Remove a "TODO-list" structure at the top of the file, referring back

to the old set of SSL patches. Hasn't been updated since, and we keep
the TODOs in the "real" TODO list, really...

diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c
index d03694717620969f89a975a8694f7c6f99f7c3fa..bae9fe8464f10b95ecb5266836ed4532d14b92e7 100644 (file)
--- a/src/backend/libpq/be-secure.c
+++ b/src/backend/libpq/be-secure.c
@@ -11,7 +11,7 @@
  *
  *
  * IDENTIFICATION
- *   $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.84 2008/03/31 02:43:14 tgl Exp $
+ *   $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.85 2008/10/24 12:24:35 mha Exp $
  *
  *   Since the server static private key ($DataDir/server.key)
  *   will normally be stored unencrypted so that the database
@@ -45,32 +45,6 @@
  *   amounts of data are sent with the same session key, the
  *   session keys are periodically renegotiated.
  *
- * PATCH LEVEL
- *   milestone 1: fix basic coding errors
- *   [*] existing SSL code pulled out of existing files.
- *   [*] SSL_get_error() after SSL_read() and SSL_write(),
- *       SSL_shutdown(), default to TLSv1.
- *
- *   milestone 2: provide endpoint authentication (server)
- *   [*] client verifies server cert
- *   [*] client verifies server hostname
- *
- *   milestone 3: improve confidentially, support perfect forward secrecy
- *   [ ] use 'random' file, read from '/dev/urandom?'
- *   [*] emphermal DH keys, default values
- *   [*] periodic renegotiation
- *   [*] private key permissions
- *
- *   milestone 4: provide endpoint authentication (client)
- *   [*] server verifies client certificates
- *
- *   milestone 5: provide informational callbacks
- *   [*] provide informational callbacks
- *
- *   other changes
- *   [ ] tcp-wrappers
- *   [ ] more informative psql
- *
  *-------------------------------------------------------------------------
  */