summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/asn1/a_gentm.c39
-rw-r--r--src/lib/libcrypto/asn1/a_strex.c16
-rw-r--r--src/lib/libcrypto/asn1/a_time.c14
-rw-r--r--src/lib/libcrypto/asn1/asn1_lib.c8
-rw-r--r--src/lib/libcrypto/asn1/asn1_par.c6
-rw-r--r--src/lib/libcrypto/asn1/t_x509.c10
-rw-r--r--src/lib/libcrypto/asn1/tasn_prn.c12
-rw-r--r--src/lib/libcrypto/bio/bf_nbio.c15
-rw-r--r--src/lib/libcrypto/bn/bn.h13
-rw-r--r--src/lib/libcrypto/conf/conf.h10
-rw-r--r--src/lib/libcrypto/conf/conf_api.c24
-rw-r--r--src/lib/libcrypto/conf/conf_def.c19
-rw-r--r--src/lib/libcrypto/conf/conf_lib.c20
-rw-r--r--src/lib/libcrypto/crypto.h16
-rw-r--r--src/lib/libcrypto/des/cfb64ede.c11
-rw-r--r--src/lib/libcrypto/des/des.h7
-rw-r--r--src/lib/libcrypto/des/ofb64ede.c13
-rw-r--r--src/lib/libcrypto/des/xcbc_enc.c51
-rw-r--r--src/lib/libcrypto/dh/dh_check.c8
-rw-r--r--src/lib/libcrypto/dh/dh_gen.c10
-rw-r--r--src/lib/libcrypto/dso/dso.h12
-rw-r--r--src/lib/libcrypto/dso/dso_dlfcn.c8
-rw-r--r--src/lib/libcrypto/ec/ec_curve.c15
-rw-r--r--src/lib/libcrypto/ec/ec_mult.c5
-rw-r--r--src/lib/libcrypto/ecdh/ech_lib.c19
-rw-r--r--src/lib/libcrypto/ecdh/ech_locl.h6
-rw-r--r--src/lib/libcrypto/ecdsa/ecs_lib.c10
-rw-r--r--src/lib/libcrypto/engine/eng_all.c9
-rw-r--r--src/lib/libcrypto/engine/eng_list.c12
-rw-r--r--src/lib/libcrypto/engine/eng_padlock.c8
-rw-r--r--src/lib/libcrypto/engine/tb_store.c25
-rw-r--r--src/lib/libcrypto/evp/bio_b64.c6
-rw-r--r--src/lib/libcrypto/evp/encode.c35
-rw-r--r--src/lib/libcrypto/evp/evp.h6
-rw-r--r--src/lib/libcrypto/evp/p_sign.c17
-rw-r--r--src/lib/libcrypto/idea/idea_lcl.h67
-rw-r--r--src/lib/libcrypto/modes/gcm128.c5
-rw-r--r--src/lib/libcrypto/pkcs12/p12_key.c9
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_doit.c25
-rw-r--r--src/lib/libcrypto/stack/stack.c12
-rw-r--r--src/lib/libcrypto/x509/x509_vfy.h13
-rw-r--r--src/lib/libcrypto/x509v3/pcy_lib.c12
-rw-r--r--src/lib/libcrypto/x509v3/pcy_tree.c51
-rw-r--r--src/lib/libcrypto/x509v3/v3_info.c5
-rw-r--r--src/lib/libcrypto/x509v3/v3_utl.c14
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_gentm.c39
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_strex.c16
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_time.c14
-rw-r--r--src/lib/libssl/src/crypto/asn1/asn1_lib.c8
-rw-r--r--src/lib/libssl/src/crypto/asn1/asn1_par.c6
-rw-r--r--src/lib/libssl/src/crypto/asn1/t_x509.c10
-rw-r--r--src/lib/libssl/src/crypto/asn1/tasn_prn.c12
-rw-r--r--src/lib/libssl/src/crypto/bio/bf_nbio.c15
-rw-r--r--src/lib/libssl/src/crypto/bn/bn.h13
-rw-r--r--src/lib/libssl/src/crypto/conf/conf.h10
-rw-r--r--src/lib/libssl/src/crypto/conf/conf_api.c24
-rw-r--r--src/lib/libssl/src/crypto/conf/conf_def.c19
-rw-r--r--src/lib/libssl/src/crypto/conf/conf_lib.c20
-rw-r--r--src/lib/libssl/src/crypto/crypto.h16
-rw-r--r--src/lib/libssl/src/crypto/des/cfb64ede.c11
-rw-r--r--src/lib/libssl/src/crypto/des/des.h7
-rw-r--r--src/lib/libssl/src/crypto/des/ofb64ede.c13
-rw-r--r--src/lib/libssl/src/crypto/des/xcbc_enc.c51
-rw-r--r--src/lib/libssl/src/crypto/dh/dh_check.c8
-rw-r--r--src/lib/libssl/src/crypto/dh/dh_gen.c10
-rw-r--r--src/lib/libssl/src/crypto/dso/dso.h12
-rw-r--r--src/lib/libssl/src/crypto/dso/dso_dlfcn.c8
-rw-r--r--src/lib/libssl/src/crypto/ec/ec_curve.c15
-rw-r--r--src/lib/libssl/src/crypto/ec/ec_mult.c5
-rw-r--r--src/lib/libssl/src/crypto/ecdh/ech_lib.c19
-rw-r--r--src/lib/libssl/src/crypto/ecdh/ech_locl.h6
-rw-r--r--src/lib/libssl/src/crypto/ecdsa/ecs_lib.c10
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_all.c9
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_list.c12
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_padlock.c8
-rw-r--r--src/lib/libssl/src/crypto/engine/tb_store.c25
-rw-r--r--src/lib/libssl/src/crypto/evp/bio_b64.c6
-rw-r--r--src/lib/libssl/src/crypto/evp/encode.c35
-rw-r--r--src/lib/libssl/src/crypto/evp/evp.h6
-rw-r--r--src/lib/libssl/src/crypto/evp/p_sign.c17
-rw-r--r--src/lib/libssl/src/crypto/idea/idea_lcl.h67
-rw-r--r--src/lib/libssl/src/crypto/modes/gcm128.c5
-rw-r--r--src/lib/libssl/src/crypto/pkcs12/p12_key.c9
-rw-r--r--src/lib/libssl/src/crypto/pkcs7/pk7_doit.c25
-rw-r--r--src/lib/libssl/src/crypto/stack/stack.c12
-rw-r--r--src/lib/libssl/src/crypto/x509/x509_vfy.h13
-rw-r--r--src/lib/libssl/src/crypto/x509v3/pcy_lib.c12
-rw-r--r--src/lib/libssl/src/crypto/x509v3/pcy_tree.c51
-rw-r--r--src/lib/libssl/src/crypto/x509v3/v3_info.c5
-rw-r--r--src/lib/libssl/src/crypto/x509v3/v3_utl.c14
90 files changed, 110 insertions, 1346 deletions
diff --git a/src/lib/libcrypto/asn1/a_gentm.c b/src/lib/libcrypto/asn1/a_gentm.c
index c658b1ea35..bc3453f410 100644
--- a/src/lib/libcrypto/asn1/a_gentm.c
+++ b/src/lib/libcrypto/asn1/a_gentm.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: a_gentm.c,v 1.22 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: a_gentm.c,v 1.23 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -67,43 +67,6 @@
67 67
68#include "o_time.h" 68#include "o_time.h"
69 69
70#if 0
71
72int
73i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
74{
75 return(i2d_ASN1_bytes((ASN1_STRING *)a, pp,
76 V_ASN1_GENERALIZEDTIME, V_ASN1_UNIVERSAL));
77}
78
79
80ASN1_GENERALIZEDTIME *
81d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a, unsigned char **pp,
82 long length)
83{
84 ASN1_GENERALIZEDTIME *ret = NULL;
85
86 ret = (ASN1_GENERALIZEDTIME *)d2i_ASN1_bytes((ASN1_STRING **)a, pp, length,
87 V_ASN1_GENERALIZEDTIME, V_ASN1_UNIVERSAL);
88 if (ret == NULL) {
89 ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ERR_R_NESTED_ASN1_ERROR);
90 return (NULL);
91 }
92 if (!ASN1_GENERALIZEDTIME_check(ret)) {
93 ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ASN1_R_INVALID_TIME_FORMAT);
94 goto err;
95 }
96
97 return (ret);
98
99err:
100 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
101 M_ASN1_GENERALIZEDTIME_free(ret);
102 return (NULL);
103}
104
105#endif
106
107int 70int
108ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d) 71ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
109{ 72{
diff --git a/src/lib/libcrypto/asn1/a_strex.c b/src/lib/libcrypto/asn1/a_strex.c
index b592c0e18a..f60a70d94d 100644
--- a/src/lib/libcrypto/asn1/a_strex.c
+++ b/src/lib/libcrypto/asn1/a_strex.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: a_strex.c,v 1.24 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: a_strex.c,v 1.25 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -84,20 +84,6 @@
84/* Three IO functions for sending data to memory, a BIO and 84/* Three IO functions for sending data to memory, a BIO and
85 * and a FILE pointer. 85 * and a FILE pointer.
86 */ 86 */
87#if 0 /* never used */
88static int
89send_mem_chars(void *arg, const void *buf, int len)
90{
91 unsigned char **out = arg;
92
93 if (!out)
94 return 1;
95 memcpy(*out, buf, len);
96 *out += len;
97 return 1;
98}
99#endif
100
101static int 87static int
102send_bio_chars(void *arg, const void *buf, int len) 88send_bio_chars(void *arg, const void *buf, int len)
103{ 89{
diff --git a/src/lib/libcrypto/asn1/a_time.c b/src/lib/libcrypto/asn1/a_time.c
index 94e249960a..c5e882a4f6 100644
--- a/src/lib/libcrypto/asn1/a_time.c
+++ b/src/lib/libcrypto/asn1/a_time.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: a_time.c,v 1.21 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: a_time.c,v 1.22 2015/02/07 13:19:15 doug Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -73,18 +73,6 @@ IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME)
73 73
74IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME) 74IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME)
75 75
76#if 0
77int
78i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
79{
80 if (a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME)
81 return(i2d_ASN1_bytes((ASN1_STRING *)a, pp,
82 a->type, V_ASN1_UNIVERSAL));
83 ASN1err(ASN1_F_I2D_ASN1_TIME, ASN1_R_EXPECTING_A_TIME);
84 return -1;
85}
86#endif
87
88ASN1_TIME * 76ASN1_TIME *
89ASN1_TIME_set(ASN1_TIME *s, time_t t) 77ASN1_TIME_set(ASN1_TIME *s, time_t t)
90{ 78{
diff --git a/src/lib/libcrypto/asn1/asn1_lib.c b/src/lib/libcrypto/asn1/asn1_lib.c
index 2b952abae6..46de52a050 100644
--- a/src/lib/libcrypto/asn1/asn1_lib.c
+++ b/src/lib/libcrypto/asn1/asn1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: asn1_lib.c,v 1.32 2014/07/11 14:49:12 miod Exp $ */ 1/* $OpenBSD: asn1_lib.c,v 1.33 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -140,12 +140,6 @@ ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
140 if (inf && !(ret & V_ASN1_CONSTRUCTED)) 140 if (inf && !(ret & V_ASN1_CONSTRUCTED))
141 goto err; 141 goto err;
142 142
143#if 0
144 fprintf(stderr, "p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n",
145 (int)p, *plength, omax, (int)*pp, (int)(p+ *plength),
146 (int)(omax+ *pp));
147
148#endif
149 if (*plength > (omax - (p - *pp))) { 143 if (*plength > (omax - (p - *pp))) {
150 ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG); 144 ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG);
151 /* Set this so that even if things are not long enough 145 /* Set this so that even if things are not long enough
diff --git a/src/lib/libcrypto/asn1/asn1_par.c b/src/lib/libcrypto/asn1/asn1_par.c
index 2c8062bb8a..b5742fe97d 100644
--- a/src/lib/libcrypto/asn1/asn1_par.c
+++ b/src/lib/libcrypto/asn1/asn1_par.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: asn1_par.c,v 1.21 2014/10/03 06:02:38 doug Exp $ */ 1/* $OpenBSD: asn1_par.c,v 1.22 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -126,11 +126,7 @@ asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offset,
126 /* ASN1_BMPSTRING *bmp=NULL;*/ 126 /* ASN1_BMPSTRING *bmp=NULL;*/
127 int dump_indent; 127 int dump_indent;
128 128
129#if 0
130 dump_indent = indent;
131#else
132 dump_indent = 6; /* Because we know BIO_dump_indent() */ 129 dump_indent = 6; /* Because we know BIO_dump_indent() */
133#endif
134 p = *pp; 130 p = *pp;
135 tot = p + length; 131 tot = p + length;
136 op = p - 1; 132 op = p - 1;
diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c
index f4872d8b24..1c83fc5608 100644
--- a/src/lib/libcrypto/asn1/t_x509.c
+++ b/src/lib/libcrypto/asn1/t_x509.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t_x509.c,v 1.25 2014/07/12 16:33:25 miod Exp $ */ 1/* $OpenBSD: t_x509.c,v 1.26 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -172,14 +172,6 @@ X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
172 if (!(cflag & X509_FLAG_NO_SIGNAME)) { 172 if (!(cflag & X509_FLAG_NO_SIGNAME)) {
173 if (X509_signature_print(bp, x->sig_alg, NULL) <= 0) 173 if (X509_signature_print(bp, x->sig_alg, NULL) <= 0)
174 goto err; 174 goto err;
175#if 0
176 if (BIO_printf(bp, "%8sSignature Algorithm: ", "") <= 0)
177 goto err;
178 if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
179 goto err;
180 if (BIO_puts(bp, "\n") <= 0)
181 goto err;
182#endif
183 } 175 }
184 176
185 if (!(cflag & X509_FLAG_NO_ISSUER)) { 177 if (!(cflag & X509_FLAG_NO_ISSUER)) {
diff --git a/src/lib/libcrypto/asn1/tasn_prn.c b/src/lib/libcrypto/asn1/tasn_prn.c
index 9383750a82..844960fc77 100644
--- a/src/lib/libcrypto/asn1/tasn_prn.c
+++ b/src/lib/libcrypto/asn1/tasn_prn.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tasn_prn.c,v 1.11 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: tasn_prn.c,v 1.12 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -260,11 +260,6 @@ asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, const ASN1_ITEM *it,
260 break; 260 break;
261 261
262 case ASN1_ITYPE_CHOICE: 262 case ASN1_ITYPE_CHOICE:
263#if 0
264 if (!nohdr &&
265 !asn1_print_fsname(out, indent, fname, sname, pctx))
266 return 0;
267#endif
268 /* CHOICE type, get selector */ 263 /* CHOICE type, get selector */
269 i = asn1_get_choice_selector(fld, it); 264 i = asn1_get_choice_selector(fld, it);
270 /* This should never happen... */ 265 /* This should never happen... */
@@ -395,11 +390,6 @@ asn1_print_fsname(BIO *out, int indent, const char *fname, const char *sname,
395 static char spaces[] = " "; 390 static char spaces[] = " ";
396 const int nspaces = sizeof(spaces) - 1; 391 const int nspaces = sizeof(spaces) - 1;
397 392
398#if 0
399 if (!sname && !fname)
400 return 1;
401#endif
402
403 while (indent > nspaces) { 393 while (indent > nspaces) {
404 if (BIO_write(out, spaces, nspaces) != nspaces) 394 if (BIO_write(out, spaces, nspaces) != nspaces)
405 return 0; 395 return 0;
diff --git a/src/lib/libcrypto/bio/bf_nbio.c b/src/lib/libcrypto/bio/bf_nbio.c
index a86feb49c2..24e2e7e8b9 100644
--- a/src/lib/libcrypto/bio/bf_nbio.c
+++ b/src/lib/libcrypto/bio/bf_nbio.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bf_nbio.c,v 1.18 2014/10/22 13:02:03 jsing Exp $ */ 1/* $OpenBSD: bf_nbio.c,v 1.19 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -130,10 +130,8 @@ static int
130nbiof_read(BIO *b, char *out, int outl) 130nbiof_read(BIO *b, char *out, int outl)
131{ 131{
132 int ret = 0; 132 int ret = 0;
133#if 1
134 int num; 133 int num;
135 unsigned char n; 134 unsigned char n;
136#endif
137 135
138 if (out == NULL) 136 if (out == NULL)
139 return (0); 137 return (0);
@@ -141,7 +139,7 @@ nbiof_read(BIO *b, char *out, int outl)
141 return (0); 139 return (0);
142 140
143 BIO_clear_retry_flags(b); 141 BIO_clear_retry_flags(b);
144#if 1 142
145 arc4random_buf(&n, 1); 143 arc4random_buf(&n, 1);
146 num = (n & 0x07); 144 num = (n & 0x07);
147 145
@@ -151,9 +149,7 @@ nbiof_read(BIO *b, char *out, int outl)
151 if (num == 0) { 149 if (num == 0) {
152 ret = -1; 150 ret = -1;
153 BIO_set_retry_read(b); 151 BIO_set_retry_read(b);
154 } else 152 } else {
155#endif
156 {
157 ret = BIO_read(b->next_bio, out, outl); 153 ret = BIO_read(b->next_bio, out, outl);
158 if (ret < 0) 154 if (ret < 0)
159 BIO_copy_next_retry(b); 155 BIO_copy_next_retry(b);
@@ -177,7 +173,6 @@ nbiof_write(BIO *b, const char *in, int inl)
177 173
178 BIO_clear_retry_flags(b); 174 BIO_clear_retry_flags(b);
179 175
180#if 1
181 if (nt->lwn > 0) { 176 if (nt->lwn > 0) {
182 num = nt->lwn; 177 num = nt->lwn;
183 nt->lwn = 0; 178 nt->lwn = 0;
@@ -192,9 +187,7 @@ nbiof_write(BIO *b, const char *in, int inl)
192 if (num == 0) { 187 if (num == 0) {
193 ret = -1; 188 ret = -1;
194 BIO_set_retry_write(b); 189 BIO_set_retry_write(b);
195 } else 190 } else {
196#endif
197 {
198 ret = BIO_write(b->next_bio, in, inl); 191 ret = BIO_write(b->next_bio, in, inl);
199 if (ret < 0) { 192 if (ret < 0) {
200 BIO_copy_next_retry(b); 193 BIO_copy_next_retry(b);
diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h
index 10414dc339..d93c9fc059 100644
--- a/src/lib/libcrypto/bn/bn.h
+++ b/src/lib/libcrypto/bn/bn.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn.h,v 1.25 2014/10/22 13:02:04 jsing Exp $ */ 1/* $OpenBSD: bn.h,v 1.26 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -241,17 +241,6 @@ extern "C" {
241 | BN_FLG_STATIC_DATA \ 241 | BN_FLG_STATIC_DATA \
242 | (n))) 242 | (n)))
243 243
244/* Already declared in ossl_typ.h */
245#if 0
246typedef struct bignum_st BIGNUM;
247/* Used for temp variables (declaration hidden in bn_lcl.h) */
248typedef struct bignum_ctx BN_CTX;
249typedef struct bn_blinding_st BN_BLINDING;
250typedef struct bn_mont_ctx_st BN_MONT_CTX;
251typedef struct bn_recp_ctx_st BN_RECP_CTX;
252typedef struct bn_gencb_st BN_GENCB;
253#endif
254
255struct bignum_st { 244struct bignum_st {
256 BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */ 245 BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */
257 int top; /* Index of last used d +1. */ 246 int top; /* Index of last used d +1. */
diff --git a/src/lib/libcrypto/conf/conf.h b/src/lib/libcrypto/conf/conf.h
index ba7fb69794..095066d31b 100644
--- a/src/lib/libcrypto/conf/conf.h
+++ b/src/lib/libcrypto/conf/conf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: conf.h,v 1.13 2014/06/12 15:49:28 deraadt Exp $ */ 1/* $OpenBSD: conf.h,v 1.14 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -149,9 +149,6 @@ struct conf_st {
