X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=openssl.c;h=685995f763b1cfd71b1054ed76aa421d428d0db1;hp=a57cb32e978cc60c4b8e39b0304204d1a2a29d1d;hb=c74183d1e272e806975969ffaef1e0abb442d7ef;hpb=85bc700695d99d5858dbaa1448251e48df9ce747

diff --git a/openssl.c b/openssl.c
index a57cb32e..685995f7 100644
--- a/openssl.c
+++ b/openssl.c
@@ -1155,6 +1155,11 @@ extern int create_server_ssl_connection(struct client_state *csp)
       goto exit;
    }
 
+   /*
+    * XXX: Do we really have to do this always?
+    *      Probably it's sufficient to do if the verification fails
+    *      in which case we're sending the certificates to the client.
+    */
    chain = SSL_get_peer_cert_chain(ssl);
    if (chain)
    {