletions
diff --git a/lib/algorithms/kx.c b/lib/algorithms/kx.c index 151b3dc025..9b670693b4 100644 --- a/lib/algorithms/kx.c +++ b/lib/algorithms/kx.c @@ -44,7 +44,7 @@ extern mod_auth_st srp_dss_auth_struct; /* Cred type mappings to KX algorithms - * FIXME: The mappings are not 1-1. Some KX such as SRP_RSA require + * The mappings are not 1-1. Some KX such as SRP_RSA require * more than one credentials type. */ typedef struct { diff --git a/lib/buffers.c b/lib/buffers.c index 73f96ab6c2..076a39f06b 100644 --- a/lib/buffers.c +++ b/lib/buffers.c @@ -277,7 +277,7 @@ _gnutls_dgram_read(gnutls_session_t session, mbuffer_st ** bufel, fd); if (i == 0) { /* If we get here, we likely have a stream socket. - * FIXME: this probably breaks DCCP. */ + * That assumption may not work on DCCP. */ gnutls_assert(); ret = 0; goto cleanup; diff --git a/lib/cert-cred.c b/lib/cert-cred.c index 8a08d26d8c..340b92b03b 100644 --- a/lib/cert-cred.c +++ b/lib/cert-cred.c @@ -280,7 +280,8 @@ void gnutls_certificate_free_keys(gnutls_certificate_credentials_t sc) **/ void gnutls_certificate_free_cas(gnutls_certificate_credentials_t sc) { - /* FIXME: do nothing for now */ + /* This used to be functional, but due to internal refactoring + * it is no longer operational. */ return; } diff --git a/lib/constate.c b/lib/constate.c index d28c00bc31..be784bce64 100644 --- a/lib/constate.c +++ b/lib/constate.c @@ -56,8 +56,6 @@ static int _gnutls_set_keys(gnutls_session_t session, record_parameters_st * params, unsigned hash_size, unsigned IV_size, unsigned key_size) { - /* FIXME: This function is too long - */ uint8_t rnd[2 * GNUTLS_RANDOM_SIZE]; int pos, ret; int block_size; diff --git a/lib/handshake.c b/lib/handshake.c index 8446da45e5..da1f87d183 100644 --- a/lib/handshake.c +++ b/lib/handshake.c @@ -2499,7 +2499,6 @@ recv_hello_verify_request(gnutls_session_t session, return GNUTLS_E_UNEXPECTED_PACKET; } - /* TODO: determine if we need to do anything with the server version field */ DECR_LEN(len, 2); pos += 2; @@ -3671,9 +3670,6 @@ gnutls_handshake_get_last_out(gnutls_session_t session) } /* This returns the session hash as in draft-ietf-tls-session-hash-02. - * - * FIXME: It duplicates some of the actions in _gnutls_handshake_sign_crt_vrfy*. - * See whether they can be merged. */ int _gnutls_handshake_get_session_hash(gnutls_session_t session, gnutls_datum_t *shash) { diff --git a/lib/pkcs11.c b/lib/pkcs11.c index fbe2b48f22..2ec642bf8a 100644 --- a/lib/pkcs11.c +++ b/lib/pkcs11.c @@ -2999,7 +2999,6 @@ find_privkeys(struct pkcs11_session_info *sinfo, /* Find an object with private key class and a certificate ID * which matches the certificate. */ - /* FIXME: also match the cert subject. */ a[0].type = CKA_CLASS; a[0].value = &class; a[0].value_len = sizeof class; diff --git a/lib/pkcs11_secret.c b/lib/pkcs11_secret.c index 828fbff6da..95bbfae757 100644 --- a/lib/pkcs11_secret.c +++ b/lib/pkcs11_secret.c @@ -89,8 +89,8 @@ gnutls_pkcs11_copy_secret_key(const char *token_url, gnutls_datum_t * key, return ret; } - /* FIXME: copy key usage flags */ - + /* We do not copy key usage flags. + */ a[0].type = CKA_CLASS; a[0].value = &class; a[0].value_len = sizeof(class); diff --git a/lib/pkcs11_write.c b/lib/pkcs11_write.c index b1176fb0ff..7aa334844a 100644 --- a/lib/pkcs11_write.c +++ b/lib/pkcs11_write.c @@ -187,6 +187,7 @@ gnutls_pkcs11_copy_x509_crt2(const