summaryrefslogtreecommitdiffstats
path: root/ssl/ssl_cert.c
diff options
context:
space:
mode:
authorScott Deboy <sdeboy@secondstryke.com>2013-06-18 14:34:38 -0700
committerScott Deboy <sdeboy@secondstryke.com>2014-02-08 16:12:15 -0800
commit038bec784e528ce273169f178c35991fbc3bea92 (patch)
treebe8a71c2c534db29ea7ee31f1207be9b976b0698 /ssl/ssl_cert.c
parentf407eec799f1f5d271b809875f016f680935567b (diff)
Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions)
Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API Tests exercising the new supplemental data registration and callback api can be found in ssltest.c. Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation. (cherry picked from commit 36086186a9b90cdad0d2cd0a598a10f03f8f4bcc) Conflicts: Configure apps/s_client.c apps/s_server.c ssl/ssl.h ssl/ssl3.h ssl/ssltest.c
Diffstat (limited to 'ssl/ssl_cert.c')
-rw-r--r--ssl/ssl_cert.c22
1 files changed, 0 insertions, 22 deletions
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index b771105785..1e2ab9da97 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -330,23 +330,6 @@ CERT *ssl_cert_dup(CERT *cert)
}
rpk->valid_flags = 0;
#ifndef OPENSSL_NO_TLSEXT
- if (cert->pkeys[i].authz != NULL)
- {
- /* Just copy everything. */
- ret->pkeys[i].authz_length =
- cert->pkeys[i].authz_length;
- ret->pkeys[i].authz =
- OPENSSL_malloc(ret->pkeys[i].authz_length);
- if (ret->pkeys[i].authz == NULL)
- {
- SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- memcpy(ret->pkeys[i].authz,
- cert->pkeys[i].authz,
- cert->pkeys[i].authz_length);
- }
-
if (cert->pkeys[i].serverinfo != NULL)
{
/* Just copy everything. */
@@ -479,11 +462,6 @@ void ssl_cert_clear_certs(CERT *c)
cpk->chain = NULL;
}
#ifndef OPENSSL_NO_TLSEXT
- if (cpk->authz)
- {
- OPENSSL_free(cpk->authz);
- cpk->authz = NULL;
- }
if (cpk->serverinfo)
{
OPENSSL_free(cpk->serverinfo);
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-03 04:13:59 +0000