Skip to content

Commit

Permalink
Remove superfluous x509_write_pem()
Browse files Browse the repository at this point in the history
After removing --tls-export-cert, this function was left in the code
base with no other users.  This was an oversight in the previous
change.  Removing it to avoid leaving dead code behind.

Signed-off-by: David Sommerseth <[email protected]>
Acked-by: Gert Doering <[email protected]>
Message-Id: <[email protected]>
URL: https://www.mail-archive.com/[email protected]/msg27561.html
Signed-off-by: Gert Doering <[email protected]>
  • Loading branch information
dsommers authored and cron2 committed Dec 6, 2023
1 parent 12c5ef1 commit f015643
Show file tree
Hide file tree
Showing 3 changed files with 0 additions and 29 deletions.
11 changes: 0 additions & 11 deletions src/openvpn/ssl_verify_backend.h
Original file line number Diff line number Diff line change
Expand Up @@ -249,17 +249,6 @@ result_t x509_verify_cert_ku(openvpn_x509_cert_t *x509, const unsigned *const ex
*/
result_t x509_verify_cert_eku(openvpn_x509_cert_t *x509, const char *const expected_oid);

/*
* Store the given certificate in pem format in a temporary file in tmp_dir
*
* @param cert Certificate to store
* @param tmp_dir Temporary directory to store the directory
* @param gc gc_arena to store temporary objects in
*
*
*/
result_t x509_write_pem(FILE *peercert_file, openvpn_x509_cert_t *peercert);

/**
* Return true iff a CRL is configured, but is not loaded. This can be caused
* by e.g. a CRL parsing error, a missing CRL file or CRL file permission
Expand Down
7 changes: 0 additions & 7 deletions src/openvpn/ssl_verify_mbedtls.c
Original file line number Diff line number Diff line change
Expand Up @@ -536,13 +536,6 @@ x509_verify_cert_eku(mbedtls_x509_crt *cert, const char *const expected_oid)
return fFound;
}

result_t
x509_write_pem(FILE *peercert_file, mbedtls_x509_crt *peercert)
{
msg(M_WARN, "mbed TLS does not support writing peer certificate in PEM format");
return FAILURE;
}

bool
tls_verify_crl_missing(const struct tls_options *opt)
{
Expand Down
11 changes: 0 additions & 11 deletions src/openvpn/ssl_verify_openssl.c
Original file line number Diff line number Diff line change
Expand Up @@ -762,17 +762,6 @@ x509_verify_cert_eku(X509 *x509, const char *const expected_oid)
return fFound;
}

result_t
x509_write_pem(FILE *peercert_file, X509 *peercert)
{
if (PEM_write_X509(peercert_file, peercert) < 0)
{
msg(M_NONFATAL, "Failed to write peer certificate in PEM format");
return FAILURE;
}
return SUCCESS;
}

bool
tls_verify_crl_missing(const struct tls_options *opt)
{
Expand Down

0 comments on commit f015643

Please sign in to comment.