X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/02a33248dc5981a63931530a57c76ff27464bde5..f5730918ef684baafbd9e606a1d4eb06914563cc:/src/src/tls-openssl.c

diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 8ed413e91..eabe34f31 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -5,6 +5,7 @@
 /* Copyright (c) The Exim Maintainers 2020 - 2022 */
 /* Copyright (c) University of Cambridge 1995 - 2019 */
 /* See the file NOTICE for conditions of use and distribution. */
+/* SPDX-License-Identifier: GPL-2.0-or-later */
 
 /* Portions Copyright (c) The OpenSSL Project 1999 */
 
@@ -2529,6 +2530,8 @@ if (!(bs = OCSP_response_get1_basic(rsp)))
     DEBUG(D_tls) bp = BIO_new(BIO_s_mem());
 
     /* Use the CA & chain that verified the server cert to verify the stapled info */
+    /*XXX could we do an event here, for observability of ocsp?  What reasonable data could we give access to? */
+    /* Dates would be a start. Do we need another opaque variable type, as for certs, plus an extract expansion? */
 
    {
     /* If this routine is not available, we've avoided [in tls_client_start()]