diff options
| author | tb <> | 2023-04-28 15:21:22 +0000 |
|---|---|---|
| committer | tb <> | 2023-04-28 15:21:22 +0000 |
| commit | 94f494cef30a7803f4fded9f2a5895a46c0b136b (patch) | |
| tree | faa652bdbfd7043b80faa6fa5a5cbe8e4aacf90a | |
| parent | 7d7b55682de108a2561a680b7c0883797b13553d (diff) | |
| download | openbsd-94f494cef30a7803f4fded9f2a5895a46c0b136b.tar.gz openbsd-94f494cef30a7803f4fded9f2a5895a46c0b136b.tar.bz2 openbsd-94f494cef30a7803f4fded9f2a5895a46c0b136b.zip | |
Deassert x509_policy_level_add_nodes()
This assert is in debugging code that ensures that there are no duplicate
nodes on this level. This is an expensive and unnecessary check. Duplicates
already cause failures as ensured by regress.
with beck
ok jsing
| -rw-r--r-- | src/lib/libcrypto/x509/x509_policy.c | 11 |
1 files changed, 1 insertions, 10 deletions
diff --git a/src/lib/libcrypto/x509/x509_policy.c b/src/lib/libcrypto/x509/x509_policy.c index c8f9447e4f..0f60a11c77 100644 --- a/src/lib/libcrypto/x509/x509_policy.c +++ b/src/lib/libcrypto/x509/x509_policy.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509_policy.c,v 1.17 2023/04/28 15:16:48 tb Exp $ */ | 1 | /* $OpenBSD: x509_policy.c,v 1.18 2023/04/28 15:21:22 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2022, Google Inc. | 3 | * Copyright (c) 2022, Google Inc. |
| 4 | * | 4 | * |
| @@ -319,15 +319,6 @@ x509_policy_level_add_nodes(X509_POLICY_LEVEL *level, | |||
| 319 | } | 319 | } |
| 320 | sk_X509_POLICY_NODE_sort(level->nodes); | 320 | sk_X509_POLICY_NODE_sort(level->nodes); |
| 321 | 321 | ||
| 322 | #if !defined(NDEBUG) | ||
| 323 | /* There should be no duplicate nodes. */ | ||
| 324 | for (i = 1; i < sk_X509_POLICY_NODE_num(level->nodes); i++) { | ||
| 325 | assert( | ||
| 326 | OBJ_cmp( | ||
| 327 | sk_X509_POLICY_NODE_value(level->nodes, i - 1)->policy, | ||
| 328 | sk_X509_POLICY_NODE_value(level->nodes, i)->policy) != 0); | ||
| 329 | } | ||
| 330 | #endif | ||
| 331 | return 1; | 322 | return 1; |
| 332 | } | 323 | } |
| 333 | 324 | ||