From aa5fd2f0598cf8f66f2c71d224ded2f546e54f42 Mon Sep 17 00:00:00 2001
From: tb <tb@openbsd.org>
Date: Wed, 24 Feb 2021 18:01:31 +0000
Subject: [PATCH] Fix comment explaining last_untrusted. This should really be
 called num_untrusted, but unfortunately it's public...

ok jsing tobhe
---
 lib/libcrypto/x509/x509_vfy.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/libcrypto/x509/x509_vfy.h b/lib/libcrypto/x509/x509_vfy.h
index a68d5c08400..57189b9d0f5 100644
--- a/lib/libcrypto/x509/x509_vfy.h
+++ b/lib/libcrypto/x509/x509_vfy.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.h,v 1.31 2020/09/13 15:06:17 beck Exp $ */
+/* $OpenBSD: x509_vfy.h,v 1.32 2021/02/24 18:01:31 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -247,7 +247,7 @@ struct x509_store_ctx_st      /* X509_STORE_CTX */
 
 	/* The following is built up */
 	int valid;		/* if 0, rebuild chain */
-	int last_untrusted;	/* index of last untrusted cert */
+	int last_untrusted;	/* XXX: number of untrusted certs in chain!!! */
 	STACK_OF(X509) *chain; 		/* chain of X509s - built up and trusted */
 	X509_POLICY_TREE *tree;	/* Valid policy tree */
 
-- 
2.20.1