149CONF *NCONF_new(CONF_METHOD *meth); 149CONF *NCONF_new(CONF_METHOD *meth);
150CONF_METHOD *NCONF_default(void); 150CONF_METHOD *NCONF_default(void);
151CONF_METHOD *NCONF_WIN32(void); 151CONF_METHOD *NCONF_WIN32(void);
152#if 0 /* Just to give you an idea of what I have in mind */
153CONF_METHOD *NCONF_XML(void);
154#endif
155void NCONF_free(CONF *conf); 152void NCONF_free(CONF *conf);
156void NCONF_free_data(CONF *conf); 153void NCONF_free_data(CONF *conf);
157 154
@@ -165,12 +162,7 @@ int NCONF_get_number_e(const CONF *conf, const char *group, const char *name,
165int NCONF_dump_fp(const CONF *conf, FILE *out); 162int NCONF_dump_fp(const CONF *conf, FILE *out);
166int NCONF_dump_bio(const CONF *conf, BIO *out); 163int NCONF_dump_bio(const CONF *conf, BIO *out);
167 164
168#if 0 /* The following function has no error checking,
169 and should therefore be avoided */
170long NCONF_get_number(CONF *conf, char *group, char *name);
171#else
172#define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r) 165#define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
173#endif
174 166
175/* Module functions */ 167/* Module functions */
176 168
diff --git a/src/lib/libcrypto/conf/conf_api.c b/src/lib/libcrypto/conf/conf_api.c
index 7480dda3d5..56a4f249ad 100644
--- a/src/lib/libcrypto/conf/conf_api.c
+++ b/src/lib/libcrypto/conf/conf_api.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: conf_api.c,v 1.11 2014/06/23 22:19:02 deraadt Exp $ */ 1/* $OpenBSD: conf_api.c,v 1.12 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -165,28 +165,6 @@ _CONF_get_string(const CONF *conf, const char *section, const char *name)
165 } 165 }
166} 166}
167 167
168#if 0 /* There's no way to provide error checking with this function, so
169 force implementors of the higher levels to get a string and read
170 the number themselves. */
171long
172_CONF_get_number(CONF *conf, char *section, char *name)
173{
174 char *str;
175 long ret = 0;
176
177 str = _CONF_get_string(conf, section, name);
178 if (str == NULL)
179 return (0);
180 for (;;) {
181 if (conf->meth->is_number(conf, *str))
182 ret = ret * 10 + conf->meth->to_int(conf, *str);
183 else
184 return (ret);
185 str++;
186 }
187}
188#endif
189
190static unsigned long 168static unsigned long
191conf_value_hash(const CONF_VALUE *v) 169conf_value_hash(const CONF_VALUE *v)
192{ 170{
diff --git a/src/lib/libcrypto/conf/conf_def.c b/src/lib/libcrypto/conf/conf_def.c
index c437aeb457..e608e5fe9d 100644
--- a/src/lib/libcrypto/conf/conf_def.c
+++ b/src/lib/libcrypto/conf/conf_def.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: conf_def.c,v 1.28 2014/07/11 15:38:03 miod Exp $ */ 1/* $OpenBSD: conf_def.c,v 1.29 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -388,27 +388,12 @@ again:
388 } 388 }
389 } else 389 } else
390 tv = sv; 390 tv = sv;
391#if 1 391
392 if (_CONF_add_string(conf, tv, v) == 0) { 392 if (_CONF_add_string(conf, tv, v) == 0) {
393 CONFerr(CONF_F_DEF_LOAD_BIO, 393 CONFerr(CONF_F_DEF_LOAD_BIO,
394 ERR_R_MALLOC_FAILURE); 394 ERR_R_MALLOC_FAILURE);
395 goto err; 395 goto err;
396 } 396 }
397#else
398 v->section = tv->section;
399 if (!sk_CONF_VALUE_push(ts, v)) {
400 CONFerr(CONF_F_DEF_LOAD_BIO,
401 ERR_R_MALLOC_FAILURE);
402 goto err;
403 }
404 vv = (CONF_VALUE *)lh_insert(conf->data, v);
405 if (vv != NULL) {
406 sk_CONF_VALUE_delete_ptr(ts, vv);
407 free(vv->name);
408 free(vv->value);
409 free(vv);
410 }
411#endif
412 v = NULL; 397 v = NULL;
413 } 398 }
414 } 399 }
diff --git a/src/lib/libcrypto/conf/conf_lib.c b/src/lib/libcrypto/conf/conf_lib.c
index 2119eb6219..a7c8be7c0d 100644
--- a/src/lib/libcrypto/conf/conf_lib.c
+++ b/src/lib/libcrypto/conf/conf_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: conf_lib.c,v 1.12 2014/07/09 11:10:50 bcook Exp $ */ 1/* $OpenBSD: conf_lib.c,v 1.13 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL 2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -373,21 +373,3 @@ NCONF_dump_bio(const CONF *conf, BIO *out)
373 373
374 return conf->meth->dump(conf, out); 374 return conf->meth->dump(conf, out);
375} 375}
376
377
378/* This function should be avoided */
379#if 0
380long
381NCONF_get_number(CONF *conf, char *group, char *name)
382{
383 int status;
384 long ret = 0;
385
386 status = NCONF_get_number_e(conf, group, name, &ret);
387 if (status == 0) {
388 /* This function does not believe in errors... */
389 ERR_get_error();
390 }
391 return ret;
392}
393#endif
diff --git a/src/lib/libcrypto/crypto.h b/src/lib/libcrypto/crypto.h
index 5cb1dda021..27b7f3fe02 100644
--- a/src/lib/libcrypto/crypto.h
+++ b/src/lib/libcrypto/crypto.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: crypto.h,v 1.32 2014/07/10 22:45:56 jsing Exp $ */ 1/* $OpenBSD: crypto.h,v 1.33 2015/02/07 13:19:15 doug Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -142,20 +142,6 @@ extern "C" {
142#define SSLEAY_PLATFORM 4 142#define SSLEAY_PLATFORM 4
143#define SSLEAY_DIR 5 143#define SSLEAY_DIR 5
144 144
145/* Already declared in ossl_typ.h */
146#if 0
147typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
148/* Called when a new object is created */
149typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
150 int idx, long argl, void *argp);
151/* Called when an object is free()ed */
152typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
153 int idx, long argl, void *argp);
154/* Called when we need to dup an object */
155typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
156 void *from_d, int idx, long argl, void *argp);
157#endif
158
159/* A generic structure to pass assorted data in a expandable way */ 145/* A generic structure to pass assorted data in a expandable way */
160typedef struct openssl_item_st { 146typedef struct openssl_item_st {
161 int code; 147 int code;
diff --git a/src/lib/libcrypto/des/cfb64ede.c b/src/lib/libcrypto/des/cfb64ede.c
index 0b5c7d6249..6d4d287775 100644
--- a/src/lib/libcrypto/des/cfb64ede.c
+++ b/src/lib/libcrypto/des/cfb64ede.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cfb64ede.c,v 1.8 2014/10/28 07:35:58 jsg Exp $ */ 1/* $OpenBSD: cfb64ede.c,v 1.9 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -132,15 +132,6 @@ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
132 *num=n; 132 *num=n;
133 } 133 }
134 134
135#ifdef undef /* MACRO */
136void DES_ede2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
137 DES_key_schedule ks1, DES_key_schedule ks2, DES_cblock (*ivec),
138 int *num, int enc)
139 {
140 DES_ede3_cfb64_encrypt(in,out,length,ks1,ks2,ks1,ivec,num,enc);
141 }
142#endif
143
144/* This is compatible with the single key CFB-r for DES, even thought that's 135/* This is compatible with the single key CFB-r for DES, even thought that's
145 * not what EVP needs. 136 * not what EVP needs.
146 */ 137 */
diff --git a/src/lib/libcrypto/des/des.h b/src/lib/libcrypto/des/des.h
index e7585bc3d9..e1331d3fa2 100644
--- a/src/lib/libcrypto/des/des.h
+++ b/src/lib/libcrypto/des/des.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: des.h,v 1.18 2014/06/12 15:49:28 deraadt Exp $ */ 1/* $OpenBSD: des.h,v 1.19 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -178,11 +178,6 @@ void DES_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out,
178 long length,DES_key_schedule *ks1, 178 long length,DES_key_schedule *ks1,
179 DES_key_schedule *ks2,DES_key_schedule *ks3, 179 DES_key_schedule *ks2,DES_key_schedule *ks3,
180 DES_cblock *ivec,int *num); 180 DES_cblock *ivec,int *num);
181#if 0
182void DES_xwhite_in2out(const_DES_cblock *DES_key,const_DES_cblock *in_white,
183 DES_cblock *out_white);
184#endif
185
186int DES_enc_read(int fd,void *buf,int len,DES_key_schedule *sched, 181int DES_enc_read(int fd,void *buf,int len,DES_key_schedule *sched,
187 DES_cblock *iv); 182 DES_cblock *iv);
188int DES_enc_write(int fd,const void *buf,int len,DES_key_schedule *sched, 183int DES_enc_write(int fd,const void *buf,int len,DES_key_schedule *sched,
diff --git a/src/lib/libcrypto/des/ofb64ede.c b/src/lib/libcrypto/des/ofb64ede.c
index 1d916e9305..474d38caaf 100644
--- a/src/lib/libcrypto/des/ofb64ede.c
+++ b/src/lib/libcrypto/des/ofb64ede.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ofb64ede.c,v 1.5 2014/10/28 07:35:58 jsg Exp $ */ 1/* $OpenBSD: ofb64ede.c,v 1.6 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -105,8 +105,6 @@ void DES_ede3_ofb64_encrypt(const unsigned char *in,
105 } 105 }
106 if (save) 106 if (save)
107 { 107 {
108/* v0=ti[0];
109 v1=ti[1];*/
110 iv = &(*ivec)[0]; 108 iv = &(*ivec)[0];
111 l2c(v0,iv); 109 l2c(v0,iv);
112 l2c(v1,iv); 110 l2c(v1,iv);
@@ -114,12 +112,3 @@ void DES_ede3_ofb64_encrypt(const unsigned char *in,
114 v0=v1=ti[0]=ti[1]=0; 112 v0=v1=ti[0]=ti[1]=0;
115 *num=n; 113 *num=n;
116 } 114 }
117
118#ifdef undef /* MACRO */
119void DES_ede2_ofb64_encrypt(unsigned char *in,
120 unsigned char *out, long length, DES_key_schedule k1,
121 DES_key_schedule k2, DES_cblock (*ivec), int *num)
122 {
123 DES_ede3_ofb64_encrypt(in, out, length, k1,k2,k1, ivec, num);
124 }
125#endif
diff --git a/src/lib/libcrypto/des/xcbc_enc.c b/src/lib/libcrypto/des/xcbc_enc.c
index dc4607e8aa..4f7a070103 100644
--- a/src/lib/libcrypto/des/xcbc_enc.c
+++ b/src/lib/libcrypto/des/xcbc_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: xcbc_enc.c,v 1.8 2014/10/28 07:35:58 jsg Exp $ */ 1/* $OpenBSD: xcbc_enc.c,v 1.9 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -60,55 +60,6 @@
60 60
61/* RSA's DESX */ 61/* RSA's DESX */
62 62
63#if 0 /* broken code, preserved just in case anyone specifically looks for this */
64static const unsigned char desx_white_in2out[256]={
650xBD,0x56,0xEA,0xF2,0xA2,0xF1,0xAC,0x2A,0xB0,0x93,0xD1,0x9C,0x1B,0x33,0xFD,0xD0,
660x30,0x04,0xB6,0xDC,0x7D,0xDF,0x32,0x4B,0xF7,0xCB,0x45,0x9B,0x31,0xBB,0x21,0x5A,
670x41,0x9F,0xE1,0xD9,0x4A,0x4D,0x9E,0xDA,0xA0,0x68,0x2C,0xC3,0x27,0x5F,0x80,0x36,
680x3E,0xEE,0xFB,0x95,0x1A,0xFE,0xCE,0xA8,0x34,0xA9,0x13,0xF0,0xA6,0x3F,0xD8,0x0C,
690x78,0x24,0xAF,0x23,0x52,0xC1,0x67,0x17,0xF5,0x66,0x90,0xE7,0xE8,0x07,0xB8,0x60,
700x48,0xE6,0x1E,0x53,0xF3,0x92,0xA4,0x72,0x8C,0x08,0x15,0x6E,0x86,0x00,0x84,0xFA,
710xF4,0x7F,0x8A,0x42,0x19,0xF6,0xDB,0xCD,0x14,0x8D,0x50,0x12,0xBA,0x3C,0x06,0x4E,
720xEC,0xB3,0x35,0x11,0xA1,0x88,0x8E,0x2B,0x94,0x99,0xB7,0x71,0x74,0xD3,0xE4,0xBF,
730x3A,0xDE,0x96,0x0E,0xBC,0x0A,0xED,0x77,0xFC,0x37,0x6B,0x03,0x79,0x89,0x62,0xC6,
740xD7,0xC0,0xD2,0x7C,0x6A,0x8B,0x22,0xA3,0x5B,0x05,0x5D,0x02,0x75,0xD5,0x61,0xE3,
750x18,0x8F,0x55,0x51,0xAD,0x1F,0x0B,0x5E,0x85,0xE5,0xC2,0x57,0x63,0xCA,0x3D,0x6C,
760xB4,0xC5,0xCC,0x70,0xB2,0x91,0x59,0x0D,0x47,0x20,0xC8,0x4F,0x58,0xE0,0x01,0xE2,
770x16,0x38,0xC4,0x6F,0x3B,0x0F,0x65,0x46,0xBE,0x7E,0x2D,0x7B,0x82,0xF9,0x40,0xB5,
780x1D,0x73,0xF8,0xEB,0x26,0xC7,0x87,0x97,0x25,0x54,0xB1,0x28,0xAA,0x98,0x9D,0xA5,
790x64,0x6D,0x7A,0xD4,0x10,0x81,0x44,0xEF,0x49,0xD6,0xAE,0x2E,0xDD,0x76,0x5C,0x2F,
800xA7,0x1C,0xC9,0x09,0x69,0x9A,0x83,0xCF,0x29,0x39,0xB9,0xE9,0x4C,0xFF,0x43,0xAB,
81 };
82
83void DES_xwhite_in2out(const_DES_cblock *des_key, const_DES_cblock *in_white,
84 DES_cblock *out_white)
85 {
86 int out0,out1;
87 int i;
88 const unsigned char *key = &(*des_key)[0];
89 const unsigned char *in = &(*in_white)[0];
90 unsigned char *out = &(*out_white)[0];
91
92 out[0]=out[1]=out[2]=out[3]=out[4]=out[5]=out[6]=out[7]=0;
93 out0=out1=0;
94 for (i=0; i<8; i++)
95 {
96 out[i]=key[i]^desx_white_in2out[out0^out1];
97 out0=out1;
98 out1=(int)out[i&0x07];
99 }
100
101 out0=out[0];
102 out1=out[i]; /* BUG: out-of-bounds read */
103 for (i=0; i<8; i++)
104 {
105 out[i]=in[i]^desx_white_in2out[out0^out1];
106 out0=out1;
107 out1=(int)out[i&0x07];
108 }
109 }
110#endif
111
112void DES_xcbc_encrypt(const unsigned char *in, unsigned char *out, 63void DES_xcbc_encrypt(const unsigned char *in, unsigned char *out,
113 long length, DES_key_schedule *schedule, 64 long length, DES_key_schedule *schedule,
114 DES_cblock *ivec, const_DES_cblock *inw, 65 DES_cblock *ivec, const_DES_cblock *inw,
diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c
index 0f6c50b055..93e1003bd6 100644
--- a/src/lib/libcrypto/dh/dh_check.c
+++ b/src/lib/libcrypto/dh/dh_check.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_check.c,v 1.14 2014/07/12 16:03:37 miod Exp $ */ 1/* $OpenBSD: dh_check.c,v 1.15 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -91,12 +91,6 @@ DH_check(const DH *dh, int *ret)
91 l = BN_mod_word(dh->p, 24); 91 l = BN_mod_word(dh->p, 24);
92 if (l != 11) 92 if (l != 11)
93 *ret |= DH_NOT_SUITABLE_GENERATOR; 93 *ret |= DH_NOT_SUITABLE_GENERATOR;
94#if 0
95 } else if (BN_is_word(dh->g, DH_GENERATOR_3)) {
96 l = BN_mod_word(dh->p, 12);
97 if (l != 5)
98 *ret |= DH_NOT_SUITABLE_GENERATOR;
99#endif
100 } else if (BN_is_word(dh->g, DH_GENERATOR_5)) { 94 } else if (BN_is_word(dh->g, DH_GENERATOR_5)) {
101 l = BN_mod_word(dh->p, 10); 95 l = BN_mod_word(dh->p, 10);
102 if (l != 3 && l != 7) 96 if (l != 3 && l != 7)
diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c
index 6a884eff9e..1bc37b987e 100644
--- a/src/lib/libcrypto/dh/dh_gen.c
+++ b/src/lib/libcrypto/dh/dh_gen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_gen.c,v 1.13 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dh_gen.c,v 1.14 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -136,14 +136,6 @@ dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb)
136 if (!BN_set_word(t2, 11)) 136 if (!BN_set_word(t2, 11))
137 goto err; 137 goto err;
138 g = 2; 138 g = 2;
139#if 0 /* does not work for safe primes */
140 } else if (generator == DH_GENERATOR_3) {
141 if (!BN_set_word(t1, 12))
142 goto err;
143 if (!BN_set_word(t2, 5))
144 goto err;
145 g = 3;
146#endif
147 } else if (generator == DH_GENERATOR_5) { 139 } else if (generator == DH_GENERATOR_5) {
148 if (!BN_set_word(t1, 10)) 140 if (!BN_set_word(t1, 10))
149 goto err; 141 goto err;
diff --git a/src/lib/libcrypto/dso/dso.h b/src/lib/libcrypto/dso/dso.h
index 52d391c0a4..42de08089e 100644
--- a/src/lib/libcrypto/dso/dso.h
+++ b/src/lib/libcrypto/dso/dso.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: dso.h,v 1.10 2014/08/14 17:55:28 tobias Exp $ */ 1/* $OpenBSD: dso.h,v 1.11 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL 2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -149,13 +149,6 @@ typedef struct dso_meth_st {
149 * alone a DSO_METHOD implemented for them. */ 149 * alone a DSO_METHOD implemented for them. */
150 DSO_FUNC_TYPE (*dso_bind_func)(DSO *dso, const char *symname); 150 DSO_FUNC_TYPE (*dso_bind_func)(DSO *dso, const char *symname);
151 151
152/* I don't think this would actually be used in any circumstances. */
153#if 0
154 /* Unbinds a variable */
155 int (*dso_unbind_var)(DSO *dso, char *symname, void *symptr);
156 /* Unbinds a function */
157 int (*dso_unbind_func)(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
158#endif
159 /* The generic (yuck) "ctrl()" function. NB: Negative return 152 /* The generic (yuck) "ctrl()" function. NB: Negative return
160 * values (rather than zero) indicate errors. */ 153 * values (rather than zero) indicate errors. */
161 long (*dso_ctrl)(DSO *dso, int cmd, long larg, void *parg); 154 long (*dso_ctrl)(DSO *dso, int cmd, long larg, void *parg);
@@ -309,9 +302,6 @@ int DSO_pathbyaddr(void *addr, char *path, int sz);
309 * itself or libsocket. */ 302 * itself or libsocket. */
310void *DSO_global_lookup(const char *name); 303void *DSO_global_lookup(const char *name);
311 304
312/* If BeOS is defined, use shared images. If not, return NULL. */
313DSO_METHOD *DSO_METHOD_beos(void);
314
315/* BEGIN ERROR CODES */ 305/* BEGIN ERROR CODES */
316/* The following lines are auto generated by the script mkerr.pl. Any changes 306/* The following lines are auto generated by the script mkerr.pl. Any changes
317 * made after this point may be overwritten when the script is next run. 307 * made after this point may be overwritten when the script is next run.
