1 files changed, 0 insertions, 50 deletions

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 2bb1866b8c..ed987c0ff5 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -204,23 +204,10 @@ int SSL_clear(SSL *s)
     s->hit = 0;
     s->shutdown = 0;
 
-#if 0
-    /*
-     * Disabled since version 1.10 of this file (early return not
-     * needed because SSL_clear is not called when doing renegotiation)
-     */
-    /*
-     * This is set if we are doing dynamic renegotiation so keep
-     * the old cipher.  It is sort of a SSL_clear_lite :-)
-     */
-    if (s->renegotiate)
-        return (1);
-#else
     if (s->renegotiate) {
         SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR);
         return 0;
     }
-#endif
 
     s->type = 0;
 
@@ -230,9 +217,6 @@ int SSL_clear(SSL *s)
     s->client_version = s->version;
     s->rwstate = SSL_NOTHING;
     s->rstate = SSL_ST_READ_HEADER;
-#if 0
-    s->read_ahead = s->ctx->read_ahead;
-#endif
 
     if (s->init_buf != NULL) {
         BUF_MEM_free(s->init_buf);
@@ -326,9 +310,6 @@ SSL *SSL_new(SSL_CTX *ctx)
     s->msg_callback_arg = ctx->msg_callback_arg;
     s->verify_mode = ctx->verify_mode;
     s->not_resumable_session_cb = ctx->not_resumable_session_cb;
-#if 0
-    s->verify_depth = ctx->verify_depth;
-#endif
     s->sid_ctx_length = ctx->sid_ctx_length;
     OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
     memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
@@ -339,10 +320,6 @@ SSL *SSL_new(SSL_CTX *ctx)
     if (!s->param)
         goto err;
     X509_VERIFY_PARAM_inherit(s->param, ctx->param);
-#if 0
-    s->purpose = ctx->purpose;
-    s->trust = ctx->trust;
-#endif
     s->quiet_shutdown = ctx->quiet_shutdown;
     s->max_send_fragment = ctx->max_send_fragment;
 
@@ -1915,26 +1892,14 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
 
     ret->references = 1;
     ret->quiet_shutdown = 0;
-
-/*  ret->cipher=NULL;*/
-/*-
-    ret->s2->challenge=NULL;
-    ret->master_key=NULL;
-    ret->s2->conn_id=NULL; */
-
     ret->info_callback = NULL;
-
     ret->app_verify_callback = 0;
     ret->app_verify_arg = NULL;
-
     ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
     ret->read_ahead = 0;
     ret->msg_callback = 0;
     ret->msg_callback_arg = NULL;
     ret->verify_mode = SSL_VERIFY_NONE;
-#if 0
-    ret->verify_depth = -1;     /* Don't impose a limit (but x509_lu.c does) */
-#endif
     ret->sid_ctx_length = 0;
     ret->default_verify_callback = NULL;
     if ((ret->cert = ssl_cert_new()) == NULL)
@@ -2097,13 +2062,7 @@ void SSL_CTX_free(SSL_CTX *a)
         sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
     if (a->extra_certs != NULL)
         sk_X509_pop_free(a->extra_certs, X509_free);
-#if 0                           /* This should never be done, since it
-                                 * removes a global database */
-    if (a->comp_methods != NULL)
-        sk_SSL_COMP_pop_free(a->comp_methods, SSL_COMP_free);
-#else
     a->comp_methods = NULL;
-#endif
 
 #ifndef OPENSSL_NO_SRTP
     if (a->srtp_profiles)
@@ -2265,15 +2224,6 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
     if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
         emask_k |= SSL_kRSA;
 
-#if 0
-    /* The match needs to be both kDHE and aRSA or aDSA, so don't worry */
-    if ((dh_tmp || dh_rsa || dh_dsa) && (rsa_enc || rsa_sign || dsa_sign))
-        mask_k |= SSL_kDHE;
-    if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
-        (rsa_enc || rsa_sign || dsa_sign))
-        emask_k |= SSL_kDHE;
-#endif
-
     if (dh_tmp_export)
         emask_k |= SSL_kDHE;