char *token_url, a[1].value_len = cid->size; } + /* we do not use the key usage flags */ a[2].type = CKA_VALUE; a[2].value = der; a[2].value_len = der_size; @@ -196,7 +197,6 @@ gnutls_pkcs11_copy_x509_crt2(const char *token_url, a[4].type = CKA_CERTIFICATE_TYPE; a[4].value = &type; a[4].value_len = sizeof(type); - /* FIXME: copy key usage flags */ a_val = 5; @@ -715,7 +715,6 @@ gnutls_pkcs11_copy_x509_privkey2(const char *token_url, pk = gnutls_x509_privkey_get_pk_algorithm(key); FIX_KEY_USAGE(pk, key_usage); - /* FIXME: copy key usage flags */ a_val = 0; a[a_val].type = CKA_CLASS; a[a_val].value = &class; diff --git a/lib/str-unicode.c b/lib/str-unicode.c index 0cd47d4953..d66710a5f2 100644 --- a/lib/str-unicode.c +++ b/lib/str-unicode.c @@ -123,7 +123,7 @@ static int check_for_valid_freeformclass(uint32_t *ucs4, unsigned ucs4_size) /* Disallowed o Old Hangul Jamo characters, i.e., the OldHangulJamo ("I") category - [FIXME: not handled in this code] + (not handled in this code) o Control characters, i.e., the Controls ("L") category diff --git a/lib/x509/key_decode.c b/lib/x509/key_decode.c index 1e07bbc441..00f1950acb 100644 --- a/lib/x509/key_decode.c +++ b/lib/x509/key_decode.c @@ -193,9 +193,9 @@ _gnutls_x509_read_dsa_params(uint8_t * der, int dersize, return _gnutls_asn2err(result); } - /* FIXME: If the parameters are not included in the certificate + /* If the parameters are not included in the certificate * then the issuer's parameters should be used. This is not - * done yet. + * implemented, and is not used in practice (along with DSA). */ /* Read p */ diff --git a/lib/x509/mpi.c b/lib/x509/mpi.c index 664b22c509..b0e83337e7 100644 --- a/lib/x509/mpi.c +++ b/lib/x509/mpi.c @@ -134,9 +134,9 @@ _gnutls_get_asn_mpis(ASN1_TYPE asn, const char *root, _asnstr_append_name(name, sizeof(name), root, ".algorithm.parameters"); - /* FIXME: If the parameters are not included in the certificate + /* If the parameters are not included in the certificate * then the issuer's parameters should be used. This is not - * needed in practice though. + * implemented, nor used in practice. */ if (pk_algorithm != GNUTLS_PK_RSA && pk_algorithm != GNUTLS_PK_EDDSA_ED25519 && pk_algorithm != GNUTLS_PK_ECDH_X25519) { /* RSA and EdDSA do not use parameters */ diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c index bbb54a0f93..5515d54ff9 100644 --- a/lib/x509/verify-high.c +++ b/lib/x509/verify-high.c @@ -186,14 +186,6 @@ add_new_ca_to_rdn_seq(gnutls_x509_trust_list_t list, * This will be sent to clients when a certificate * request message is sent. */ - - /* FIXME: in case of a client it is not needed - * to do that. This would save time and memory. - * However we don't have that information available - * here. - * Further, this function is now much more efficient, - * so optimizing that is less important. - */ tmp.data = ca->raw_dn.data; tmp.size = ca->raw_dn.size; diff --git a/src/certtool.c b/src/certtool.c index ea8fc81c67..11dc27a6fd 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -3702,8 +3702,7 @@ void smime_to_pkcs7(void) char *lineptr = NULL; ssize_t len; - /* Find body. FIXME: Handle non-b64 Content-Transfer-Encoding. - Reject non-S/MIME tagged Content-Type's? */ + /* Find body. We do not handle non-b64 Content-Transfer-Encoding. */ do { len = getline(&lineptr, &linesize, infile); if (len == -1) { |