Remove a strange inheritance check from addr_validate_path_internal()

The trust anchor can't inherit, but the code says that it can inherit
just not if the leaf tries to inherit from that. This makes no sense
and doesn't match what is done on the asid side.

ok jsing

1 files changed, 1 insertions, 4 deletions

diff --git a/src/lib/libcrypto/x509/x509_addr.c b/src/lib/libcrypto/x509/x509_addr.c
index cc77f92509..209c5cf397 100644
--- a/src/lib/libcrypto/x509/x509_addr.c
+++ b/src/lib/libcrypto/x509/x509_addr.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: x509_addr.c,v 1.76 2022/01/06 14:08:15 tb Exp $ */
+/*      $OpenBSD: x509_addr.c,v 1.77 2022/02/04 16:34:15 tb Exp $ */
 /*
  * Contributed to the OpenSSL Project by the American Registry for
  * Internet Numbers ("ARIN").
@@ -1899,9 +1899,6 @@ addr_validate_path_internal(X509_STORE_CTX *ctx, STACK_OF(X509) *chain,
                         if (IPAddressFamily_inheritance(parent_af) == NULL)
                                 continue;
 
-                        if (sk_IPAddressFamily_find(child, parent_af) < 0)
-                                continue;
-
                         if ((ret = verify_error(ctx, cert,
                             X509_V_ERR_UNNESTED_RESOURCE, depth)) == 0)
                                 goto done;