apps: remove TODOs

Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15539)
2025-04-24 20:51:14 +08:00 · 2021-05-31 14:27:04 +10:00 · 2021-05-31 14:27:04 +10:00 · db70dc2cda
commit db70dc2cda
parent 0d7d5e2490
7 changed files with 4 additions and 18 deletions
--- a/apps/cmp.c
+++ b/apps/cmp.c
@ -643,10 +643,6 @@ static X509 *load_cert_pwd(const char *uri, const char *pass, const char *desc)
    return cert;
 }

-/*
- * TODO potentially move this and related functions to apps/lib/
- * or even better extend OSSL_STORE with type OSSL_STORE_INFO_CRL
- */
 static X509_REQ *load_csr_autofmt(const char *infile, const char *desc)
 {
    X509_REQ *csr;
@ -1051,7 +1047,6 @@ static OSSL_CMP_SRV_CTX *setup_srv_ctx(ENGINE *engine)
        }
        X509_free(cert);
    }
-    /* TODO find a cleaner solution not requiring type casts */
    if (!setup_certs(opt_rsp_extracerts,
                     "CMP extra certificates for mock server", srv_ctx,
                     (add_X509_stack_fn_t)ossl_cmp_mock_srv_set1_chainOut))
@ -1318,7 +1313,6 @@ static SSL_CTX *setup_ssl_ctx(OSSL_CMP_CTX *ctx, const char *host,
        /* enable and parameterize server hostname/IP address check */
        if (!truststore_set_host_etc(trust_store,
                                     opt_tls_host != NULL ? opt_tls_host : host))
-            /* TODO: is the server host name correct for TLS via proxy? */
            goto err;
        SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL);
    }
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@ -273,10 +273,9 @@ int dhparam_main(int argc, char **argv)
                */
                keytype = "DHX";
                /*
-                    * BIO_reset() returns 0 for success for file BIOs only!!!
-                    * This won't work for stdin (and never has done)
-                    * TODO: We should fix this at some point
-                    */
+                 * BIO_reset() returns 0 for success for file BIOs only!!!
+                 * This won't work for stdin (and never has done)
+                 */
                if (BIO_reset(in) == 0)
                    done = 0;
            }
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@ -885,7 +885,6 @@ int load_key_certs_crls(const char *uri, int format, int maybe_stdin,
    const char *input_type;
    OSSL_PARAM itp[2];
    const OSSL_PARAM *params = NULL;
-    /* TODO make use of the engine reference 'eng' when loading pkeys */

    if (ppkey != NULL) {
        *ppkey = NULL;
@ -2258,8 +2257,6 @@ int do_X509_sign(X509 *cert, EVP_PKEY *pkey, const char *md,
        if (!adapt_keyid_ext(cert, ext_ctx, "authorityKeyIdentifier",
                             "keyid, issuer", !self_sign))
            goto end;
-
-        /* TODO any further measures for ensuring default RFC 5280 compliance */
    }

    if (mctx != NULL && do_sign_init(mctx, pkey, md, sigopts) > 0)
--- a/apps/lib/cmp_mock_srv.c
+++ b/apps/lib/cmp_mock_srv.c
@ -204,7 +204,6 @@ static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
    }
    if (ctx->certOut != NULL
            && (*certOut = X509_dup(ctx->certOut)) == NULL)
-        /* TODO better return a cert produced from data in request template */
        goto err;
    if (ctx->chainOut != NULL
            && (*chainOut = X509_chain_up_ref(ctx->chainOut)) == NULL)
@ -312,7 +311,6 @@ static void process_error(OSSL_CMP_SRV_CTX *srv_ctx, const OSSL_CMP_MSG *error,
    if (sk_ASN1_UTF8STRING_num(errorDetails) <= 0) {
        BIO_printf(bio_err, "errorDetails absent\n");
    } else {
-        /* TODO could use sk_ASN1_UTF8STRING2text() if exported */
        BIO_printf(bio_err, "errorDetails: ");
        for (i = 0; i < sk_ASN1_UTF8STRING_num(errorDetails); i++) {
            if (i > 0)
--- a/apps/lib/http_server.c
+++ b/apps/lib/http_server.c
@ -405,7 +405,6 @@ int http_server_get_asn1_req(const ASN1_ITEM *it, ASN1_VALUE **preq,
        log_message(prog, LOG_WARNING,
                    "HTTP request does not begin with %sPOST: %s",
                    accept_get ? "GET or " : "", reqbuf);
-        /* TODO provide better diagnosis in case client tries TLS */
        (void)http_server_send_status(cbio, 400, "Bad Request");
        goto out;
    }
--- a/apps/rsa.c
+++ b/apps/rsa.c
@ -25,7 +25,7 @@
 #include <openssl/encoder.h>

 /*
- * TODO: This include is to get OSSL_KEYMGMT_SELECT_*, which feels a bit
+ * This include is to get OSSL_KEYMGMT_SELECT_*, which feels a bit
 * much just for those macros...  they might serve better as EVP macros.
 */
 #include <openssl/core_dispatch.h>
--- a/apps/x509.c
+++ b/apps/x509.c
@ -745,7 +745,6 @@ int x509_main(int argc, char **argv)

    if (!noout || text || next_serial)
        OBJ_create("2.99999.3", "SET.ex3", "SET x509v3 extension 3");
-    /* TODO: why is this strange object created (and no error checked)? */

    if (alias)
        X509_alias_set1(x, (unsigned char *)alias, -1);