diff --git a/src/lib/libcrypto/dso/dso_dlfcn.c b/src/lib/libcrypto/dso/dso_dlfcn.c
index b75c9e23e0..f22e641bab 100644
--- a/src/lib/libcrypto/dso/dso_dlfcn.c
+++ b/src/lib/libcrypto/dso/dso_dlfcn.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dso_dlfcn.c,v 1.27 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dso_dlfcn.c,v 1.28 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL 2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -82,12 +82,6 @@ static int dlfcn_load(DSO *dso);
82static int dlfcn_unload(DSO *dso); 82static int dlfcn_unload(DSO *dso);
83static void *dlfcn_bind_var(DSO *dso, const char *symname); 83static void *dlfcn_bind_var(DSO *dso, const char *symname);
84static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname); 84static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname);
85#if 0
86static int dlfcn_unbind(DSO *dso, char *symname, void *symptr);
87static int dlfcn_init(DSO *dso);
88static int dlfcn_finish(DSO *dso);
89static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg);
90#endif
91static char *dlfcn_name_converter(DSO *dso, const char *filename); 85static char *dlfcn_name_converter(DSO *dso, const char *filename);
92static char *dlfcn_merger(DSO *dso, const char *filespec1, 86static char *dlfcn_merger(DSO *dso, const char *filespec1,
93 const char *filespec2); 87 const char *filespec2);
diff --git a/src/lib/libcrypto/ec/ec_curve.c b/src/lib/libcrypto/ec/ec_curve.c
index 6490cd9d84..df49089bb6 100644
--- a/src/lib/libcrypto/ec/ec_curve.c
+++ b/src/lib/libcrypto/ec/ec_curve.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_curve.c,v 1.9 2014/11/12 18:21:07 miod Exp $ */ 1/* $OpenBSD: ec_curve.c,v 1.10 2015/02/07 13:19:15 doug Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project. 3 * Written by Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -1008,13 +1008,6 @@ static const struct {
1008 NID_X9_62_characteristic_two_field, 0, 21, 2 1008 NID_X9_62_characteristic_two_field, 0, 21, 2
1009 }, 1009 },
1010 { /* no seed */ 1010 { /* no seed */
1011#if 0
1012/* The algorithm used to derive the curve parameters from
1013 * the seed used here is slightly different than the
1014 * algorithm described in X9.62 . */
1015 0x24, 0xB7, 0xB1, 0x37, 0xC8, 0xA1, 0x4D, 0x69, 0x6E, 0x67,
1016 0x68, 0x75, 0x61, 0x51, 0x75, 0x6F, 0xD0, 0xDA, 0x2E, 0x5C,
1017#endif
1018 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* p */ 1011 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* p */
1019 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1012 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1020 0xC9, 1013 0xC9,
@@ -1045,12 +1038,6 @@ static const struct {
1045 NID_X9_62_characteristic_two_field, 0, 21, 2 1038 NID_X9_62_characteristic_two_field, 0, 21, 2
1046 }, 1039 },
1047 { /* no seed */ 1040 { /* no seed */
1048#if 0
1049/* The seed here was used to created the curve parameters in normal
1050 * basis representation (and not the polynomial representation used here) */
1051 0x85, 0xE2, 0x5B, 0xFE, 0x5C, 0x86, 0x22, 0x6C, 0xDB, 0x12,
1052 0x01, 0x6F, 0x75, 0x53, 0xF9, 0xD0, 0xE6, 0x93, 0xA2, 0x68,
1053#endif
1054 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* p */ 1041 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* p */
1055 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1042 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1056 0xC9, 1043 0xC9,
diff --git a/src/lib/libcrypto/ec/ec_mult.c b/src/lib/libcrypto/ec/ec_mult.c
index 3dc17bc409..9e3aee13a2 100644
--- a/src/lib/libcrypto/ec/ec_mult.c
+++ b/src/lib/libcrypto/ec/ec_mult.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_mult.c,v 1.15 2014/11/11 06:23:43 guenther Exp $ */ 1/* $OpenBSD: ec_mult.c,v 1.16 2015/02/07 13:19:15 doug Exp $ */
2/* 2/*
3 * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project. 3 * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -627,11 +627,8 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
627 } 627 }
628 } 628 }
629 629
630#if 1 /* optional; EC_window_bits_for_scalar_size
631 * assumes we do this step */
632 if (!EC_POINTs_make_affine(group, num_val, val, ctx)) 630 if (!EC_POINTs_make_affine(group, num_val, val, ctx))
633 goto err; 631 goto err;
634#endif
635 632
636 r_is_at_infinity = 1; 633 r_is_at_infinity = 1;
637 634
diff --git a/src/lib/libcrypto/ecdh/ech_lib.c b/src/lib/libcrypto/ecdh/ech_lib.c
index e9fae9428b..43c4f8ce31 100644
--- a/src/lib/libcrypto/ecdh/ech_lib.c
+++ b/src/lib/libcrypto/ecdh/ech_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ech_lib.c,v 1.7 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ech_lib.c,v 1.8 2015/02/07 13:19:15 doug Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -106,11 +106,6 @@ int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
106 if (ecdh == NULL) 106 if (ecdh == NULL)
107 return 0; 107 return 0;
108 108
109#if 0
110 mtmp = ecdh->meth;
111 if (mtmp->finish)
112 mtmp->finish(eckey);
113#endif
114#ifndef OPENSSL_NO_ENGINE 109#ifndef OPENSSL_NO_ENGINE
115 if (ecdh->engine) 110 if (ecdh->engine)
116 { 111 {
@@ -119,10 +114,6 @@ int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
119 } 114 }
120#endif 115#endif
121 ecdh->meth = meth; 116 ecdh->meth = meth;
122#if 0
123 if (meth->init)
124 meth->init(eckey);
125#endif
126 return 1; 117 return 1;
127 } 118 }
128 119
@@ -159,14 +150,6 @@ static ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine)
159 150
160 ret->flags = ret->meth->flags; 151 ret->flags = ret->meth->flags;
161 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data); 152 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
162#if 0
163 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
164 {
165 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
166 free(ret);
167 ret=NULL;
168 }
169#endif
170 return(ret); 153 return(ret);
171 } 154 }
172 155
diff --git a/src/lib/libcrypto/ecdh/ech_locl.h b/src/lib/libcrypto/ecdh/ech_locl.h
index fff54abf60..077c7dab95 100644
--- a/src/lib/libcrypto/ecdh/ech_locl.h
+++ b/src/lib/libcrypto/ecdh/ech_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ech_locl.h,v 1.2 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: ech_locl.h,v 1.3 2015/02/07 13:19:15 doug Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -67,10 +67,6 @@ struct ecdh_method
67 const char *name; 67 const char *name;
68 int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, 68 int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
69 void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); 69 void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
70#if 0
71 int (*init)(EC_KEY *eckey);
72 int (*finish)(EC_KEY *eckey);
73#endif
74 int flags; 70 int flags;
75 char *app_data; 71 char *app_data;
76 }; 72 };
diff --git a/src/lib/libcrypto/ecdsa/ecs_lib.c b/src/lib/libcrypto/ecdsa/ecs_lib.c
index a92d6117c9..6cdf4c124b 100644
--- a/src/lib/libcrypto/ecdsa/ecs_lib.c
+++ b/src/lib/libcrypto/ecdsa/ecs_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecs_lib.c,v 1.7 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ecs_lib.c,v 1.8 2015/02/07 13:19:15 doug Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -138,14 +138,6 @@ static ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine)
138 138
139 ret->flags = ret->meth->flags; 139 ret->flags = ret->meth->flags;
140 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data); 140 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data);
141#if 0
142 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
143 {
144 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data);
145 free(ret);
146 ret=NULL;
147 }
148#endif
149 return(ret); 141 return(ret);
150} 142}
151 143
diff --git a/src/lib/libcrypto/engine/eng_all.c b/src/lib/libcrypto/engine/eng_all.c
index 21b76266c7..014bcb132e 100644
--- a/src/lib/libcrypto/engine/eng_all.c
+++ b/src/lib/libcrypto/engine/eng_all.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_all.c,v 1.26 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: eng_all.c,v 1.27 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Richard Levitte <richard@levitte.org> for the OpenSSL 2/* Written by Richard Levitte <richard@levitte.org> for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -66,13 +66,6 @@ ENGINE_load_builtin_engines(void)
66{ 66{
67 /* Some ENGINEs need this */ 67 /* Some ENGINEs need this */
68 OPENSSL_cpuid_setup(); 68 OPENSSL_cpuid_setup();
69#if 0
70 /* There's no longer any need for an "openssl" ENGINE unless, one day,
71 * it is the *only* way for standard builtin implementations to be be
72 * accessed (ie. it would be possible to statically link binaries with
73 * *no* builtin implementations). */
74 ENGINE_load_openssl();
75#endif
76 69
77#ifndef OPENSSL_NO_RSAX 70#ifndef OPENSSL_NO_RSAX
78 ENGINE_load_rsax(); 71 ENGINE_load_rsax();
diff --git a/src/lib/libcrypto/engine/eng_list.c b/src/lib/libcrypto/engine/eng_list.c
index b84504102f..78e978116a 100644
--- a/src/lib/libcrypto/engine/eng_list.c
+++ b/src/lib/libcrypto/engine/eng_list.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_list.c,v 1.15 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: eng_list.c,v 1.16 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL 2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -378,14 +378,7 @@ ENGINE_by_id(const char *id)
378 } 378 }
379 } 379 }
380 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 380 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
381#if 0 381
382 if (iterator == NULL) {
383 ENGINEerr(ENGINE_F_ENGINE_BY_ID,
384 ENGINE_R_NO_SUCH_ENGINE);
385 ERR_asprintf_error_data("id=%s", id);
386 }
387 return iterator;
388#else
389 /* EEK! Experimental code starts */ 382 /* EEK! Experimental code starts */
390 if (iterator) 383 if (iterator)
391 return iterator; 384 return iterator;
@@ -415,7 +408,6 @@ notfound:
415 ERR_asprintf_error_data("id=%s", id); 408 ERR_asprintf_error_data("id=%s", id);
416 return NULL; 409 return NULL;
417 /* EEK! Experimental code ends */ 410 /* EEK! Experimental code ends */
418#endif
419} 411}
420 412
421int 413int
diff --git a/src/lib/libcrypto/engine/eng_padlock.c b/src/lib/libcrypto/engine/eng_padlock.c
index 48040db82d..1c86a343df 100644
--- a/src/lib/libcrypto/engine/eng_padlock.c
+++ b/src/lib/libcrypto/engine/eng_padlock.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_padlock.c,v 1.13 2014/10/18 17:20:40 jsing Exp $ */ 1/* $OpenBSD: eng_padlock.c,v 1.14 2015/02/07 13:19:15 doug Exp $ */
2/* 2/*
3 * Support for VIA PadLock Advanced Cryptography Engine (ACE) 3 * Support for VIA PadLock Advanced Cryptography Engine (ACE)
4 * Written by Michal Ludvig <michal@logix.cz> 4 * Written by Michal Ludvig <michal@logix.cz>
@@ -168,9 +168,11 @@ padlock_bind_helper(ENGINE *e)
168 /* Check available features */ 168 /* Check available features */
169 padlock_available(); 169 padlock_available();
170 170
171#if 1 /* disable RNG for now, see commentary in vicinity of RNG code */ 171 /*
172 * RNG is currently disabled for reasons discussed in commentary just
173 * before padlock_rand_bytes function.
