From d970fd597dc43c71716f5ce1db8f102515a73ad8 Mon Sep 17 00:00:00 2001
From: tedu <>
Date: Fri, 30 May 2014 14:30:50 +0000
Subject: remove some #if 0 code. we don't need any more reminders that we're
 using a not quite appropriate data structure. ok jsing

---
 src/lib/libssl/ssl_cert.c | 14 --------------
 1 file changed, 14 deletions(-)

(limited to 'src/lib/libssl/ssl_cert.c')

diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
index c4099ca24f..3a16644cf4 100644
--- a/src/lib/libssl/ssl_cert.c
+++ b/src/lib/libssl/ssl_cert.c
@@ -340,10 +340,6 @@ ssl_cert_free(CERT *c)
 			X509_free(c->pkeys[i].x509);
 		if (c->pkeys[i].privatekey != NULL)
 			EVP_PKEY_free(c->pkeys[i].privatekey);
-#if 0
-		if (c->pkeys[i].publickey != NULL)
-			EVP_PKEY_free(c->pkeys[i].publickey);
-#endif
 	}
 	free(c);
 }
@@ -409,12 +405,6 @@ ssl_sess_cert_free(SESS_CERT *sc)
 	for (i = 0; i < SSL_PKEY_NUM; i++) {
 		if (sc->peer_pkeys[i].x509 != NULL)
 			X509_free(sc->peer_pkeys[i].x509);
-#if 0 /* We don't have the peer's private key.  These lines are just
-       * here as a reminder that we're still using a not-quite-appropriate
-       * data structure. */
-		if (sc->peer_pkeys[i].privatekey != NULL)
-			EVP_PKEY_free(sc->peer_pkeys[i].privatekey);
-#endif
 	}
 
 	if (sc->peer_rsa_tmp != NULL)
@@ -449,10 +439,6 @@ ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk)
 		SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, ERR_R_X509_LIB);
 		return (0);
 	}
-#if 0
-	if (SSL_get_verify_depth(s) >= 0)
-		X509_STORE_CTX_set_depth(&ctx, SSL_get_verify_depth(s));
-#endif
 	X509_STORE_CTX_set_ex_data(&ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), s);
 
 	/* We need to inherit the verify parameters. These can be determined by
-- 
cgit v1.2.3-55-g6feb