diff options
author | David Sommerseth | 2023-11-22 20:00:57 +0100 |
---|---|---|
committer | Gert Doering | 2023-12-06 13:09:38 +0100 |
commit | 5552391a362e16f02e41b056ea18b89b2e49a757 (patch) | |
tree | 0d1f6afd386926af11b4c1b9066ed47f586addf9 | |
parent | 031fe882649e7edd3e5a9c94d2f8fbf61572e251 (diff) | |
download | openvpn-5552391a362e16f02e41b056ea18b89b2e49a757.zip openvpn-5552391a362e16f02e41b056ea18b89b2e49a757.tar.gz |
Remove superfluous x509_write_pem()
After removing --tls-export-cert, this function was left in the code
base with no other users. This was an oversight in the previous
change. Removing it to avoid leaving dead code behind.
Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20231122190057.120384-1-dazo+openvpn@eurephia.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27561.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit f015643fe23d7847ad45b7763f31bfc6baed2159)
-rw-r--r-- | src/openvpn/ssl_verify_backend.h | 11 | ||||
-rw-r--r-- | src/openvpn/ssl_verify_mbedtls.c | 7 | ||||
-rw-r--r-- | src/openvpn/ssl_verify_openssl.c | 11 |
3 files changed, 0 insertions, 29 deletions
diff --git a/src/openvpn/ssl_verify_backend.h b/src/openvpn/ssl_verify_backend.h index 3b79881..d402b1f 100644 --- a/src/openvpn/ssl_verify_backend.h +++ b/src/openvpn/ssl_verify_backend.h @@ -249,17 +249,6 @@ result_t x509_verify_cert_ku(openvpn_x509_cert_t *x509, const unsigned *const ex */ result_t x509_verify_cert_eku(openvpn_x509_cert_t *x509, const char *const expected_oid); -/* - * Store the given certificate in pem format in a temporary file in tmp_dir - * - * @param cert Certificate to store - * @param tmp_dir Temporary directory to store the directory - * @param gc gc_arena to store temporary objects in - * - * - */ -result_t x509_write_pem(FILE *peercert_file, openvpn_x509_cert_t *peercert); - /** * Return true iff a CRL is configured, but is not loaded. This can be caused * by e.g. a CRL parsing error, a missing CRL file or CRL file permission diff --git a/src/openvpn/ssl_verify_mbedtls.c b/src/openvpn/ssl_verify_mbedtls.c index a1ddf8d..4596843 100644 --- a/src/openvpn/ssl_verify_mbedtls.c +++ b/src/openvpn/ssl_verify_mbedtls.c @@ -547,13 +547,6 @@ x509_verify_cert_eku(mbedtls_x509_crt *cert, const char *const expected_oid) return fFound; } -result_t -x509_write_pem(FILE *peercert_file, mbedtls_x509_crt *peercert) -{ - msg(M_WARN, "mbed TLS does not support writing peer certificate in PEM format"); - return FAILURE; -} - bool tls_verify_crl_missing(const struct tls_options *opt) { diff --git a/src/openvpn/ssl_verify_openssl.c b/src/openvpn/ssl_verify_openssl.c index 3194c23..5afffc1 100644 --- a/src/openvpn/ssl_verify_openssl.c +++ b/src/openvpn/ssl_verify_openssl.c @@ -762,17 +762,6 @@ x509_verify_cert_eku(X509 *x509, const char *const expected_oid) return fFound; } -result_t -x509_write_pem(FILE *peercert_file, X509 *peercert) -{ - if (PEM_write_X509(peercert_file, peercert) < 0) - { - msg(M_NONFATAL, "Failed to write peer certificate in PEM format"); - return FAILURE; - } - return SUCCESS; -} - bool tls_verify_crl_missing(const struct tls_options *opt) { |