summaryrefslogtreecommitdiffstats
path: root/ssl/ssl_cert.c
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2015-06-21 19:08:57 +0100
committerDr. Stephen Henson <steve@openssl.org>2015-06-22 13:52:24 +0100
commita273c6eeee6690d7061d3e647a5e648bbd3a997a (patch)
tree9bdc1c8dae1a3b89500ff39efd34a37a8712b25e /ssl/ssl_cert.c
parent8d92c1f8a381a3be7fe5b3a2c2aa9bfce22f5c72 (diff)
Remove certificates from sess_cert
As numerous comments indicate the certificate and key array is not an appopriate structure to store the peers certificate: so remove it and just the s->session->peer instead. Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl/ssl_cert.c')
-rw-r--r--ssl/ssl_cert.c19
1 files changed, 0 insertions, 19 deletions
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index badcc2d147..6cb967772a 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -530,7 +530,6 @@ SESS_CERT *ssl_sess_cert_new(void)
}
memset(ret, 0, sizeof(*ret));
- ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]);
ret->references = 1;
return ret;
@@ -558,27 +557,9 @@ void ssl_sess_cert_free(SESS_CERT *sc)
/* i == 0 */
sk_X509_pop_free(sc->cert_chain, X509_free);
- for (i = 0; i < SSL_PKEY_NUM; i++) {
- X509_free(sc->peer_pkeys[i].x509);
-#if 0
- /*
- * We don't have the peer's private key. This line is just
- * here as a reminder that we're still using a not-quite-appropriate
- * data structure.
- */
- EVP_PKEY_free(sc->peer_pkeys[i].privatekey);
-#endif
- }
-
OPENSSL_free(sc);
}
-int ssl_set_peer_cert_type(SESS_CERT *sc, int type)
-{
- sc->peer_cert_type = type;
- return (1);
-}
-
int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk)
{
X509 *x;
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-28 01:14:53 +0000