174 */
172 padlock_use_rng = 0; 175 padlock_use_rng = 0;
173#endif
174 176
175 /* Generate a nice engine name with available features */ 177 /* Generate a nice engine name with available features */
176 (void) snprintf(padlock_name, sizeof(padlock_name), 178 (void) snprintf(padlock_name, sizeof(padlock_name),
diff --git a/src/lib/libcrypto/engine/tb_store.c b/src/lib/libcrypto/engine/tb_store.c
index 2f0cc004f3..e9ad11ab01 100644
--- a/src/lib/libcrypto/engine/tb_store.c
+++ b/src/lib/libcrypto/engine/tb_store.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tb_store.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: tb_store.c,v 1.5 2015/02/07 13:19:15 doug Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 2003 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -93,29 +93,6 @@ ENGINE_register_all_STORE(void)
93 ENGINE_register_STORE(e); 93 ENGINE_register_STORE(e);
94} 94}
95 95
96/* The following two functions are removed because they're useless. */
97#if 0
98int
99ENGINE_set_default_STORE(ENGINE *e)
100{
101 if (e->store_meth)
102 return engine_table_register(&store_table,
103 engine_unregister_all_STORE, e, &dummy_nid, 1, 1);
104 return 1;
105}
106#endif
107
108#if 0
109/* Exposed API function to get a functional reference from the implementation
110 * table (ie. try to get a functional reference from the tabled structural
111 * references). */
112ENGINE *
113ENGINE_get_default_STORE(void)
114{
115 return engine_table_select(&store_table, dummy_nid);
116}
117#endif
118
119/* Obtains an STORE implementation from an ENGINE functional reference */ 96/* Obtains an STORE implementation from an ENGINE functional reference */
120const STORE_METHOD * 97const STORE_METHOD *
121ENGINE_get_STORE(const ENGINE *e) 98ENGINE_get_STORE(const ENGINE *e)
diff --git a/src/lib/libcrypto/evp/bio_b64.c b/src/lib/libcrypto/evp/bio_b64.c
index 53b8bcf615..b54e8793ec 100644
--- a/src/lib/libcrypto/evp/bio_b64.c
+++ b/src/lib/libcrypto/evp/bio_b64.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bio_b64.c,v 1.19 2014/07/11 12:04:46 miod Exp $ */ 1/* $OpenBSD: bio_b64.c,v 1.20 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -293,11 +293,7 @@ b64_read(BIO *b, char *out, int outl)
293 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) { 293 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
294 int z, jj; 294 int z, jj;
295 295
296#if 0
297 jj = (i >> 2) << 2;
298#else
299 jj = i & ~3; /* process per 4 */ 296 jj = i & ~3; /* process per 4 */
300#endif
301 z = EVP_DecodeBlock((unsigned char *)ctx->buf, 297 z = EVP_DecodeBlock((unsigned char *)ctx->buf,
302 (unsigned char *)ctx->tmp, jj); 298 (unsigned char *)ctx->tmp, jj);
303 if (jj > 2) { 299 if (jj > 2) {
diff --git a/src/lib/libcrypto/evp/encode.c b/src/lib/libcrypto/evp/encode.c
index 067e62dfe9..725667bfff 100644
--- a/src/lib/libcrypto/evp/encode.c
+++ b/src/lib/libcrypto/evp/encode.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: encode.c,v 1.19 2014/08/06 16:01:44 jsing Exp $ */ 1/* $OpenBSD: encode.c,v 1.20 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -415,36 +415,3 @@ EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
415 } else 415 } else
416 return (1); 416 return (1);
417} 417}
418
419#ifdef undef
420int
421EVP_DecodeValid(unsigned char *buf, int len)
422{
423 int i, num = 0, bad = 0;
424
425 if (len == 0)
426 return (-1);
427 while (conv_ascii2bin(*buf) == B64_WS) {
428 buf++;
429 len--;
430 if (len == 0)
431 return (-1);
432 }
433
434 for (i = len; i >= 4; i -= 4) {
435 if ((conv_ascii2bin(buf[0]) >= 0x40) ||
436 (conv_ascii2bin(buf[1]) >= 0x40) ||
437 (conv_ascii2bin(buf[2]) >= 0x40) ||
438 (conv_ascii2bin(buf[3]) >= 0x40))
439 return (-1);
440 buf += 4;
441 num += 1 + (buf[2] != '=') + (buf[3] != '=');
442 }
443 if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN))
444 return (num);
445 if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) &&
446 (conv_ascii2bin(buf[0]) == B64_EOLN))
447 return (num);
448 return (1);
449}
450#endif
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
index 6c1bf6c7cd..107119883a 100644
--- a/src/lib/libcrypto/evp/evp.h
+++ b/src/lib/libcrypto/evp/evp.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp.h,v 1.40 2014/11/09 19:17:13 miod Exp $ */ 1/* $OpenBSD: evp.h,v 1.41 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -701,10 +701,6 @@ const EVP_CIPHER *EVP_des_cfb1(void);
701const EVP_CIPHER *EVP_des_cfb8(void); 701const EVP_CIPHER *EVP_des_cfb8(void);
702const EVP_CIPHER *EVP_des_ede_cfb64(void); 702const EVP_CIPHER *EVP_des_ede_cfb64(void);
703# define EVP_des_ede_cfb EVP_des_ede_cfb64 703# define EVP_des_ede_cfb EVP_des_ede_cfb64
704#if 0
705const EVP_CIPHER *EVP_des_ede_cfb1(void);
706const EVP_CIPHER *EVP_des_ede_cfb8(void);
707#endif
708const EVP_CIPHER *EVP_des_ede3_cfb64(void); 704const EVP_CIPHER *EVP_des_ede3_cfb64(void);
709# define EVP_des_ede3_cfb EVP_des_ede3_cfb64 705# define EVP_des_ede3_cfb EVP_des_ede3_cfb64
710const EVP_CIPHER *EVP_des_ede3_cfb1(void); 706const EVP_CIPHER *EVP_des_ede3_cfb1(void);
diff --git a/src/lib/libcrypto/evp/p_sign.c b/src/lib/libcrypto/evp/p_sign.c
index f68a950c9c..4058d47f07 100644
--- a/src/lib/libcrypto/evp/p_sign.c
+++ b/src/lib/libcrypto/evp/p_sign.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p_sign.c,v 1.12 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: p_sign.c,v 1.13 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -63,21 +63,6 @@
63#include <openssl/objects.h> 63#include <openssl/objects.h>
64#include <openssl/x509.h> 64#include <openssl/x509.h>
65 65
66#ifdef undef
67void
68EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
69{
70 EVP_DigestInit_ex(ctx, type);
71}
72
73void
74EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
75 unsigned int count)
76{
77 EVP_DigestUpdate(ctx, data, count);
78}
79#endif
80
81int 66int
82EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, 67EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
83 EVP_PKEY *pkey) 68 EVP_PKEY *pkey)
diff --git a/src/lib/libcrypto/idea/idea_lcl.h b/src/lib/libcrypto/idea/idea_lcl.h
index cc58b360ad..e46c960875 100644
--- a/src/lib/libcrypto/idea/idea_lcl.h
+++ b/src/lib/libcrypto/idea/idea_lcl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: idea_lcl.h,v 1.2 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: idea_lcl.h,v 1.3 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -69,18 +69,6 @@ if (ul != 0) \
69else \ 69else \
70 r=(-(int)a-b+1); /* assuming a or b is 0 and in range */ 70 r=(-(int)a-b+1); /* assuming a or b is 0 and in range */
71 71
72#ifdef undef
73#define idea_mul(r,a,b,ul,sl) \
74if (a == 0) r=(0x10001-b)&0xffff; \
75else if (b == 0) r=(0x10001-a)&0xffff; \
76else { \
77 ul=(unsigned long)a*b; \
78 sl=(ul&0xffff)-(ul>>16); \
79 if (sl <= 0) sl+=0x10001; \
80 r=sl; \
81 }
82#endif
83
84/* 7/12/95 - Many thanks to Rhys Weatherley <rweather@us.oracle.com> 72/* 7/12/95 - Many thanks to Rhys Weatherley <rweather@us.oracle.com>
85 * for pointing out that I was assuming little endian 73 * for pointing out that I was assuming little endian
86 * byte order for all quantities what idea 74 * byte order for all quantities what idea
@@ -142,59 +130,6 @@ else { \
142#define n2s(c,l) (l =((IDEA_INT)(*((c)++)))<< 8L, \ 130#define n2s(c,l) (l =((IDEA_INT)(*((c)++)))<< 8L, \
143 l|=((IDEA_INT)(*((c)++))) ) 131 l|=((IDEA_INT)(*((c)++))) )
144 132
145#ifdef undef
146/* NOTE - c is not incremented as per c2l */
147#define c2ln(c,l1,l2,n) { \
148 c+=n; \
149 l1=l2=0; \
150 switch (n) { \
151 case 8: l2 =((unsigned long)(*(--(c))))<<24; \
152 case 7: l2|=((unsigned long)(*(--(c))))<<16; \
153 case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
154 case 5: l2|=((unsigned long)(*(--(c)))); \
155 case 4: l1 =((unsigned long)(*(--(c))))<<24; \
156 case 3: l1|=((unsigned long)(*(--(c))))<<16; \
157 case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
158 case 1: l1|=((unsigned long)(*(--(c)))); \
159 } \
160 }
161
162/* NOTE - c is not incremented as per l2c */
163#define l2cn(l1,l2,c,n) { \
164 c+=n; \
165 switch (n) { \
166 case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
167 case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
168 case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
169 case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
170 case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
171 case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
172 case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
173 case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
174 } \
175 }
176
177#undef c2s
178#define c2s(c,l) (l =((unsigned long)(*((c)++))) , \
179 l|=((unsigned long)(*((c)++)))<< 8L)
180
181#undef s2c
182#define s2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
183 *((c)++)=(unsigned char)(((l)>> 8L)&0xff))
184
185#undef c2l
186#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
187 l|=((unsigned long)(*((c)++)))<< 8L, \
188 l|=((unsigned long)(*((c)++)))<<16L, \
189 l|=((unsigned long)(*((c)++)))<<24L)
190
191#undef l2c
192#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
193 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
194 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
195 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
196#endif
197
198#define E_IDEA(num) \ 133#define E_IDEA(num) \
199 x1&=0xffff; \ 134 x1&=0xffff; \
200 idea_mul(x1,x1,*p,ul); p++; \ 135 idea_mul(x1,x1,*p,ul); p++; \
diff --git a/src/lib/libcrypto/modes/gcm128.c b/src/lib/libcrypto/modes/gcm128.c
index 5b600517be..1106617763 100644
--- a/src/lib/libcrypto/modes/gcm128.c
+++ b/src/lib/libcrypto/modes/gcm128.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gcm128.c,v 1.10 2014/07/09 16:06:13 miod Exp $ */ 1/* $OpenBSD: gcm128.c,v 1.11 2015/02/07 13:19:15 doug Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 2010 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 2010 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -898,9 +898,6 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
898# endif 898# endif
899#endif 899#endif
900 900
901#if 0
902 n = (unsigned int)mlen%16; /* alternative to ctx->mres */
903#endif
904 mlen += len; 901 mlen += len;
905 if (mlen>((U64(1)<<36)-32) || (sizeof(len)==8 && mlen<len)) 902 if (mlen>((U64(1)<<36)-32) || (sizeof(len)==8 && mlen<len))
906 return -1; 903 return -1;
diff --git a/src/lib/libcrypto/pkcs12/p12_key.c b/src/lib/libcrypto/pkcs12/p12_key.c
index 0357c2bfa2..0b3547a6fb 100644
--- a/src/lib/libcrypto/pkcs12/p12_key.c
+++ b/src/lib/libcrypto/pkcs12/p12_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p12_key.c,v 1.21 2014/07/12 16:03:37 miod Exp $ */ 1/* $OpenBSD: p12_key.c,v 1.22 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -107,13 +107,6 @@ PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
107 BIGNUM *Ij, *Bpl1; /* These hold Ij and B + 1 */ 107 BIGNUM *Ij, *Bpl1; /* These hold Ij and B + 1 */
108 EVP_MD_CTX ctx; 108 EVP_MD_CTX ctx;
109 109
110#if 0
111 if (!pass) {
112 PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI, ERR_R_PASSED_NULL_PARAMETER);
113 return 0;
114 }
115#endif
116
117 EVP_MD_CTX_init(&ctx); 110 EVP_MD_CTX_init(&ctx);
118 v = EVP_MD_block_size(md_type); 111 v = EVP_MD_block_size(md_type);
119 u = EVP_MD_size(md_type); 112 u = EVP_MD_size(md_type);
diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c
index d69aff8f41..252fab04d7 100644
--- a/src/lib/libcrypto/pkcs7/pk7_doit.c
+++ b/src/lib/libcrypto/pkcs7/pk7_doit.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pk7_doit.c,v 1.30 2014/10/22 13:02:04 jsing Exp $ */ 1/* $OpenBSD: pk7_doit.c,v 1.31 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -482,15 +482,6 @@ PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
482 } 482 }
483 483
484 if (evp_cipher != NULL) { 484 if (evp_cipher != NULL) {
485#if 0
486 unsigned char key[EVP_MAX_KEY_LENGTH];
487 unsigned char iv[EVP_MAX_IV_LENGTH];
488 unsigned char *p;
489 int keylen, ivlen;
490 int max;
491 X509_OBJECT ret;
492#endif
493
494 if ((etmp = BIO_new(BIO_f_cipher())) == NULL) { 485 if ((etmp = BIO_new(BIO_f_cipher())) == NULL) {
495 PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB); 486 PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);
496 goto err; 487 goto err;
@@ -594,20 +585,9 @@ PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
594 etmp = NULL; 585 etmp = NULL;
595 } 586 }
596 587
597#if 1
598 if (PKCS7_is_detached(p7) || (in_bio != NULL)) { 588 if (PKCS7_is_detached(p7) || (in_bio != NULL)) {
599 bio = in_bio; 589 bio = in_bio;
600 } else { 590 } else {
601#if 0
602 bio = BIO_new(BIO_s_mem());
603 /* We need to set this so that when we have read all
604 * the data, the encrypt BIO, if present, will read
605 * EOF and encode the last few bytes */
606 BIO_set_mem_eof_return(bio, 0);
607
608 if (data_body != NULL && data_body->length > 0)
609 BIO_write(bio, (char *)data_body->data, data_body->length);
610#else
611 if (data_body != NULL && data_body->length > 0) 591 if (data_body != NULL && data_body->length > 0)
612 bio = BIO_new_mem_buf(data_body->data, data_body->length); 592 bio = BIO_new_mem_buf(data_body->data, data_body->length);
613 else { 593 else {
@@ -616,11 +596,10 @@ PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
616 } 596 }
617 if (bio == NULL) 597 if (bio == NULL)
618 goto err; 598 goto err;
619#endif
620 } 599 }
621 BIO_push(out, bio); 600 BIO_push(out, bio);
622 bio = NULL; 601 bio = NULL;
623#endif 602
624 if (0) { 603 if (0) {
625err: 604err:
626 if (ek) { 605 if (ek) {
diff --git a/src/lib/libcrypto/stack/stack.c b/src/lib/libcrypto/stack/stack.c
index cbd4d216f6..d941f9e6fb 100644
--- a/src/lib/libcrypto/stack/stack.c
+++ b/src/lib/libcrypto/stack/stack.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: stack.c,v 1.18 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: stack.c,v 1.19 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -56,16 +56,6 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59/* Code for stacks
60 * Author - Eric Young v 1.0
61 * 1.2 eay 12-Mar-97 - Modified sk_find so that it _DOES_ return the
62 * lowest index for the searched item.
63 *
64 * 1.1 eay - Take from netdb and added to SSLeay
65 *
66 * 1.0 eay - First version 29/07/92
67 */
68
69#include <stdio.h> 59#include <stdio.h>
70#include <string.h> 60#include <string.h>
71 61
diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h
index 500b520495..e760279b52 100644
--- a/src/lib/libcrypto/x509/x509_vfy.h
+++ b/src/lib/libcrypto/x509/x509_vfy.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_vfy.h,v 1.14 2015/01/22 09:06:39 reyk Exp $ */ 1/* $OpenBSD: x509_vfy.h,v 1.15 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -77,17 +77,6 @@
77extern "C" { 77extern "C" {
78#endif 78#endif
79 79
80#if 0
81/* Outer object */
82typedef struct x509_hash_dir_st
83 {
84 int num_dirs;
85 char **dirs;
86 int *dirs_type;
87 int num_dirs_alloced;
88 } X509_HASH_DIR_CTX;
89#endif
90
91typedef struct x509_file_st 80typedef struct x509_file_st
92 { 81 {
93 int num_paths; /* number of paths to files or directories */ 82 int num_paths; /* number of paths to files or directories */
diff --git a/src/lib/libcrypto/x509v3/pcy_lib.c b/src/lib/libcrypto/x509v3/pcy_lib.c
index 321370e135..6f37064063 100644
--- a/src/lib/libcrypto/x509v3/pcy_lib.c
+++ b/src/lib/libcrypto/x509v3/pcy_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pcy_lib.c,v 1.4 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: pcy_lib.c,v 1.5 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2004. 3 * project 2004.
4 */ 4 */
@@ -140,16 +140,6 @@ X509_policy_node_get0_policy(const X509_POLICY_NODE *node)
140 return node->data->valid_policy; 140 return node->data->valid_policy;
141} 141}
142 142
143#if 0
144int
145X509_policy_node_get_critical(const X509_POLICY_NODE *node)
146{
147 if (node_critical(node))
148 return 1;
149 return 0;
150}
151#endif
152
153STACK_OF(POLICYQUALINFO) * 143STACK_OF(POLICYQUALINFO) *
154X509_policy_node_get0_qualifiers(const X509_POLICY_NODE *node) 144X509_policy_node_get0_qualifiers(const X509_POLICY_NODE *node)
155{ 145{
diff --git a/src/lib/libcrypto/x509v3/pcy_tree.c b/src/lib/libcrypto/x509v3/pcy_tree.c
index 2c6472a8a1..fa0e161562 100644
--- a/src/lib/libcrypto/x509v3/pcy_tree.c
+++ b/src/lib/libcrypto/x509v3/pcy_tree.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pcy_tree.c,v 1.12 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: pcy_tree.c,v 1.13 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2004. 3 * project 2004.
4 */ 4 */
@@ -153,11 +153,6 @@ tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, unsigned int flags)
153 *ptree = NULL; 153 *ptree = NULL;
154 n = sk_X509_num(certs); 154 n = sk_X509_num(certs);
155 155
156#if 0
157 /* Disable policy mapping for now... */
158 flags |= X509_V_FLAG_INHIBIT_MAP;
159#endif
160
161 if (flags & X509_V_FLAG_EXPLICIT_POLICY) 156 if (flags & X509_V_FLAG_EXPLICIT_POLICY)
162 explicit_policy = 0; 157 explicit_policy = 0;
163 else 158 else
@@ -327,19 +322,6 @@ tree_link_nodes(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache)
327 322
328 for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++) { 323 for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++) {
329 data = sk_X509_POLICY_DATA_value(cache->data, i); 324 data = sk_X509_POLICY_DATA_value(cache->data, i);
330 /* If a node is mapped any it doesn't have a corresponding
331 * CertificatePolicies entry.
332 * However such an identical node would be created
333 * if anyPolicy matching is enabled because there would be
334 * no match with the parent valid_policy_set. So we create
335 * link because then it will have the mapping flags
336 * right and we can prune it later.
337 */
338#if 0
339 if ((data->flags & POLICY_DATA_FLAG_MAPPED_ANY) &&
340 !(curr->flags & X509_V_FLAG_INHIBIT_ANY))
341 continue;
342#endif
343 /* Look for matching nodes in previous level */ 325 /* Look for matching nodes in previous level */
344 if (!tree_link_matching_nodes(curr, data)) 326 if (!tree_link_matching_nodes(curr, data))
345 return 0; 327 return 0;
@@ -416,7 +398,6 @@ tree_link_any(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache,
416 X509_POLICY_TREE *tree) 398 X509_POLICY_TREE *tree)
417{ 399{
418 int i; 400 int i;
419 /*X509_POLICY_DATA *data;*/
420 X509_POLICY_NODE *node; 401 X509_POLICY_NODE *node;
421 X509_POLICY_LEVEL *last = curr - 1; 402 X509_POLICY_LEVEL *last = curr - 1;
422 403
@@ -425,36 +406,6 @@ tree_link_any(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache,
425 406
426 if (!tree_link_unmatched(curr, cache, node, tree)) 407 if (!tree_link_unmatched(curr, cache, node, tree))
427 return 0; 408 return 0;
428
429#if 0
430
431 /* Skip any node with any children: we only want unmathced
432 * nodes.
433 *
434 * Note: need something better for policy mapping
435 * because each node may have multiple children
436 */
437 if (node->nchild)
438 continue;
439
440 /* Create a new node with qualifiers from anyPolicy and
441 * id from unmatched node.
