From cfa8f329e9fddbb6db594761364854e780359ace Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Thu, 22 Feb 2018 14:26:57 +0000
Subject: [PATCH] WIP

---
 src/src/dkim.c        | 3 ---
 src/src/tls-openssl.c | 1 -
 2 files changed, 4 deletions(-)

diff --git a/src/src/dkim.c b/src/src/dkim.c
index ec5ba494b..092eb55c6 100644
--- a/src/src/dkim.c
+++ b/src/src/dkim.c
@@ -710,9 +710,6 @@ while ((dkim_signing_domain = string_nextinlist(&dkim_domain, &sep, NULL, 0)))
       else if (!*dkim_identity_expanded)
 	dkim_identity_expanded = NULL;
 
-  /*XXX so we currently nail signing to RSA + this hash.
-  Need to extract algo from privkey and check for disallowed combos. */
-
     if (!(sig = pdkim_init_sign(&ctx, dkim_signing_domain,
 			  dkim_signing_selector,
 			  dkim_private_key_expanded,
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index fd21adfa5..4dfeac06d 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -1819,7 +1819,6 @@ if (expcerts && *expcerts)
 	{ file = NULL; dir = expcerts; }
       else
 	{
-	/*XXX somewhere down here we leak memory per-STARTTLS, on a multi-message conn, server-side */
 	file = expcerts; dir = NULL;
 #ifndef DISABLE_OCSP
 	/* In the server if we will be offering an OCSP proof, load chain from
-- 
2.30.2