From 1547dac5126fa35db78b737af31f3c2044173881 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Thu, 27 Aug 2020 15:11:02 +0200
Subject: [PATCH] create_server_ssl_connection(): Add comment about
 optimization possibility

---
 openssl.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/openssl.c b/openssl.c
index a57cb32e..685995f7 100644
--- a/openssl.c
+++ b/openssl.c
@@ -1155,6 +1155,11 @@ extern int create_server_ssl_connection(struct client_state *csp)
       goto exit;
    }
 
+   /*
+    * XXX: Do we really have to do this always?
+    *      Probably it's sufficient to do if the verification fails
+    *      in which case we're sending the certificates to the client.
+    */
    chain = SSL_get_peer_cert_chain(ssl);
    if (chain)
    {
-- 
2.39.2