442 */
443 data = policy_data_new(NULL, node->data->valid_policy,
444 node_critical(node));
445
446 if (data == NULL)
447 return 0;
448 /* Curr may not have anyPolicy */
449 data->qualifier_set = cache->anyPolicy->qualifier_set;
450 data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
451 if (!level_add_node(curr, data, node, tree)) {
452 policy_data_free(data);
453 return 0;
454 }
455
456#endif
457
458 } 409 }
459 /* Finally add link to anyPolicy */ 410 /* Finally add link to anyPolicy */
460 if (last->anyPolicy) { 411 if (last->anyPolicy) {
diff --git a/src/lib/libcrypto/x509v3/v3_info.c b/src/lib/libcrypto/x509v3/v3_info.c
index 862f949b1b..0a4df34078 100644
--- a/src/lib/libcrypto/x509v3/v3_info.c
+++ b/src/lib/libcrypto/x509v3/v3_info.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_info.c,v 1.19 2014/10/05 18:28:56 miod Exp $ */ 1/* $OpenBSD: v3_info.c,v 1.20 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -208,8 +208,5 @@ int
208i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a) 208i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a)
209{ 209{
210 i2a_ASN1_OBJECT(bp, a->method); 210 i2a_ASN1_OBJECT(bp, a->method);
211#ifdef UNDEF
212 i2a_GENERAL_NAME(bp, a->location);
213#endif
214 return 2; 211 return 2;
215} 212}
diff --git a/src/lib/libcrypto/x509v3/v3_utl.c b/src/lib/libcrypto/x509v3/v3_utl.c
index 99090f3cd2..ee135a0b52 100644
--- a/src/lib/libcrypto/x509v3/v3_utl.c
+++ b/src/lib/libcrypto/x509v3/v3_utl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_utl.c,v 1.23 2014/07/13 16:03:10 beck Exp $ */ 1/* $OpenBSD: v3_utl.c,v 1.24 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -328,9 +328,6 @@ X509V3_parse_list(const char *line)
328 *p = 0; 328 *p = 0;
329 ntmp = strip_spaces(q); 329 ntmp = strip_spaces(q);
330 q = p + 1; 330 q = p + 1;
331#if 0
332 printf("%s\n", ntmp);
333#endif
334 if (!ntmp) { 331 if (!ntmp) {
335 X509V3err(X509V3_F_X509V3_PARSE_LIST, 332 X509V3err(X509V3_F_X509V3_PARSE_LIST,
336 X509V3_R_INVALID_NULL_NAME); 333 X509V3_R_INVALID_NULL_NAME);
@@ -345,9 +342,6 @@ X509V3_parse_list(const char *line)
345 state = HDR_NAME; 342 state = HDR_NAME;
346 *p = 0; 343 *p = 0;
347 vtmp = strip_spaces(q); 344 vtmp = strip_spaces(q);
348#if 0
349 printf("%s\n", ntmp);
350#endif
351 if (!vtmp) { 345 if (!vtmp) {
352 X509V3err(X509V3_F_X509V3_PARSE_LIST, 346 X509V3err(X509V3_F_X509V3_PARSE_LIST,
353 X509V3_R_INVALID_NULL_VALUE); 347 X509V3_R_INVALID_NULL_VALUE);
@@ -363,9 +357,6 @@ X509V3_parse_list(const char *line)
363 357
364 if (state == HDR_VALUE) { 358 if (state == HDR_VALUE) {
365 vtmp = strip_spaces(q); 359 vtmp = strip_spaces(q);
366#if 0
367 printf("%s=%s\n", ntmp, vtmp);
368#endif
369 if (!vtmp) { 360 if (!vtmp) {
370 X509V3err(X509V3_F_X509V3_PARSE_LIST, 361 X509V3err(X509V3_F_X509V3_PARSE_LIST,
371 X509V3_R_INVALID_NULL_VALUE); 362 X509V3_R_INVALID_NULL_VALUE);
@@ -374,9 +365,6 @@ X509V3_parse_list(const char *line)
374 X509V3_add_value(ntmp, vtmp, &values); 365 X509V3_add_value(ntmp, vtmp, &values);
375 } else { 366 } else {
376 ntmp = strip_spaces(q); 367 ntmp = strip_spaces(q);
377#if 0
378 printf("%s\n", ntmp);
379#endif
380 if (!ntmp) { 368 if (!ntmp) {
381 X509V3err(X509V3_F_X509V3_PARSE_LIST, 369 X509V3err(X509V3_F_X509V3_PARSE_LIST,
382 X509V3_R_INVALID_NULL_NAME); 370 X509V3_R_INVALID_NULL_NAME);
diff --git a/src/lib/libssl/src/crypto/asn1/a_gentm.c b/src/lib/libssl/src/crypto/asn1/a_gentm.c
index c658b1ea35..bc3453f410 100644
--- a/src/lib/libssl/src/crypto/asn1/a_gentm.c
+++ b/src/lib/libssl/src/crypto/asn1/a_gentm.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: a_gentm.c,v 1.22 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: a_gentm.c,v 1.23 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -67,43 +67,6 @@
67 67
68#include "o_time.h" 68#include "o_time.h"
69 69
70#if 0
71
72int
73i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
74{
75 return(i2d_ASN1_bytes((ASN1_STRING *)a, pp,
76 V_ASN1_GENERALIZEDTIME, V_ASN1_UNIVERSAL));
77}
78
79
80ASN1_GENERALIZEDTIME *
81d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a, unsigned char **pp,
82 long length)
83{
84 ASN1_GENERALIZEDTIME *ret = NULL;
85
86 ret = (ASN1_GENERALIZEDTIME *)d2i_ASN1_bytes((ASN1_STRING **)a, pp, length,
87 V_ASN1_GENERALIZEDTIME, V_ASN1_UNIVERSAL);
88 if (ret == NULL) {
89 ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ERR_R_NESTED_ASN1_ERROR);
90 return (NULL);
91 }
92 if (!ASN1_GENERALIZEDTIME_check(ret)) {
93 ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ASN1_R_INVALID_TIME_FORMAT);
94 goto err;
95 }
96
97 return (ret);
98
99err:
100 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
101 M_ASN1_GENERALIZEDTIME_free(ret);
102 return (NULL);
103}
104
105#endif
106
107int 70int
108ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d) 71ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
109{ 72{
diff --git a/src/lib/libssl/src/crypto/asn1/a_strex.c b/src/lib/libssl/src/crypto/asn1/a_strex.c
index b592c0e18a..f60a70d94d 100644
--- a/src/lib/libssl/src/crypto/asn1/a_strex.c
+++ b/src/lib/libssl/src/crypto/asn1/a_strex.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: a_strex.c,v 1.24 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: a_strex.c,v 1.25 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -84,20 +84,6 @@
84/* Three IO functions for sending data to memory, a BIO and 84/* Three IO functions for sending data to memory, a BIO and
85 * and a FILE pointer. 85 * and a FILE pointer.
86 */ 86 */
87#if 0 /* never used */
88static int
89send_mem_chars(void *arg, const void *buf, int len)
90{
91 unsigned char **out = arg;
92
93 if (!out)
94 return 1;
95 memcpy(*out, buf, len);
96 *out += len;
97 return 1;
98}
99#endif
100
101static int 87static int
102send_bio_chars(void *arg, const void *buf, int len) 88send_bio_chars(void *arg, const void *buf, int len)
103{ 89{
diff --git a/src/lib/libssl/src/crypto/asn1/a_time.c b/src/lib/libssl/src/crypto/asn1/a_time.c
index 94e249960a..c5e882a4f6 100644
--- a/src/lib/libssl/src/crypto/asn1/a_time.c
+++ b/src/lib/libssl/src/crypto/asn1/a_time.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: a_time.c,v 1.21 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: a_time.c,v 1.22 2015/02/07 13:19:15 doug Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -73,18 +73,6 @@ IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME)
73 73
74IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME) 74IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME)
75 75
76#if 0
77int
78i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
79{
80 if (a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME)
81 return(i2d_ASN1_bytes((ASN1_STRING *)a, pp,
82 a->type, V_ASN1_UNIVERSAL));
83 ASN1err(ASN1_F_I2D_ASN1_TIME, ASN1_R_EXPECTING_A_TIME);
84 return -1;
85}
86#endif
87
88ASN1_TIME * 76ASN1_TIME *
89ASN1_TIME_set(ASN1_TIME *s, time_t t) 77ASN1_TIME_set(ASN1_TIME *s, time_t t)
90{ 78{
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_lib.c b/src/lib/libssl/src/crypto/asn1/asn1_lib.c
index 2b952abae6..46de52a050 100644
--- a/src/lib/libssl/src/crypto/asn1/asn1_lib.c
+++ b/src/lib/libssl/src/crypto/asn1/asn1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: asn1_lib.c,v 1.32 2014/07/11 14:49:12 miod Exp $ */ 1/* $OpenBSD: asn1_lib.c,v 1.33 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -140,12 +140,6 @@ ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
140 if (inf && !(ret & V_ASN1_CONSTRUCTED)) 140 if (inf && !(ret & V_ASN1_CONSTRUCTED))
141 goto err; 141 goto err;
142 142
143#if 0
144 fprintf(stderr, "p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n",
145 (int)p, *plength, omax, (int)*pp, (int)(p+ *plength),
146 (int)(omax+ *pp));
147
148#endif
149 if (*plength > (omax - (p - *pp))) { 143 if (*plength > (omax - (p - *pp))) {
150 ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG); 144 ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG);
151 /* Set this so that even if things are not long enough 145 /* Set this so that even if things are not long enough
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_par.c b/src/lib/libssl/src/crypto/asn1/asn1_par.c
index 2c8062bb8a..b5742fe97d 100644
--- a/src/lib/libssl/src/crypto/asn1/asn1_par.c
+++ b/src/lib/libssl/src/crypto/asn1/asn1_par.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: asn1_par.c,v 1.21 2014/10/03 06:02:38 doug Exp $ */ 1/* $OpenBSD: asn1_par.c,v 1.22 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -126,11 +126,7 @@ asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offset,
126 /* ASN1_BMPSTRING *bmp=NULL;*/ 126 /* ASN1_BMPSTRING *bmp=NULL;*/
127 int dump_indent; 127 int dump_indent;
128 128
129#if 0
130 dump_indent = indent;
131#else
132 dump_indent = 6; /* Because we know BIO_dump_indent() */ 129 dump_indent = 6; /* Because we know BIO_dump_indent() */
133#endif
134 p = *pp; 130 p = *pp;
135 tot = p + length; 131 tot = p + length;
136 op = p - 1; 132 op = p - 1;
diff --git a/src/lib/libssl/src/crypto/asn1/t_x509.c b/src/lib/libssl/src/crypto/asn1/t_x509.c
index f4872d8b24..1c83fc5608 100644
--- a/src/lib/libssl/src/crypto/asn1/t_x509.c
+++ b/src/lib/libssl/src/crypto/asn1/t_x509.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t_x509.c,v 1.25 2014/07/12 16:33:25 miod Exp $ */ 1/* $OpenBSD: t_x509.c,v 1.26 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -172,14 +172,6 @@ X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
172 if (!(cflag & X509_FLAG_NO_SIGNAME)) { 172 if (!(cflag & X509_FLAG_NO_SIGNAME)) {
173 if (X509_signature_print(bp, x->sig_alg, NULL) <= 0) 173 if (X509_signature_print(bp, x->sig_alg, NULL) <= 0)
174 goto err; 174 goto err;
175#if 0
176 if (BIO_printf(bp, "%8sSignature Algorithm: ", "") <= 0)
177 goto err;
178 if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
179 goto err;
180 if (BIO_puts(bp, "\n") <= 0)
181 goto err;
182#endif
183 } 175 }
184 176
185 if (!(cflag & X509_FLAG_NO_ISSUER)) { 177 if (!(cflag & X509_FLAG_NO_ISSUER)) {
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_prn.c b/src/lib/libssl/src/crypto/asn1/tasn_prn.c
index 9383750a82..844960fc77 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_prn.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_prn.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tasn_prn.c,v 1.11 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: tasn_prn.c,v 1.12 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -260,11 +260,6 @@ asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, const ASN1_ITEM *it,
260 break; 260 break;
261 261
262 case ASN1_ITYPE_CHOICE: 262 case ASN1_ITYPE_CHOICE:
263#if 0
264 if (!nohdr &&
265 !asn1_print_fsname(out, indent, fname, sname, pctx))
266 return 0;
267#endif
268 /* CHOICE type, get selector */ 263 /* CHOICE type, get selector */
269 i = asn1_get_choice_selector(fld, it); 264 i = asn1_get_choice_selector(fld, it);
270 /* This should never happen... */ 265 /* This should never happen... */
@@ -395,11 +390,6 @@ asn1_print_fsname(BIO *out, int indent, const char *fname, const char *sname,
395 static char spaces[] = " "; 390 static char spaces[] = " ";
396 const int nspaces = sizeof(spaces) - 1; 391 const int nspaces = sizeof(spaces) - 1;
397 392
398#if 0
399 if (!sname && !fname)
400 return 1;
401#endif
402
403 while (indent > nspaces) { 393 while (indent > nspaces) {
404 if (BIO_write(out, spaces, nspaces) != nspaces) 394 if (BIO_write(out, spaces, nspaces) != nspaces)
405 return 0; 395 return 0;
diff --git a/src/lib/libssl/src/crypto/bio/bf_nbio.c b/src/lib/libssl/src/crypto/bio/bf_nbio.c
index a86feb49c2..24e2e7e8b9 100644
--- a/src/lib/libssl/src/crypto/bio/bf_nbio.c
+++ b/src/lib/libssl/src/crypto/bio/bf_nbio.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bf_nbio.c,v 1.18 2014/10/22 13:02:03 jsing Exp $ */ 1/* $OpenBSD: bf_nbio.c,v 1.19 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -130,10 +130,8 @@ static int
130nbiof_read(BIO *b, char *out, int outl) 130nbiof_read(BIO *b, char *out, int outl)
131{ 131{
132 int ret = 0; 132 int ret = 0;
133#if 1
134 int num; 133 int num;
135 unsigned char n; 134 unsigned char n;
136#endif
137 135
138 if (out == NULL) 136 if (out == NULL)
139 return (0); 137 return (0);
@@ -141,7 +139,7 @@ nbiof_read(BIO *b, char *out, int outl)
141 return (0); 139 return (0);
142 140
143 BIO_clear_retry_flags(b); 141 BIO_clear_retry_flags(b);
144#if 1 142
145 arc4random_buf(&n, 1); 143 arc4random_buf(&n, 1);
146 num = (n & 0x07); 144 num = (n & 0x07);
147 145
@@ -151,9 +149,7 @@ nbiof_read(BIO *b, char *out, int outl)
151 if (num == 0) { 149 if (num == 0) {
152 ret = -1; 150 ret = -1;
153 BIO_set_retry_read(b); 151 BIO_set_retry_read(b);
154 } else 152 } else {
155#endif
156 {
157 ret = BIO_read(b->next_bio, out, outl); 153 ret = BIO_read(b->next_bio, out, outl);
158 if (ret < 0) 154 if (ret < 0)
159 BIO_copy_next_retry(b); 155 BIO_copy_next_retry(b);
@@ -177,7 +173,6 @@ nbiof_write(BIO *b, const char *in, int inl)
177 173
178 BIO_clear_retry_flags(b); 174 BIO_clear_retry_flags(b);
179 175
180#if 1
181 if (nt->lwn > 0) { 176 if (nt->lwn > 0) {
182 num = nt->lwn; 177 num = nt->lwn;
183 nt->lwn = 0; 178 nt->lwn = 0;
@@ -192,9 +187,7 @@ nbiof_write(BIO *b, const char *in, int inl)
192 if (num == 0) { 187 if (num == 0) {
193 ret = -1; 188 ret = -1;
194 BIO_set_retry_write(b); 189 BIO_set_retry_write(b);
195 } else 190 } else {
196#endif
197 {
198 ret = BIO_write(b->next_bio, in, inl); 191 ret = BIO_write(b->next_bio, in, inl);
199 if (ret < 0) { 192 if (ret < 0) {
200 BIO_copy_next_retry(b); 193 BIO_copy_next_retry(b);
diff --git a/src/lib/libssl/src/crypto/bn/bn.h b/src/lib/libssl/src/crypto/bn/bn.h
index 10414dc339..d93c9fc059 100644
--- a/src/lib/libssl/src/crypto/bn/bn.h
+++ b/src/lib/libssl/src/crypto/bn/bn.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn.h,v 1.25 2014/10/22 13:02:04 jsing Exp $ */ 1/* $OpenBSD: bn.h,v 1.26 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -241,17 +241,6 @@ extern "C" {
241 | BN_FLG_STATIC_DATA \ 241 | BN_FLG_STATIC_DATA \
242 | (n))) 242 | (n)))
243 243
244/* Already declared in ossl_typ.h */
245#if 0
246typedef struct bignum_st BIGNUM;
247/* Used for temp variables (declaration hidden in bn_lcl.h) */
248typedef struct bignum_ctx BN_CTX;
249typedef struct bn_blinding_st BN_BLINDING;
250typedef struct bn_mont_ctx_st BN_MONT_CTX;
251typedef struct bn_recp_ctx_st BN_RECP_CTX;
252typedef struct bn_gencb_st BN_GENCB;
253#endif
254
255struct bignum_st { 244struct bignum_st {
256 BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */ 245 BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */
257 int top; /* Index of last used d +1. */ 246 int top; /* Index of last used d +1. */
diff --git a/src/lib/libssl/src/crypto/conf/conf.h b/src/lib/libssl/src/crypto/conf/conf.h
index ba7fb69794..095066d31b 100644
--- a/src/lib/libssl/src/crypto/conf/conf.h
+++ b/src/lib/libssl/src/crypto/conf/conf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: conf.h,v 1.13 2014/06/12 15:49:28 deraadt Exp $ */ 1/* $OpenBSD: conf.h,v 1.14 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -149,9 +149,6 @@ struct conf_st {
149CONF *NCONF_new(CONF_METHOD *meth); 149CONF *NCONF_new(CONF_METHOD *meth);
150CONF_METHOD *NCONF_default(void); 150CONF_METHOD *NCONF_default(void);
151CONF_METHOD *NCONF_WIN32(void); 151CONF_METHOD *NCONF_WIN32(void);
152#if 0 /* Just to give you an idea of what I have in mind */
153CONF_METHOD *NCONF_XML(void);
154#endif
155void NCONF_free(CONF *conf); 152void NCONF_free(CONF *conf);
156void NCONF_free_data(CONF *conf); 153void NCONF_free_data(CONF *conf);
157 154
@@ -165,12 +162,7 @@ int NCONF_get_number_e(const CONF *conf, const char *group, const char *name,
165int NCONF_dump_fp(const CONF *conf, FILE *out); 162int NCONF_dump_fp(const CONF *conf, FILE *out);
166int NCONF_dump_bio(const CONF *conf, BIO *out); 163int NCONF_dump_bio(const CONF *conf, BIO *out);
167 164
168#if 0 /* The following function has no error checking,
169 and should therefore be avoided */
170long NCONF_get_number(CONF *conf, char *group, char *name);
171#else
172#define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r) 165#define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
173#endif
174 166
175/* Module functions */ 167/* Module functions */
176 168
diff --git a/src/lib/libssl/src/crypto/conf/conf_api.c b/src/lib/libssl/src/crypto/conf/conf_api.c
index 7480dda3d5..56a4f249ad 100644
--- a/src/lib/libssl/src/crypto/conf/conf_api.c
+++ b/src/lib/libssl/src/crypto/conf/conf_api.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: conf_api.c,v 1.11 2014/06/23 22:19:02 deraadt Exp $ */ 1/* $OpenBSD: conf_api.c,v 1.12 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -165,28 +165,6 @@ _CONF_get_string(const CONF *conf, const char *section, const char *name)
165 } 165 }
166} 166}
167 167
168#if 0 /* There's no way to provide error checking with this function, so
169 force implementors of the higher levels to get a string and read
170 the number themselves. */
171long
172_CONF_get_number(CONF *conf, char *section, char *name)
173{
174 char *str;
175 long ret = 0;
176
177 str = _CONF_get_string(conf, section, name);
178 if (str == NULL)
179 return (0);
180 for (;;) {
181 if (conf->meth->is_number(conf, *str))
182 ret = ret * 10 + conf->meth->to_int(conf, *str);
183 else
184 return (ret);
185 str++;
186 }
187}
188#endif
189
190static unsigned long 168static unsigned long
191conf_value_hash(const CONF_VALUE *v) 169conf_value_hash(const CONF_VALUE *v)
192{ 170{
diff --git a/src/lib/libssl/src/crypto/conf/conf_def.c b/src/lib/libssl/src/crypto/conf/conf_def.c
index c437aeb457..e608e5fe9d 100644
--- a/src/lib/libssl/src/crypto/conf/conf_def.c
+++ b/src/lib/libssl/src/crypto/conf/conf_def.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: conf_def.c,v 1.28 2014/07/11 15:38:03 miod Exp $ */ 1/* $OpenBSD: conf_def.c,v 1.29 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -388,27 +388,12 @@ again:
388 } 388 }
389 } else 389 } else
390 tv = sv; 390 tv = sv;
391#if 1 391
392 if (_CONF_add_string(conf, tv, v) == 0) { 392 if (_CONF_add_string(conf, tv, v) == 0) {
393 CONFerr(CONF_F_DEF_LOAD_BIO, 393 CONFerr(CONF_F_DEF_LOAD_BIO,
394 ERR_R_MALLOC_FAILURE); 394 ERR_R_MALLOC_FAILURE);
395 goto err; 395 goto err;
396 } 396 }
397#else
398 v->section = tv->section;
399 if (!sk_CONF_VALUE_push(ts, v)) {
400 CONFerr(CONF_F_DEF_LOAD_BIO,
401 ERR_R_MALLOC_FAILURE);
402 goto err;
403 }
404 vv = (CONF_VALUE *)lh_insert(conf->data, v);
405 if (vv != NULL) {
406 sk_CONF_VALUE_delete_ptr(ts, vv);
407 free(vv->name);
408 free(vv->value);
409 free(vv);
410 }
411#endif
412 v = NULL; 397 v = NULL;
413 } 398 }
414 } 399 }
diff --git a/src/lib/libssl/src/crypto/conf/conf_lib.c b/src/lib/libssl/src/crypto/conf/conf_lib.c
index 2119eb6219..a7c8be7c0d 100644
--- a/src/lib/libssl/src/crypto/conf/conf_lib.c
+++ b/src/lib/libssl/src/crypto/conf/conf_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: conf_lib.c,v 1.12 2014/07/09 11:10:50 bcook Exp $ */ 1/* $OpenBSD: conf_lib.c,v 1.13 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL 2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -373,21 +373,3 @@ NCONF_dump_bio(const CONF *conf, BIO *out)
373 373
374 return conf->meth->dump(conf, out); 374 return conf->meth->dump(conf, out);
375} 375}
376
377
378/* This function should be avoided */
379#if 0
380long
381NCONF_get_number(CONF *conf, char *group, char *name)
382{
383 int status;
384 long ret = 0;
385
386 status = NCONF_get_number_e(conf, group, name, &ret);
387 if (status == 0) {
388 /* This function does not believe in errors... */
389 ERR_get_error();
390 }
391 return ret;
392}
393#endif
diff --git a/src/lib/libssl/src/crypto/crypto.h b/src/lib/libssl/src/crypto/crypto.h
index 5cb1dda021..27b7f3fe02 100644
--- a/src/lib/libssl/src/crypto/crypto.h
+++ b/src/lib/libssl/src/crypto/crypto.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: crypto.h,v 1.32 2014/07/10 22:45:56 jsing Exp $ */ 1/* $OpenBSD: crypto.h,v 1.33 2015/02/07 13:19:15 doug Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -142,20 +142,6 @@ extern "C" {
142#define SSLEAY_PLATFORM 4 142#define SSLEAY_PLATFORM 4
143#define SSLEAY_DIR 5 143#define SSLEAY_DIR 5
144 144
145/* Already declared in ossl_typ.h */
146#if 0
147typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
148/* Called when a new object is created */
149typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
150 int idx, long argl, void *argp);
151/* Called when an object is free()ed */
152typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
153 int idx, long argl, void *argp);
154/* Called when we need to dup an object */
155typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
156 void *from_d, int idx, long argl, void *argp);
157#endif
158
159/* A generic structure to pass assorted data in a expandable way */ 145/* A generic structure to pass assorted data in a expandable way */
160typedef struct openssl_item_st { 146typedef struct openssl_item_st {
161 int code; 147 int code;
diff --git a/src/lib/libssl/src/crypto/des/cfb64ede.c b/src/lib/libssl/src/crypto/des/cfb64ede.c
index 0b5c7d6249..6d4d287775 100644
--- a/src/lib/libssl/src/crypto/des/cfb64ede.c
+++ b/src/lib/libssl/src/crypto/des/cfb64ede.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cfb64ede.c,v 1.8 2014/10/28 07:35:58 jsg Exp $ */ 1/* $OpenBSD: cfb64ede.c,v 1.9 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -132,15 +132,6 @@ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
132 *num=n; 132 *num=n;
133 } 133 }
134 134
135#ifdef undef /* MACRO */
136void DES_ede2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
137 DES_key_schedule ks1, DES_key_schedule ks2, DES_cblock (*ivec),
138 int *num, int enc)
139 {
140 DES_ede3_cfb64_encrypt(in,out,length,ks1,ks2,ks1,ivec,num,enc);
141 }
142#endif
143
144/* This is compatible with the single key CFB-r for DES, even thought that's 135/* This is compatible with the single key CFB-r for DES, even thought that's
145 * not what EVP needs. 136 * not what EVP needs.
