diff options
Diffstat (limited to 'ssl/ssl_cert.c')
-rw-r--r-- | ssl/ssl_cert.c | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index d81e06b582..974259969f 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -664,10 +664,12 @@ void ssl_sess_cert_free(SESS_CERT *sc) for (i = 0; i < SSL_PKEY_NUM; i++) { if (sc->peer_pkeys[i].x509 != NULL) X509_free(sc->peer_pkeys[i].x509); -#if 0 /* We don't have the peer's private key. - * These lines are just * here as a reminder - * that we're still using a - * not-quite-appropriate * data structure. */ +#if 0 + /* + * We don't have the peer's private key. These lines are just + * here as a reminder that we're still using a not-quite-appropriate + * data structure. + */ if (sc->peer_pkeys[i].privatekey != NULL) EVP_PKEY_free(sc->peer_pkeys[i].privatekey); #endif @@ -717,10 +719,6 @@ int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk) } /* Set suite B flags if needed */ X509_STORE_CTX_set_flags(&ctx, tls1_suiteb(s)); -#if 0 - if (SSL_get_verify_depth(s) >= 0) - X509_STORE_CTX_set_depth(&ctx, SSL_get_verify_depth(s)); -#endif X509_STORE_CTX_set_ex_data(&ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), s); /* |