diff options
| author | doug <> | 2015-02-07 13:19:15 +0000 |
|---|---|---|
| committer | doug <> | 2015-02-07 13:19:15 +0000 |
| commit | bd790e322a40e6362231f517d5795d4079eeb2a2 (patch) | |
| tree | 1f11c8eab9ee5f3f265f1010c299c7fd574d9cdf /src/lib/libcrypto/x509v3/pcy_tree.c | |
| parent | ff826d3cb94a579275eb6e97b3cf80ca69016d4b (diff) | |
| download | openbsd-bd790e322a40e6362231f517d5795d4079eeb2a2.tar.gz openbsd-bd790e322a40e6362231f517d5795d4079eeb2a2.tar.bz2 openbsd-bd790e322a40e6362231f517d5795d4079eeb2a2.zip | |
Delete a lot of #if 0 code in libressl.
There are a few instances where #if 1 is removed but the code remains.
Based on the following OpenSSL commits. Some of the commits weren't
strictly deletions so they are going to be split up into separate commits.
6f91b017bbb7140f816721141ac156d1b828a6b3
3d47c1d331fdc7574d2275cda1a630ccdb624b08
dfb56425b68314b2b57e17c82c1df42e7a015132
c8fa2356a00cbaada8963f739e5570298311a060
f16a64d11f55c01f56baa62ebf1dec7f8fe718cb
9ccc00ef6ea65567622e40c49aca43f2c6d79cdb
02a938c953b3e1ced71d9a832de1618f907eb96d
75d0ebef2aef7a2c77b27575b8da898e22f3ccd5
d6fbb194095312f4722c81c9362dbd0de66cb656
6f1a93ad111c7dfe36a09a976c4c009079b19ea1
1a5adcfb5edfe23908b350f8757df405b0f5f71f
8de24b792743d11e1d5a0dcd336a49368750c577
a2b18e657ea1a932d125154f4e13ab2258796d90
8e964419603d2478dfb391c66e7ccb2dcc9776b4
32dfde107636ac9bc62a5b3233fe2a54dbc27008
input + ok jsing@, miod@, tedu@
Diffstat (limited to 'src/lib/libcrypto/x509v3/pcy_tree.c')
| -rw-r--r-- | src/lib/libcrypto/x509v3/pcy_tree.c | 51 |
1 files changed, 1 insertions, 50 deletions
diff --git a/src/lib/libcrypto/x509v3/pcy_tree.c b/src/lib/libcrypto/x509v3/pcy_tree.c index 2c6472a8a1..fa0e161562 100644 --- a/src/lib/libcrypto/x509v3/pcy_tree.c +++ b/src/lib/libcrypto/x509v3/pcy_tree.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: pcy_tree.c,v 1.12 2014/07/11 08:44:49 jsing Exp $ */ | 1 | /* $OpenBSD: pcy_tree.c,v 1.13 2015/02/07 13:19:15 doug Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2004. | 3 | * project 2004. |
| 4 | */ | 4 | */ |
| @@ -153,11 +153,6 @@ tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, unsigned int flags) | |||
| 153 | *ptree = NULL; | 153 | *ptree = NULL; |
| 154 | n = sk_X509_num(certs); | 154 | n = sk_X509_num(certs); |
| 155 | 155 | ||
| 156 | #if 0 | ||
| 157 | /* Disable policy mapping for now... */ | ||
| 158 | flags |= X509_V_FLAG_INHIBIT_MAP; | ||
| 159 | #endif | ||
| 160 | |||
| 161 | if (flags & X509_V_FLAG_EXPLICIT_POLICY) | 156 | if (flags & X509_V_FLAG_EXPLICIT_POLICY) |
| 162 | explicit_policy = 0; | 157 | explicit_policy = 0; |
| 163 | else | 158 | else |
| @@ -327,19 +322,6 @@ tree_link_nodes(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache) | |||
| 327 | 322 | ||
| 328 | for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++) { | 323 | for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++) { |
| 329 | data = sk_X509_POLICY_DATA_value(cache->data, i); | 324 | data = sk_X509_POLICY_DATA_value(cache->data, i); |
| 330 | /* If a node is mapped any it doesn't have a corresponding | ||
| 331 | * CertificatePolicies entry. | ||
| 332 | * However such an identical node would be created | ||
| 333 | * if anyPolicy matching is enabled because there would be | ||
| 334 | * no match with the parent valid_policy_set. So we create | ||
| 335 | * link because then it will have the mapping flags | ||
| 336 | * right and we can prune it later. | ||
| 337 | */ | ||
| 338 | #if 0 | ||
| 339 | if ((data->flags & POLICY_DATA_FLAG_MAPPED_ANY) && | ||
| 340 | !(curr->flags & X509_V_FLAG_INHIBIT_ANY)) | ||
| 341 | continue; | ||
| 342 | #endif | ||
| 343 | /* Look for matching nodes in previous level */ | 325 | /* Look for matching nodes in previous level */ |
| 344 | if (!tree_link_matching_nodes(curr, data)) | 326 | if (!tree_link_matching_nodes(curr, data)) |
| 345 | return 0; | 327 | return 0; |
| @@ -416,7 +398,6 @@ tree_link_any(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache, | |||
| 416 | X509_POLICY_TREE *tree) | 398 | X509_POLICY_TREE *tree) |
| 417 | { | 399 | { |
| 418 | int i; | 400 | int i; |
| 419 | /*X509_POLICY_DATA *data;*/ | ||
| 420 | X509_POLICY_NODE *node; | 401 | X509_POLICY_NODE *node; |
| 421 | X509_POLICY_LEVEL *last = curr - 1; | 402 | X509_POLICY_LEVEL *last = curr - 1; |
| 422 | 403 | ||
| @@ -425,36 +406,6 @@ tree_link_any(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache, | |||
| 425 | 406 | ||
| 426 | if (!tree_link_unmatched(curr, cache, node, tree)) | 407 | if (!tree_link_unmatched(curr, cache, node, tree)) |
| 427 | return 0; | 408 | return 0; |
| 428 | |||
| 429 | #if 0 | ||
| 430 | |||
| 431 | /* Skip any node with any children: we only want unmathced | ||
| 432 | * nodes. | ||
| 433 | * | ||
| 434 | * Note: need something better for policy mapping | ||
| 435 | * because each node may have multiple children | ||
| 436 | */ | ||
| 437 | if (node->nchild) | ||
| 438 | continue; | ||
| 439 | |||
| 440 | /* Create a new node with qualifiers from anyPolicy and | ||
| 441 | * id from unmatched node. | ||
| 442 | */ | ||
| 443 | data = policy_data_new(NULL, node->data->valid_policy, | ||
| 444 | node_critical(node)); | ||
| 445 | |||
| 446 | if (data == NULL) | ||
| 447 | return 0; | ||
| 448 | /* Curr may not have anyPolicy */ | ||
| 449 | data->qualifier_set = cache->anyPolicy->qualifier_set; | ||
| 450 | data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS; | ||
| 451 | if (!level_add_node(curr, data, node, tree)) { | ||
| 452 | policy_data_free(data); | ||
| 453 | return 0; | ||
| 454 | } | ||
| 455 | |||
| 456 | #endif | ||
| 457 | |||
| 458 | } | 409 | } |
| 459 | /* Finally add link to anyPolicy */ | 410 | /* Finally add link to anyPolicy */ |
| 460 | if (last->anyPolicy) { | 411 | if (last->anyPolicy) { |