146 */ 137 */
diff --git a/src/lib/libssl/src/crypto/des/des.h b/src/lib/libssl/src/crypto/des/des.h
index e7585bc3d9..e1331d3fa2 100644
--- a/src/lib/libssl/src/crypto/des/des.h
+++ b/src/lib/libssl/src/crypto/des/des.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: des.h,v 1.18 2014/06/12 15:49:28 deraadt Exp $ */ 1/* $OpenBSD: des.h,v 1.19 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -178,11 +178,6 @@ void DES_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out,
178 long length,DES_key_schedule *ks1, 178 long length,DES_key_schedule *ks1,
179 DES_key_schedule *ks2,DES_key_schedule *ks3, 179 DES_key_schedule *ks2,DES_key_schedule *ks3,
180 DES_cblock *ivec,int *num); 180 DES_cblock *ivec,int *num);
181#if 0
182void DES_xwhite_in2out(const_DES_cblock *DES_key,const_DES_cblock *in_white,
183 DES_cblock *out_white);
184#endif
185
186int DES_enc_read(int fd,void *buf,int len,DES_key_schedule *sched, 181int DES_enc_read(int fd,void *buf,int len,DES_key_schedule *sched,
187 DES_cblock *iv); 182 DES_cblock *iv);
188int DES_enc_write(int fd,const void *buf,int len,DES_key_schedule *sched, 183int DES_enc_write(int fd,const void *buf,int len,DES_key_schedule *sched,
diff --git a/src/lib/libssl/src/crypto/des/ofb64ede.c b/src/lib/libssl/src/crypto/des/ofb64ede.c
index 1d916e9305..474d38caaf 100644
--- a/src/lib/libssl/src/crypto/des/ofb64ede.c
+++ b/src/lib/libssl/src/crypto/des/ofb64ede.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ofb64ede.c,v 1.5 2014/10/28 07:35:58 jsg Exp $ */ 1/* $OpenBSD: ofb64ede.c,v 1.6 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -105,8 +105,6 @@ void DES_ede3_ofb64_encrypt(const unsigned char *in,
105 } 105 }
106 if (save) 106 if (save)
107 { 107 {
108/* v0=ti[0];
109 v1=ti[1];*/
110 iv = &(*ivec)[0]; 108 iv = &(*ivec)[0];
111 l2c(v0,iv); 109 l2c(v0,iv);
112 l2c(v1,iv); 110 l2c(v1,iv);
@@ -114,12 +112,3 @@ void DES_ede3_ofb64_encrypt(const unsigned char *in,
114 v0=v1=ti[0]=ti[1]=0; 112 v0=v1=ti[0]=ti[1]=0;
115 *num=n; 113 *num=n;
116 } 114 }
117
118#ifdef undef /* MACRO */
119void DES_ede2_ofb64_encrypt(unsigned char *in,
120 unsigned char *out, long length, DES_key_schedule k1,
121 DES_key_schedule k2, DES_cblock (*ivec), int *num)
122 {
123 DES_ede3_ofb64_encrypt(in, out, length, k1,k2,k1, ivec, num);
124 }
125#endif
diff --git a/src/lib/libssl/src/crypto/des/xcbc_enc.c b/src/lib/libssl/src/crypto/des/xcbc_enc.c
index dc4607e8aa..4f7a070103 100644
--- a/src/lib/libssl/src/crypto/des/xcbc_enc.c
+++ b/src/lib/libssl/src/crypto/des/xcbc_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: xcbc_enc.c,v 1.8 2014/10/28 07:35:58 jsg Exp $ */ 1/* $OpenBSD: xcbc_enc.c,v 1.9 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -60,55 +60,6 @@
60 60
61/* RSA's DESX */ 61/* RSA's DESX */
62 62
63#if 0 /* broken code, preserved just in case anyone specifically looks for this */
64static const unsigned char desx_white_in2out[256]={
650xBD,0x56,0xEA,0xF2,0xA2,0xF1,0xAC,0x2A,0xB0,0x93,0xD1,0x9C,0x1B,0x33,0xFD,0xD0,
660x30,0x04,0xB6,0xDC,0x7D,0xDF,0x32,0x4B,0xF7,0xCB,0x45,0x9B,0x31,0xBB,0x21,0x5A,
670x41,0x9F,0xE1,0xD9,0x4A,0x4D,0x9E,0xDA,0xA0,0x68,0x2C,0xC3,0x27,0x5F,0x80,0x36,
680x3E,0xEE,0xFB,0x95,0x1A,0xFE,0xCE,0xA8,0x34,0xA9,0x13,0xF0,0xA6,0x3F,0xD8,0x0C,
690x78,0x24,0xAF,0x23,0x52,0xC1,0x67,0x17,0xF5,0x66,0x90,0xE7,0xE8,0x07,0xB8,0x60,
700x48,0xE6,0x1E,0x53,0xF3,0x92,0xA4,0x72,0x8C,0x08,0x15,0x6E,0x86,0x00,0x84,0xFA,
710xF4,0x7F,0x8A,0x42,0x19,0xF6,0xDB,0xCD,0x14,0x8D,0x50,0x12,0xBA,0x3C,0x06,0x4E,
720xEC,0xB3,0x35,0x11,0xA1,0x88,0x8E,0x2B,0x94,0x99,0xB7,0x71,0x74,0xD3,0xE4,0xBF,
730x3A,0xDE,0x96,0x0E,0xBC,0x0A,0xED,0x77,0xFC,0x37,0x6B,0x03,0x79,0x89,0x62,0xC6,
740xD7,0xC0,0xD2,0x7C,0x6A,0x8B,0x22,0xA3,0x5B,0x05,0x5D,0x02,0x75,0xD5,0x61,0xE3,
750x18,0x8F,0x55,0x51,0xAD,0x1F,0x0B,0x5E,0x85,0xE5,0xC2,0x57,0x63,0xCA,0x3D,0x6C,
760xB4,0xC5,0xCC,0x70,0xB2,0x91,0x59,0x0D,0x47,0x20,0xC8,0x4F,0x58,0xE0,0x01,0xE2,
770x16,0x38,0xC4,0x6F,0x3B,0x0F,0x65,0x46,0xBE,0x7E,0x2D,0x7B,0x82,0xF9,0x40,0xB5,
780x1D,0x73,0xF8,0xEB,0x26,0xC7,0x87,0x97,0x25,0x54,0xB1,0x28,0xAA,0x98,0x9D,0xA5,
790x64,0x6D,0x7A,0xD4,0x10,0x81,0x44,0xEF,0x49,0xD6,0xAE,0x2E,0xDD,0x76,0x5C,0x2F,
800xA7,0x1C,0xC9,0x09,0x69,0x9A,0x83,0xCF,0x29,0x39,0xB9,0xE9,0x4C,0xFF,0x43,0xAB,
81 };
82
83void DES_xwhite_in2out(const_DES_cblock *des_key, const_DES_cblock *in_white,
84 DES_cblock *out_white)
85 {
86 int out0,out1;
87 int i;
88 const unsigned char *key = &(*des_key)[0];
89 const unsigned char *in = &(*in_white)[0];
90 unsigned char *out = &(*out_white)[0];
91
92 out[0]=out[1]=out[2]=out[3]=out[4]=out[5]=out[6]=out[7]=0;
93 out0=out1=0;
94 for (i=0; i<8; i++)
95 {
96 out[i]=key[i]^desx_white_in2out[out0^out1];
97 out0=out1;
98 out1=(int)out[i&0x07];
99 }
100
101 out0=out[0];
102 out1=out[i]; /* BUG: out-of-bounds read */
103 for (i=0; i<8; i++)
104 {
105 out[i]=in[i]^desx_white_in2out[out0^out1];
106 out0=out1;
107 out1=(int)out[i&0x07];
108 }
109 }
110#endif
111
112void DES_xcbc_encrypt(const unsigned char *in, unsigned char *out, 63void DES_xcbc_encrypt(const unsigned char *in, unsigned char *out,
113 long length, DES_key_schedule *schedule, 64 long length, DES_key_schedule *schedule,
114 DES_cblock *ivec, const_DES_cblock *inw, 65 DES_cblock *ivec, const_DES_cblock *inw,
diff --git a/src/lib/libssl/src/crypto/dh/dh_check.c b/src/lib/libssl/src/crypto/dh/dh_check.c
index 0f6c50b055..93e1003bd6 100644
--- a/src/lib/libssl/src/crypto/dh/dh_check.c
+++ b/src/lib/libssl/src/crypto/dh/dh_check.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_check.c,v 1.14 2014/07/12 16:03:37 miod Exp $ */ 1/* $OpenBSD: dh_check.c,v 1.15 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -91,12 +91,6 @@ DH_check(const DH *dh, int *ret)
91 l = BN_mod_word(dh->p, 24); 91 l = BN_mod_word(dh->p, 24);
92 if (l != 11) 92 if (l != 11)
93 *ret |= DH_NOT_SUITABLE_GENERATOR; 93 *ret |= DH_NOT_SUITABLE_GENERATOR;
94#if 0
95 } else if (BN_is_word(dh->g, DH_GENERATOR_3)) {
96 l = BN_mod_word(dh->p, 12);
97 if (l != 5)
98 *ret |= DH_NOT_SUITABLE_GENERATOR;
99#endif
100 } else if (BN_is_word(dh->g, DH_GENERATOR_5)) { 94 } else if (BN_is_word(dh->g, DH_GENERATOR_5)) {
101 l = BN_mod_word(dh->p, 10); 95 l = BN_mod_word(dh->p, 10);
102 if (l != 3 && l != 7) 96 if (l != 3 && l != 7)
diff --git a/src/lib/libssl/src/crypto/dh/dh_gen.c b/src/lib/libssl/src/crypto/dh/dh_gen.c
index 6a884eff9e..1bc37b987e 100644
--- a/src/lib/libssl/src/crypto/dh/dh_gen.c
+++ b/src/lib/libssl/src/crypto/dh/dh_gen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_gen.c,v 1.13 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dh_gen.c,v 1.14 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -136,14 +136,6 @@ dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb)
136 if (!BN_set_word(t2, 11)) 136 if (!BN_set_word(t2, 11))
137 goto err; 137 goto err;
138 g = 2; 138 g = 2;
139#if 0 /* does not work for safe primes */
140 } else if (generator == DH_GENERATOR_3) {
141 if (!BN_set_word(t1, 12))
142 goto err;
143 if (!BN_set_word(t2, 5))
144 goto err;
145 g = 3;
146#endif
147 } else if (generator == DH_GENERATOR_5) { 139 } else if (generator == DH_GENERATOR_5) {
148 if (!BN_set_word(t1, 10)) 140 if (!BN_set_word(t1, 10))
149 goto err; 141 goto err;
diff --git a/src/lib/libssl/src/crypto/dso/dso.h b/src/lib/libssl/src/crypto/dso/dso.h
index 52d391c0a4..42de08089e 100644
--- a/src/lib/libssl/src/crypto/dso/dso.h
+++ b/src/lib/libssl/src/crypto/dso/dso.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: dso.h,v 1.10 2014/08/14 17:55:28 tobias Exp $ */ 1/* $OpenBSD: dso.h,v 1.11 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL 2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -149,13 +149,6 @@ typedef struct dso_meth_st {
149 * alone a DSO_METHOD implemented for them. */ 149 * alone a DSO_METHOD implemented for them. */
150 DSO_FUNC_TYPE (*dso_bind_func)(DSO *dso, const char *symname); 150 DSO_FUNC_TYPE (*dso_bind_func)(DSO *dso, const char *symname);
151 151
152/* I don't think this would actually be used in any circumstances. */
153#if 0
154 /* Unbinds a variable */
155 int (*dso_unbind_var)(DSO *dso, char *symname, void *symptr);
156 /* Unbinds a function */
157 int (*dso_unbind_func)(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
158#endif
159 /* The generic (yuck) "ctrl()" function. NB: Negative return 152 /* The generic (yuck) "ctrl()" function. NB: Negative return
160 * values (rather than zero) indicate errors. */ 153 * values (rather than zero) indicate errors. */
161 long (*dso_ctrl)(DSO *dso, int cmd, long larg, void *parg); 154 long (*dso_ctrl)(DSO *dso, int cmd, long larg, void *parg);
@@ -309,9 +302,6 @@ int DSO_pathbyaddr(void *addr, char *path, int sz);
309 * itself or libsocket. */ 302 * itself or libsocket. */
310void *DSO_global_lookup(const char *name); 303void *DSO_global_lookup(const char *name);
311 304
312/* If BeOS is defined, use shared images. If not, return NULL. */
313DSO_METHOD *DSO_METHOD_beos(void);
314
315/* BEGIN ERROR CODES */ 305/* BEGIN ERROR CODES */
316/* The following lines are auto generated by the script mkerr.pl. Any changes 306/* The following lines are auto generated by the script mkerr.pl. Any changes
317 * made after this point may be overwritten when the script is next run. 307 * made after this point may be overwritten when the script is next run.
