the function used to set the verify callback in mbedTLS is
actually called mbedtls_ssl_conf_verify() and it is invoked
in key_state_ssl_init().
Fix comment accordingly.
Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <20171205085711.25075-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg16026.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
... | ... |
@@ -48,9 +48,9 @@ typedef mbedtls_x509_crt openvpn_x509_cert_t; |
48 | 48 |
* This callback function is called when a new TLS session is being setup to |
49 | 49 |
* determine whether the remote OpenVPN peer's certificate is allowed to |
50 | 50 |
* connect. It is called for once for every certificate in the chain. The |
51 |
- * callback functionality is configured in the \c init_ssl() function, which |
|
52 |
- * calls the mbed TLS library's \c ssl_set_verify_callback() function with \c |
|
53 |
- * verify_callback() as its callback argument. |
|
51 |
+ * callback functionality is configured in the \c key_state_ssl_init() function, |
|
52 |
+ * which calls the mbed TLS library's \c mbedtls_ssl_conf_verify() function with |
|
53 |
+ * \c verify_callback() as its callback argument. |
|
54 | 54 |
* |
55 | 55 |
* It checks *flags and registers the certificate hash. If these steps succeed, |
56 | 56 |
* it calls the \c verify_cert() function, which performs OpenVPN-specific |