From 917ec9f02d6cef42a0db920222594c4e4295f35b Mon Sep 17 00:00:00 2001
From: hniksic <devnull@localhost>
Date: Wed, 25 May 2005 08:48:16 -0700
Subject: [PATCH] [svn] Minor doc. clarification.

---
 src/openssl.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/openssl.c b/src/openssl.c
index a16b9b79..19c34d40 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -427,7 +427,7 @@ ssl_check_certificate (int fd, const char *host)
       logprintf (LOG_NOTQUIET, _("%s: No certificate presented by %s.\n"),
 		 severity, escnonprint (host));
       success = 0;
-      goto out;			/* must bail out since CERT is NULL */
+      goto no_cert;		/* must bail out since CERT is NULL */
     }
 
 #ifdef ENABLE_DEBUG
@@ -474,8 +474,8 @@ ssl_check_certificate (int fd, const char *host)
        common names and choose the most specific one, i.e. the last
        one, not the first one, which the current code picks.
 
-     - Make sure that the names are encoded as UTF-8 which, being
-       ASCII-compatible, can be easily compared against HOST.  */
+     - Ensure that ASN1 strings from the certificate are encoded as
+       UTF-8 which can be meaningfully compared to HOST.  */
 
   common_name[0] = '\0';
   X509_NAME_get_text_by_NID (X509_get_subject_name (cert),
@@ -493,7 +493,7 @@ ssl_check_certificate (int fd, const char *host)
 	     escnonprint (host)));
   X509_free (cert);
 
- out:
+ no_cert:
   if (opt.check_cert && !success)
     logprintf (LOG_NOTQUIET, _("\
 To connect to %s insecurely, use `--no-check-certificate'.\n"),
-- 
2.39.2