diff --git a/src/lib/libssl/src/crypto/dso/dso_dlfcn.c b/src/lib/libssl/src/crypto/dso/dso_dlfcn.c
index b75c9e23e0..f22e641bab 100644
--- a/src/lib/libssl/src/crypto/dso/dso_dlfcn.c
+++ b/src/lib/libssl/src/crypto/dso/dso_dlfcn.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dso_dlfcn.c,v 1.27 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dso_dlfcn.c,v 1.28 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL 2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -82,12 +82,6 @@ static int dlfcn_load(DSO *dso);
82static int dlfcn_unload(DSO *dso); 82static int dlfcn_unload(DSO *dso);
83static void *dlfcn_bind_var(DSO *dso, const char *symname); 83static void *dlfcn_bind_var(DSO *dso, const char *symname);
84static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname); 84static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname);
85#if 0
86static int dlfcn_unbind(DSO *dso, char *symname, void *symptr);
87static int dlfcn_init(DSO *dso);
88static int dlfcn_finish(DSO *dso);
89static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg);
90#endif
91static char *dlfcn_name_converter(DSO *dso, const char *filename); 85static char *dlfcn_name_converter(DSO *dso, const char *filename);
92static char *dlfcn_merger(DSO *dso, const char *filespec1, 86static char *dlfcn_merger(DSO *dso, const char *filespec1,
93 const char *filespec2); 87 const char *filespec2);
diff --git a/src/lib/libssl/src/crypto/ec/ec_curve.c b/src/lib/libssl/src/crypto/ec/ec_curve.c
index 6490cd9d84..df49089bb6 100644
--- a/src/lib/libssl/src/crypto/ec/ec_curve.c
+++ b/src/lib/libssl/src/crypto/ec/ec_curve.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_curve.c,v 1.9 2014/11/12 18:21:07 miod Exp $ */ 1/* $OpenBSD: ec_curve.c,v 1.10 2015/02/07 13:19:15 doug Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project. 3 * Written by Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -1008,13 +1008,6 @@ static const struct {
1008 NID_X9_62_characteristic_two_field, 0, 21, 2 1008 NID_X9_62_characteristic_two_field, 0, 21, 2
1009 }, 1009 },
1010 { /* no seed */ 1010 { /* no seed */
1011#if 0
1012/* The algorithm used to derive the curve parameters from
1013 * the seed used here is slightly different than the
1014 * algorithm described in X9.62 . */
1015 0x24, 0xB7, 0xB1, 0x37, 0xC8, 0xA1, 0x4D, 0x69, 0x6E, 0x67,
1016 0x68, 0x75, 0x61, 0x51, 0x75, 0x6F, 0xD0, 0xDA, 0x2E, 0x5C,
1017#endif
1018 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* p */ 1011 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* p */
1019 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1012 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1020 0xC9, 1013 0xC9,
@@ -1045,12 +1038,6 @@ static const struct {
1045 NID_X9_62_characteristic_two_field, 0, 21, 2 1038 NID_X9_62_characteristic_two_field, 0, 21, 2
1046 }, 1039 },
1047 { /* no seed */ 1040 { /* no seed */
1048#if 0
1049/* The seed here was used to created the curve parameters in normal
1050 * basis representation (and not the polynomial representation used here) */
1051 0x85, 0xE2, 0x5B, 0xFE, 0x5C, 0x86, 0x22, 0x6C, 0xDB, 0x12,
1052 0x01, 0x6F, 0x75, 0x53, 0xF9, 0xD0, 0xE6, 0x93, 0xA2, 0x68,
1053#endif
1054 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* p */ 1041 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* p */
1055 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1042 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1056 0xC9, 1043 0xC9,
diff --git a/src/lib/libssl/src/crypto/ec/ec_mult.c b/src/lib/libssl/src/crypto/ec/ec_mult.c
index 3dc17bc409..9e3aee13a2 100644
--- a/src/lib/libssl/src/crypto/ec/ec_mult.c
+++ b/src/lib/libssl/src/crypto/ec/ec_mult.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_mult.c,v 1.15 2014/11/11 06:23:43 guenther Exp $ */ 1/* $OpenBSD: ec_mult.c,v 1.16 2015/02/07 13:19:15 doug Exp $ */
2/* 2/*
3 * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project. 3 * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -627,11 +627,8 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
627 } 627 }
628 } 628 }
629 629
630#if 1 /* optional; EC_window_bits_for_scalar_size
631 * assumes we do this step */
632 if (!EC_POINTs_make_affine(group, num_val, val, ctx)) 630 if (!EC_POINTs_make_affine(group, num_val, val, ctx))
633 goto err; 631 goto err;
634#endif
635 632
636 r_is_at_infinity = 1; 633 r_is_at_infinity = 1;
637 634
diff --git a/src/lib/libssl/src/crypto/ecdh/ech_lib.c b/src/lib/libssl/src/crypto/ecdh/ech_lib.c
index e9fae9428b..43c4f8ce31 100644
--- a/src/lib/libssl/src/crypto/ecdh/ech_lib.c
+++ b/src/lib/libssl/src/crypto/ecdh/ech_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ech_lib.c,v 1.7 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ech_lib.c,v 1.8 2015/02/07 13:19:15 doug Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -106,11 +106,6 @@ int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
106 if (ecdh == NULL) 106 if (ecdh == NULL)
107 return 0; 107 return 0;
108 108
109#if 0
110 mtmp = ecdh->meth;
111 if (mtmp->finish)
112 mtmp->finish(eckey);
113#endif
114#ifndef OPENSSL_NO_ENGINE 109#ifndef OPENSSL_NO_ENGINE
115 if (ecdh->engine) 110 if (ecdh->engine)
116 { 111 {
@@ -119,10 +114,6 @@ int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
119 } 114 }
120#endif 115#endif
121 ecdh->meth = meth; 116 ecdh->meth = meth;
122#if 0
123 if (meth->init)
124 meth->init(eckey);
125#endif
126 return 1; 117 return 1;
127 } 118 }
128 119
@@ -159,14 +150,6 @@ static ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine)
159 150
160 ret->flags = ret->meth->flags; 151 ret->flags = ret->meth->flags;
161 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data); 152 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
162#if 0
163 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
164 {
165 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
166 free(ret);
167 ret=NULL;
168 }
169#endif
170 return(ret); 153 return(ret);
171 } 154 }
172 155
diff --git a/src/lib/libssl/src/crypto/ecdh/ech_locl.h b/src/lib/libssl/src/crypto/ecdh/ech_locl.h
index fff54abf60..077c7dab95 100644
--- a/src/lib/libssl/src/crypto/ecdh/ech_locl.h
+++ b/src/lib/libssl/src/crypto/ecdh/ech_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ech_locl.h,v 1.2 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: ech_locl.h,v 1.3 2015/02/07 13:19:15 doug Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -67,10 +67,6 @@ struct ecdh_method
67 const char *name; 67 const char *name;
68 int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, 68 int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
69 void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); 69 void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
70#if 0
71 int (*init)(EC_KEY *eckey);
72 int (*finish)(EC_KEY *eckey);
73#endif
74 int flags; 70 int flags;
75 char *app_data; 71 char *app_data;
76 }; 72 };
diff --git a/src/lib/libssl/src/crypto/ecdsa/ecs_lib.c b/src/lib/libssl/src/crypto/ecdsa/ecs_lib.c
index a92d6117c9..6cdf4c124b 100644
--- a/src/lib/libssl/src/crypto/ecdsa/ecs_lib.c
+++ b/src/lib/libssl/src/crypto/ecdsa/ecs_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecs_lib.c,v 1.7 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ecs_lib.c,v 1.8 2015/02/07 13:19:15 doug Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -138,14 +138,6 @@ static ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine)
138 138
139 ret->flags = ret->meth->flags; 139 ret->flags = ret->meth->flags;
140 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data); 140 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data);
141#if 0
142 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
143 {
144 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data);
145 free(ret);
146 ret=NULL;
147 }
148#endif
149 return(ret); 141 return(ret);
150} 142}
151 143
diff --git a/src/lib/libssl/src/crypto/engine/eng_all.c b/src/lib/libssl/src/crypto/engine/eng_all.c
index 21b76266c7..014bcb132e 100644
--- a/src/lib/libssl/src/crypto/engine/eng_all.c
+++ b/src/lib/libssl/src/crypto/engine/eng_all.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_all.c,v 1.26 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: eng_all.c,v 1.27 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Richard Levitte <richard@levitte.org> for the OpenSSL 2/* Written by Richard Levitte <richard@levitte.org> for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -66,13 +66,6 @@ ENGINE_load_builtin_engines(void)
66{ 66{
67 /* Some ENGINEs need this */ 67 /* Some ENGINEs need this */
68 OPENSSL_cpuid_setup(); 68 OPENSSL_cpuid_setup();
69#if 0
70 /* There's no longer any need for an "openssl" ENGINE unless, one day,
71 * it is the *only* way for standard builtin implementations to be be
72 * accessed (ie. it would be possible to statically link binaries with
73 * *no* builtin implementations). */
74 ENGINE_load_openssl();
75#endif
76 69
77#ifndef OPENSSL_NO_RSAX 70#ifndef OPENSSL_NO_RSAX
78 ENGINE_load_rsax(); 71 ENGINE_load_rsax();
diff --git a/src/lib/libssl/src/crypto/engine/eng_list.c b/src/lib/libssl/src/crypto/engine/eng_list.c
index b84504102f..78e978116a 100644
--- a/src/lib/libssl/src/crypto/engine/eng_list.c
+++ b/src/lib/libssl/src/crypto/engine/eng_list.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_list.c,v 1.15 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: eng_list.c,v 1.16 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL 2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -378,14 +378,7 @@ ENGINE_by_id(const char *id)
378 } 378 }
379 } 379 }
380 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 380 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
381#if 0 381
382 if (iterator == NULL) {
383 ENGINEerr(ENGINE_F_ENGINE_BY_ID,
384 ENGINE_R_NO_SUCH_ENGINE);
385 ERR_asprintf_error_data("id=%s", id);
386 }
387 return iterator;
388#else
389 /* EEK! Experimental code starts */ 382 /* EEK! Experimental code starts */
390 if (iterator) 383 if (iterator)
391 return iterator; 384 return iterator;
@@ -415,7 +408,6 @@ notfound:
415 ERR_asprintf_error_data("id=%s", id); 408 ERR_asprintf_error_data("id=%s", id);
416 return NULL; 409 return NULL;
417 /* EEK! Experimental code ends */ 410 /* EEK! Experimental code ends */
418#endif
419} 411}
420 412
421int 413int
diff --git a/src/lib/libssl/src/crypto/engine/eng_padlock.c b/src/lib/libssl/src/crypto/engine/eng_padlock.c
index 48040db82d..1c86a343df 100644
--- a/src/lib/libssl/src/crypto/engine/eng_padlock.c
+++ b/src/lib/libssl/src/crypto/engine/eng_padlock.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_padlock.c,v 1.13 2014/10/18 17:20:40 jsing Exp $ */ 1/* $OpenBSD: eng_padlock.c,v 1.14 2015/02/07 13:19:15 doug Exp $ */
2/* 2/*
3 * Support for VIA PadLock Advanced Cryptography Engine (ACE) 3 * Support for VIA PadLock Advanced Cryptography Engine (ACE)
4 * Written by Michal Ludvig <michal@logix.cz> 4 * Written by Michal Ludvig <michal@logix.cz>
@@ -168,9 +168,11 @@ padlock_bind_helper(ENGINE *e)
168 /* Check available features */ 168 /* Check available features */
169 padlock_available(); 169 padlock_available();
170 170
171#if 1 /* disable RNG for now, see commentary in vicinity of RNG code */ 171 /*
172 * RNG is currently disabled for reasons discussed in commentary just
173 * before padlock_rand_bytes function.
174 */
172 padlock_use_rng = 0; 175 padlock_use_rng = 0;
173#endif
174 176
175 /* Generate a nice engine name with available features */ 177 /* Generate a nice engine name with available features */
176 (void) snprintf(padlock_name, sizeof(padlock_name), 178 (void) snprintf(padlock_name, sizeof(padlock_name),
diff --git a/src/lib/libssl/src/crypto/engine/tb_store.c b/src/lib/libssl/src/crypto/engine/tb_store.c
index 2f0cc004f3..e9ad11ab01 100644
--- a/src/lib/libssl/src/crypto/engine/tb_store.c
+++ b/src/lib/libssl/src/crypto/engine/tb_store.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tb_store.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: tb_store.c,v 1.5 2015/02/07 13:19:15 doug Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 2003 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -93,29 +93,6 @@ ENGINE_register_all_STORE(void)
93 ENGINE_register_STORE(e); 93 ENGINE_register_STORE(e);
94} 94}
95 95
96/* The following two functions are removed because they're useless. */
97#if 0
98int
99ENGINE_set_default_STORE(ENGINE *e)
100{
101 if (e->store_meth)
102 return engine_table_register(&store_table,
103 engine_unregister_all_STORE, e, &dummy_nid, 1, 1);
104 return 1;
105}
106#endif
107
108#if 0
109/* Exposed API function to get a functional reference from the implementation
110 * table (ie. try to get a functional reference from the tabled structural
111 * references). */
112ENGINE *
113ENGINE_get_default_STORE(void)
114{
115 return engine_table_select(&store_table, dummy_nid);
116}
117#endif
118
119/* Obtains an STORE implementation from an ENGINE functional reference */ 96/* Obtains an STORE implementation from an ENGINE functional reference */
120const STORE_METHOD * 97const STORE_METHOD *
121ENGINE_get_STORE(const ENGINE *e) 98ENGINE_get_STORE(const ENGINE *e)
diff --git a/src/lib/libssl/src/crypto/evp/bio_b64.c b/src/lib/libssl/src/crypto/evp/bio_b64.c
index 53b8bcf615..b54e8793ec 100644
--- a/src/lib/libssl/src/crypto/evp/bio_b64.c
+++ b/src/lib/libssl/src/crypto/evp/bio_b64.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bio_b64.c,v 1.19 2014/07/11 12:04:46 miod Exp $ */ 1/* $OpenBSD: bio_b64.c,v 1.20 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -293,11 +293,7 @@ b64_read(BIO *b, char *out, int outl)
293 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) { 293 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
294 int z, jj; 294 int z, jj;
295 295
296#if 0
297 jj = (i >> 2) << 2;
298#else
299 jj = i & ~3; /* process per 4 */ 296 jj = i & ~3; /* process per 4 */
300#endif
301 z = EVP_DecodeBlock((unsigned char *)ctx->buf, 297 z = EVP_DecodeBlock((unsigned char *)ctx->buf,
302 (unsigned char *)ctx->tmp, jj); 298 (unsigned char *)ctx->tmp, jj);
303 if (jj > 2) { 299 if (jj > 2) {
diff --git a/src/lib/libssl/src/crypto/evp/encode.c b/src/lib/libssl/src/crypto/evp/encode.c
index 067e62dfe9..725667bfff 100644
--- a/src/lib/libssl/src/crypto/evp/encode.c
+++ b/src/lib/libssl/src/crypto/evp/encode.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: encode.c,v 1.19 2014/08/06 16:01:44 jsing Exp $ */ 1/* $OpenBSD: encode.c,v 1.20 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -415,36 +415,3 @@ EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
415 } else 415 } else
416 return (1); 416 return (1);
417} 417}
418
419#ifdef undef
420int
421EVP_DecodeValid(unsigned char *buf, int len)
422{
423 int i, num = 0, bad = 0;
424
425 if (len == 0)
426 return (-1);
427 while (conv_ascii2bin(*buf) == B64_WS) {
428 buf++;
429 len--;
430 if (len == 0)
431 return (-1);
432 }
433
434 for (i = len; i >= 4; i -= 4) {
435 if ((conv_ascii2bin(buf[0]) >= 0x40) ||
436 (conv_ascii2bin(buf[1]) >= 0x40) ||
437 (conv_ascii2bin(buf[2]) >= 0x40) ||
438 (conv_ascii2bin(buf[3]) >= 0x40))
439 return (-1);
440 buf += 4;
441 num += 1 + (buf[2] != '=') + (buf[3] != '=');
442 }
443 if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN))
444 return (num);
445 if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) &&
446 (conv_ascii2bin(buf[0]) == B64_EOLN))
447 return (num);
448 return (1);
449}
450#endif
diff --git a/src/lib/libssl/src/crypto/evp/evp.h b/src/lib/libssl/src/crypto/evp/evp.h
index 6c1bf6c7cd..107119883a 100644
--- a/src/lib/libssl/src/crypto/evp/evp.h
+++ b/src/lib/libssl/src/crypto/evp/evp.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp.h,v 1.40 2014/11/09 19:17:13 miod Exp $ */ 1/* $OpenBSD: evp.h,v 1.41 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -701,10 +701,6 @@ const EVP_CIPHER *EVP_des_cfb1(void);
701const EVP_CIPHER *EVP_des_cfb8(void); 701const EVP_CIPHER *EVP_des_cfb8(void);
702const EVP_CIPHER *EVP_des_ede_cfb64(void); 702const EVP_CIPHER *EVP_des_ede_cfb64(void);
703# define EVP_des_ede_cfb EVP_des_ede_cfb64 703# define EVP_des_ede_cfb EVP_des_ede_cfb64
704#if 0
705const EVP_CIPHER *EVP_des_ede_cfb1(void);
706const EVP_CIPHER *EVP_des_ede_cfb8(void);
707#endif
708const EVP_CIPHER *EVP_des_ede3_cfb64(void); 704const EVP_CIPHER *EVP_des_ede3_cfb64(void);
709# define EVP_des_ede3_cfb EVP_des_ede3_cfb64 705# define EVP_des_ede3_cfb EVP_des_ede3_cfb64
710const EVP_CIPHER *EVP_des_ede3_cfb1(void); 706const EVP_CIPHER *EVP_des_ede3_cfb1(void);
diff --git a/src/lib/libssl/src/crypto/evp/p_sign.c b/src/lib/libssl/src/crypto/evp/p_sign.c
index f68a950c9c..4058d47f07 100644
--- a/src/lib/libssl/src/crypto/evp/p_sign.c
+++ b/src/lib/libssl/src/crypto/evp/p_sign.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p_sign.c,v 1.12 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: p_sign.c,v 1.13 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -63,21 +63,6 @@
63#include <openssl/objects.h> 63#include <openssl/objects.h>
64#include <openssl/x509.h> 64#include <openssl/x509.h>
65 65
66#ifdef undef
67void
68EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
69{
70 EVP_DigestInit_ex(ctx, type);
71}
72
73void
74EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
75 unsigned int count)
76{
77 EVP_DigestUpdate(ctx, data, count);
78}
79#endif
80
81int 66int
82EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, 67EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
83 EVP_PKEY *pkey) 68 EVP_PKEY *pkey)
diff --git a/src/lib/libssl/src/crypto/idea/idea_lcl.h b/src/lib/libssl/src/crypto/idea/idea_lcl.h
index cc58b360ad..e46c960875 100644
--- a/src/lib/libssl/src/crypto/idea/idea_lcl.h
+++ b/src/lib/libssl/src/crypto/idea/idea_lcl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: idea_lcl.h,v 1.2 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: idea_lcl.h,v 1.3 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -69,18 +69,6 @@ if (ul != 0) \
69else \ 69else \
70 r=(-(int)a-b+1); /* assuming a or b is 0 and in range */ 70 r=(-(int)a-b+1); /* assuming a or b is 0 and in range */
71 71
72#ifdef undef
73#define idea_mul(r,a,b,ul,sl) \
74if (a == 0) r=(0x10001-b)&0xffff; \
75else if (b == 0) r=(0x10001-a)&0xffff; \
76else { \
77 ul=(unsigned long)a*b; \
78 sl=(ul&0xffff)-(ul>>16); \
79 if (sl <= 0) sl+=0x10001; \
80 r=sl; \
81 }
82#endif
83
84/* 7/12/95 - Many thanks to Rhys Weatherley <rweather@us.oracle.com> 72/* 7/12/95 - Many thanks to Rhys Weatherley <rweather@us.oracle.com>
85 * for pointing out that I was assuming little endian 73 * for pointing out that I was assuming little endian
86 * byte order for all quantities what idea 74 * byte order for all quantities what idea
@@ -142,59 +130,6 @@ else { \
142#define n2s(c,l) (l =((IDEA_INT)(*((c)++)))<< 8L, \ 130#define n2s(c,l) (l =((IDEA_INT)(*((c)++)))<< 8L, \
143 l|=((IDEA_INT)(*((c)++))) ) 131 l|=((IDEA_INT)(*((c)++))) )
144 132
145#ifdef undef
146/* NOTE - c is not incremented as per c2l */
147#define c2ln(c,l1,l2,n) { \
148 c+=n; \
149 l1=l2=0; \
150 switch (n) { \
151 case 8: l2 =((unsigned long)(*(--(c))))<<24; \
152 case 7: l2|=((unsigned long)(*(--(c))))<<16; \
153 case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
154 case 5: l2|=((unsigned long)(*(--(c)))); \
155 case 4: l1 =((unsigned long)(*(--(c))))<<24; \
156 case 3: l1|=((unsigned long)(*(--(c))))<<16; \
157 case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
158 case 1: l1|=((unsigned long)(*(--(c)))); \
159 } \
160 }
161
162/* NOTE - c is not incremented as per l2c */
163#define l2cn(l1,l2,c,n) { \
164 c+=n; \
165 switch (n) { \
166 case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
167 case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
168 case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
169 case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
170 case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
171 case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
172 case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
173 case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
174 } \
175 }
176
177#undef c2s
178#define c2s(c,l) (l =((unsigned long)(*((c)++))) , \
179 l|=((unsigned long)(*((c)++)))<< 8L)
180
181#undef s2c
182#define s2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
183 *((c)++)=(unsigned char)(((l)>> 8L)&0xff))
184
185#undef c2l
186#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
187 l|=((unsigned long)(*((c)++)))<< 8L, \
188 l|=((unsigned long)(*((c)++)))<<16L, \
189 l|=((unsigned long)(*((c)++)))<<24L)
190
191#undef l2c
192#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
193 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
194 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
195 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
196#endif
197
198#define E_IDEA(num) \ 133#define E_IDEA(num) \
199 x1&=0xffff; \ 134 x1&=0xffff; \
200 idea_mul(x1,x1,*p,ul); p++; \ 135 idea_mul(x1,x1,*p,ul); p++; \
diff --git a/src/lib/libssl/src/crypto/modes/gcm128.c b/src/lib/libssl/src/crypto/modes/gcm128.c
index 5b600517be..1106617763 100644
--- a/src/lib/libssl/src/crypto/modes/gcm128.c
+++ b/src/lib/libssl/src/crypto/modes/gcm128.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gcm128.c,v 1.10 2014/07/09 16:06:13 miod Exp $ */ 1/* $OpenBSD: gcm128.c,v 1.11 2015/02/07 13:19:15 doug Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 2010 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 2010 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -898,9 +898,6 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
898# endif 898# endif
899#endif 899#endif
900 900
901#if 0
902 n = (unsigned int)mlen%16; /* alternative to ctx->mres */
903#endif
904 mlen += len; 901 mlen += len;
905 if (mlen>((U64(1)<<36)-32) || (sizeof(len)==8 && mlen<len)) 902 if (mlen>((U64(1)<<36)-32) || (sizeof(len)==8 && mlen<len))
906 return -1; 903 return -1;
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_key.c b/src/lib/libssl/src/crypto/pkcs12/p12_key.c
index 0357c2bfa2..0b3547a6fb 100644
--- a/src/lib/libssl/src/crypto/pkcs12/p12_key.c
+++ b/src/lib/libssl/src/crypto/pkcs12/p12_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p12_key.c,v 1.21 2014/07/12 16:03:37 miod Exp $ */ 1/* $OpenBSD: p12_key.c,v 1.22 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -107,13 +107,6 @@ PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
107 BIGNUM *Ij, *Bpl1; /* These hold Ij and B + 1 */ 107 BIGNUM *Ij, *Bpl1; /* These hold Ij and B + 1 */
108 EVP_MD_CTX ctx; 108 EVP_MD_CTX ctx;
109 109
110#if 0
111 if (!pass) {
112 PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI, ERR_R_PASSED_NULL_PARAMETER);
113 return 0;
114 }
115#endif
116
117 EVP_MD_CTX_init(&ctx); 110 EVP_MD_CTX_init(&ctx);
118 v = EVP_MD_block_size(md_type); 111 v = EVP_MD_block_size(md_type);
119 u = EVP_MD_size(md_type); 112 u = EVP_MD_size(md_type);
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c b/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c
index d69aff8f41..252fab04d7 100644
--- a/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c
+++ b/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pk7_doit.c,v 1.30 2014/10/22 13:02:04 jsing Exp $ */ 1/* $OpenBSD: pk7_doit.c,v 1.31 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -482,15 +482,6 @@ PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
482 } 482 }
483 483
484 if (evp_cipher != NULL) { 484 if (evp_cipher != NULL) {
485#if 0
486 unsigned char key[EVP_MAX_KEY_LENGTH];
487 unsigned char iv[EVP_MAX_IV_LENGTH];
488 unsigned char *p;
489 int keylen, ivlen;
490 int max;
491 X509_OBJECT ret;
492#endif
493
494 if ((etmp = BIO_new(BIO_f_cipher())) == NULL) { 485 if ((etmp = BIO_new(BIO_f_cipher())) == NULL) {
495 PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB); 486 PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);
496 goto err; 487 goto err;
@@ -594,20 +585,9 @@ PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
594 etmp = NULL; 585 etmp = NULL;
595 } 586 }
596 587
597#if 1
598 if (PKCS7_is_detached(p7) || (in_bio != NULL)) { 588 if (PKCS7_is_detached(p7) || (in_bio != NULL)) {
599 bio = in_bio; 589 bio = in_bio;
600 } else { 590 } else {
601#if 0
602 bio = BIO_new(BIO_s_mem());
603 /* We need to set this so that when we have read all
604 * the data, the encrypt BIO, if present, will read
605 * EOF and encode the last few bytes */
606 BIO_set_mem_eof_return(bio, 0);
607
608 if (data_body != NULL && data_body->length > 0)
609 BIO_write(bio, (char *)data_body->data, data_body->length);
610#else
611 if (data_body != NULL && data_body->length > 0) 591 if (data_body != NULL && data_body->length > 0)
612 bio = BIO_new_mem_buf(data_body->data, data_body->length); 592 bio = BIO_new_mem_buf(data_body->data, data_body->length);
613 else { 593 else {
@@ -616,11 +596,10 @@ PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
616 } 596 }
617 if (bio == NULL) 597 if (bio == NULL)
618 goto err; 598 goto err;
619#endif
620 } 599 }
621 BIO_push(out, bio); 600 BIO_push(out, bio);
622 bio = NULL; 601 bio = NULL;
623#endif 602
624 if (0) { 603 if (0) {
625err: 604err:
626 if (ek) { 605 if (ek) {
diff --git a/src/lib/libssl/src/crypto/stack/stack.c b/src/lib/libssl/src/crypto/stack/stack.c
index cbd4d216f6..d941f9e6fb 100644
--- a/src/lib/libssl/src/crypto/stack/stack.c
+++ b/src/lib/libssl/src/crypto/stack/stack.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: stack.c,v 1.18 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: stack.c,v 1.19 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -56,16 +56,6 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59/* Code for stacks
60 * Author - Eric Young v 1.0
61 * 1.2 eay 12-Mar-97 - Modified sk_find so that it _DOES_ return the
62 * lowest index for the searched item.
63 *
64 * 1.1 eay - Take from netdb and added to SSLeay
65 *
66 * 1.0 eay - First version 29/07/92
67 */
68
69#include <stdio.h> 59#include <stdio.h>
70#include <string.h> 60#include <string.h>
71 61
diff --git a/src/lib/libssl/src/crypto/x509/x509_vfy.h b/src/lib/libssl/src/crypto/x509/x509_vfy.h
index 500b520495..e760279b52 100644
--- a/src/lib/libssl/src/crypto/x509/x509_vfy.h
+++ b/src/lib/libssl/src/crypto/x509/x509_vfy.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_vfy.h,v 1.14 2015/01/22 09:06:39 reyk Exp $ */ 1/* $OpenBSD: x509_vfy.h,v 1.15 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -77,17 +77,6 @@
77extern "C" { 77extern "C" {
78#endif 78#endif
79 79
80#if 0
81/* Outer object */
82typedef struct x509_hash_dir_st
83 {
84 int num_dirs;
85 char **dirs;
86 int *dirs_type;
87 int num_dirs_alloced;
88 } X509_HASH_DIR_CTX;
89#endif
90
91typedef struct x509_file_st 80typedef struct x509_file_st
92 { 81 {
93 int num_paths; /* number of paths to files or directories */ 82 int num_paths; /* number of paths to files or directories */
diff --git a/src/lib/libssl/src/crypto/x509v3/pcy_lib.c b/src/lib/libssl/src/crypto/x509v3/pcy_lib.c
index 321370e135..6f37064063 100644
--- a/src/lib/libssl/src/crypto/x509v3/pcy_lib.c
+++ b/src/lib/libssl/src/crypto/x509v3/pcy_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pcy_lib.c,v 1.4 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: pcy_lib.c,v 1.5 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2004. 3 * project 2004.
4 */ 4 */
@@ -140,16 +140,6 @@ X509_policy_node_get0_policy(const X509_POLICY_NODE *node)
140 return node->data->valid_policy; 140 return node->data->valid_policy;
141} 141}
142 142
143#if 0
144int
145X509_policy_node_get_critical(const X509_POLICY_NODE *node)
146{
147 if (node_critical(node))
148 return 1;
149 return 0;
150}
151#endif
152
153STACK_OF(POLICYQUALINFO) * 143STACK_OF(POLICYQUALINFO) *
154X509_policy_node_get0_qualifiers(const X509_POLICY_NODE *node) 144X509_policy_node_get0_qualifiers(const X509_POLICY_NODE *node)
155{ 145{
diff --git a/src/lib/libssl/src/crypto/x509v3/pcy_tree.c b/src/lib/libssl/src/crypto/x509v3/pcy_tree.c
index 2c6472a8a1..fa0e161562 100644
--- a/src/lib/libssl/src/crypto/x509v3/pcy_tree.c
+++ b/src/lib/libssl/src/crypto/x509v3/pcy_tree.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pcy_tree.c,v 1.12 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: pcy_tree.c,v 1.13 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2004. 3 * project 2004.
4 */ 4 */
@@ -153,11 +153,6 @@ tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, unsigned int flags)
153 *ptree = NULL; 153 *ptree = NULL;
154 n = sk_X509_num(certs); 154 n = sk_X509_num(certs);
155 155
156#if 0
157 /* Disable policy mapping for now... */
158 flags |= X509_V_FLAG_INHIBIT_MAP;
159#endif
160
161 if (flags & X509_V_FLAG_EXPLICIT_POLICY) 156 if (flags & X509_V_FLAG_EXPLICIT_POLICY)
162 explicit_policy = 0; 157 explicit_policy = 0;
163 else 158 else
@@ -327,19 +322,6 @@ tree_link_nodes(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache)
327 322
328 for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++) { 323 for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++) {
329 data = sk_X509_POLICY_DATA_value(cache->data, i); 324 data = sk_X509_POLICY_DATA_value(cache->data, i);
330 /* If a node is mapped any it doesn't have a corresponding
331 * CertificatePolicies entry.
332 * However such an identical node would be created
333 * if anyPolicy matching is enabled because there would be
334 * no match with the parent valid_policy_set. So we create
335 * link because then it will have the mapping flags
336 * right and we can prune it later.
337 */
338#if 0
339 if ((data->flags & POLICY_DATA_FLAG_MAPPED_ANY) &&
340 !(curr->flags & X509_V_FLAG_INHIBIT_ANY))
341 continue;
342#endif
343 /* Look for matching nodes in previous level */ 325 /* Look for matching nodes in previous level */
344 if (!tree_link_matching_nodes(curr, data)) 326 if (!tree_link_matching_nodes(curr, data))
345 return 0; 327 return 0;
@@ -416,7 +398,6 @@ tree_link_any(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache,
416 X509_POLICY_TREE *tree) 398 X509_POLICY_TREE *tree)
417{ 399{
418 int i; 400 int i;
419 /*X509_POLICY_DATA *data;*/
420 X509_POLICY_NODE *node; 401 X509_POLICY_NODE *node;
421 X509_POLICY_LEVEL *last = curr - 1; 402 X509_POLICY_LEVEL *last = curr - 1;
422 403
@@ -425,36 +406,6 @@ tree_link_any(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache,
425 406
426 if (!tree_link_unmatched(curr, cache, node, tree)) 407 if (!tree_link_unmatched(curr, cache, node, tree))
427 return 0; 408 return 0;
428
429#if 0
430
431 /* Skip any node with any children: we only want unmathced
432 * nodes.
433 *
434 * Note: need something better for policy mapping
435 * because each node may have multiple children
436 */
437 if (node->nchild)
438 continue;
439
440 /* Create a new node with qualifiers from anyPolicy and
441 * id from unmatched node.
442 */
443 data = policy_data_new(NULL, node->data->valid_policy,
444 node_critical(node));
445
446 if (data == NULL)
447 return 0;
448 /* Curr may not have anyPolicy */
449 data->qualifier_set = cache->anyPolicy->qualifier_set;
450 data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
451 if (!level_add_node(curr, data, node, tree)) {
452 policy_data_free(data);
453 return 0;
454 }
455
456#endif
457
458 } 409 }
459 /* Finally add link to anyPolicy */ 410 /* Finally add link to anyPolicy */
460 if (last->anyPolicy) { 411 if (last->anyPolicy) {
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_info.c b/src/lib/libssl/src/crypto/x509v3/v3_info.c
index 862f949b1b..0a4df34078 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_info.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_info.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_info.c,v 1.19 2014/10/05 18:28:56 miod Exp $ */ 1/* $OpenBSD: v3_info.c,v 1.20 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -208,8 +208,5 @@ int
208i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a) 208i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a)
209{ 209{
210 i2a_ASN1_OBJECT(bp, a->method); 210 i2a_ASN1_OBJECT(bp, a->method);
211#ifdef UNDEF
212 i2a_GENERAL_NAME(bp, a->location);
213#endif
214 return 2; 211 return 2;
215} 212}
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_utl.c b/src/lib/libssl/src/crypto/x509v3/v3_utl.c
index 99090f3cd2..ee135a0b52 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_utl.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_utl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_utl.c,v 1.23 2014/07/13 16:03:10 beck Exp $ */ 1/* $OpenBSD: v3_utl.c,v 1.24 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -328,9 +328,6 @@ X509V3_parse_list(const char *line)
328 *p = 0; 328 *p = 0;
329 ntmp = strip_spaces(q); 329 ntmp = strip_spaces(q);
330 q = p + 1; 330 q = p + 1;
331#if 0
332 printf("%s\n", ntmp);
333#endif
334 if (!ntmp) { 331 if (!ntmp) {
335 X509V3err(X509V3_F_X509V3_PARSE_LIST, 332 X509V3err(X509V3_F_X509V3_PARSE_LIST,
336 X509V3_R_INVALID_NULL_NAME); 333 X509V3_R_INVALID_NULL_NAME);
@@ -345,9 +342,6 @@ X509V3_parse_list(const char *line)
345 state = HDR_NAME; 342 state = HDR_NAME;
346 *p = 0; 343 *p = 0;
347 vtmp = strip_spaces(q); 344 vtmp = strip_spaces(q);
348#if 0
349 printf("%s\n", ntmp);
350#endif
351 if (!vtmp) { 345 if (!vtmp) {
352 X509V3err(X509V3_F_X509V3_PARSE_LIST, 346 X509V3err(X509V3_F_X509V3_PARSE_LIST,
353 X509V3_R_INVALID_NULL_VALUE); 347 X509V3_R_INVALID_NULL_VALUE);
@@ -363,9 +357,6 @@ X509V3_parse_list(const char *line)
363 357
364 if (state == HDR_VALUE) { 358 if (state == HDR_VALUE) {
365 vtmp = strip_spaces(q); 359 vtmp = strip_spaces(q);
366#if 0
367 printf("%s=%s\n", ntmp, vtmp);
368#endif
369 if (!vtmp) { 360 if (!vtmp) {
370 X509V3err(X509V3_F_X509V3_PARSE_LIST, 361 X509V3err(X509V3_F_X509V3_PARSE_LIST,
371 X509V3_R_INVALID_NULL_VALUE); 362 X509V3_R_INVALID_NULL_VALUE);
@@ -374,9 +365,6 @@ X509V3_parse_list(const char *line)
374 X509V3_add_value(ntmp, vtmp, &values); 365 X509V3_add_value(ntmp, vtmp, &values);
375 } else { 366 } else {
376 ntmp = strip_spaces(q); 367 ntmp = strip_spaces(q);
377#if 0
378 printf("%s\n", ntmp);
379#endif
380 if (!ntmp) { 368 if (!ntmp) {
381 X509V3err(X509V3_F_X509V3_PARSE_LIST, 369 X509V3err(X509V3_F_X509V3_PARSE_LIST,
382 X509V3_R_INVALID_NULL_NAME); 370 X509V3_R_INVALID_NULL_NAME);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 12:10:39 +0000