[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Mon Feb 2 16:09:00 UTC 2015
The branch master has been updated
via 7aa0b022460e1a7bfdf5c70e8cd084d916bac012 (commit)
from 5da05a26f21e7c43a156b65b13a9bc968a6c78db (commit)
- Log -----------------------------------------------------------------
commit 7aa0b022460e1a7bfdf5c70e8cd084d916bac012
Author: Rich Salz <rsalz at openssl.org>
Date: Mon Feb 2 11:08:16 2015 -0500
Dead code cleanup: crypto/*.c, x509v3, demos
Some of the #if 0 code in demo's was kept, but given helpful #ifdef
names, to show more sample code.
Reviewed-by: Andy Polyakov <appro at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/o_init.c | 3 -
crypto/sparcv9cap.c | 131 --------------------------------------
crypto/x509v3/pcy_lib.c | 9 ---
crypto/x509v3/pcy_tree.c | 51 +--------------
crypto/x509v3/v3_utl.c | 12 ----
demos/bio/server-arg.c | 2 +-
demos/engines/rsaref/rsaref.c | 3 -
demos/engines/zencod/hw_zencod.c | 2 +-
demos/evp/aesgcm.c | 12 +---
demos/selfsign.c | 4 +-
10 files changed, 6 insertions(+), 223 deletions(-)
diff --git a/crypto/o_init.c b/crypto/o_init.c
index 2088388..b7b969b 100644
--- a/crypto/o_init.c
+++ b/crypto/o_init.c
@@ -77,7 +77,4 @@ void OPENSSL_init(void)
FIPS_set_malloc_callbacks(CRYPTO_malloc, CRYPTO_free);
RAND_init_fips();
#endif
-#if 0
- fprintf(stderr, "Called OPENSSL_init\n");
-#endif
}
diff --git a/crypto/sparcv9cap.c b/crypto/sparcv9cap.c
index 8bf2846..1731ef6 100644
--- a/crypto/sparcv9cap.c
+++ b/crypto/sparcv9cap.c
@@ -109,128 +109,6 @@ size_t OPENSSL_instrument_bus2(unsigned int *out, size_t cnt, size_t max)
return 0;
}
-#if 0 && defined(__sun) && defined(__SVR4)
-/*
- * This code path is disabled, because of incompatibility of libdevinfo.so.1
- * and libmalloc.so.1 (see below for details)
- */
-# include <malloc.h>
-# include <dlfcn.h>
-# include <libdevinfo.h>
-# include <sys/systeminfo.h>
-
-typedef di_node_t(*di_init_t) (const char *, uint_t);
-typedef void (*di_fini_t) (di_node_t);
-typedef char *(*di_node_name_t) (di_node_t);
-typedef int (*di_walk_node_t) (di_node_t, uint_t, di_node_name_t,
- int (*)(di_node_t, di_node_name_t));
-
-# define DLLINK(h,name) (name=(name##_t)dlsym((h),#name))
-
-static int walk_nodename(di_node_t node, di_node_name_t di_node_name)
-{
- char *name = (*di_node_name) (node);
-
- /* This is expected to catch all UltraSPARC flavors prior T1 */
- if (!strcmp(name, "SUNW,UltraSPARC") ||
- /* covers II,III,IV */
- !strncmp(name, "SUNW,UltraSPARC-I", 17)) {
- OPENSSL_sparcv9cap_P[0] |= SPARCV9_PREFER_FPU | SPARCV9_VIS1;
-
- /* %tick is privileged only on UltraSPARC-I/II, but not IIe */
- if (name[14] != '\0' && name[17] != '\0' && name[18] != '\0')
- OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED;
-
- return DI_WALK_TERMINATE;
- }
- /* This is expected to catch remaining UltraSPARCs, such as T1 */
- else if (!strncmp(name, "SUNW,UltraSPARC", 15)) {
- OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED;
-
- return DI_WALK_TERMINATE;
- }
-
- return DI_WALK_CONTINUE;
-}
-
-void OPENSSL_cpuid_setup(void)
-{
- void *h;
- char *e, si[256];
- static int trigger = 0;
-
- if (trigger)
- return;
- trigger = 1;
-
- if ((e = getenv("OPENSSL_sparcv9cap"))) {
- OPENSSL_sparcv9cap_P[0] = strtoul(e, NULL, 0);
- return;
- }
-
- if (sysinfo(SI_MACHINE, si, sizeof(si)) > 0) {
- if (strcmp(si, "sun4v"))
- /* FPU is preferred for all CPUs, but US-T1/2 */
- OPENSSL_sparcv9cap_P[0] |= SPARCV9_PREFER_FPU;
- }
-
- if (sysinfo(SI_ISALIST, si, sizeof(si)) > 0) {
- if (strstr(si, "+vis"))
- OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS1 | SPARCV9_BLK;
- if (strstr(si, "+vis2")) {
- OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS2;
- OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED;
- return;
- }
- }
-# ifdef M_KEEP
- /*
- * Solaris libdevinfo.so.1 is effectively incomatible with
- * libmalloc.so.1. Specifically, if application is linked with
- * -lmalloc, it crashes upon startup with SIGSEGV in
- * free(3LIBMALLOC) called by di_fini. Prior call to
- * mallopt(M_KEEP,0) somehow helps... But not always...
- */
- if ((h = dlopen(NULL, RTLD_LAZY))) {
- union {
- void *p;
- int (*f) (int, int);
- } sym;
- if ((sym.p = dlsym(h, "mallopt")))
- (*sym.f) (M_KEEP, 0);
- dlclose(h);
- }
-# endif
- if ((h = dlopen("libdevinfo.so.1", RTLD_LAZY)))
- do {
- di_init_t di_init;
- di_fini_t di_fini;
- di_walk_node_t di_walk_node;
- di_node_name_t di_node_name;
- di_node_t root_node;
-
- if (!DLLINK(h, di_init))
- break;
- if (!DLLINK(h, di_fini))
- break;
- if (!DLLINK(h, di_walk_node))
- break;
- if (!DLLINK(h, di_node_name))
- break;
-
- if ((root_node = (*di_init) ("/", DINFOSUBTREE)) != DI_NODE_NIL) {
- (*di_walk_node) (root_node, DI_WALK_SIBFIRST,
- di_node_name, walk_nodename);
- (*di_fini) (root_node);
- }
- } while (0);
-
- if (h)
- dlclose(h);
-}
-
-#else
-
static sigjmp_buf common_jmp;
static void common_handler(int sig)
{
@@ -307,13 +185,6 @@ void OPENSSL_cpuid_setup(void)
_sparcv9_vis3_probe();
OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS3;
}
-# if 0 /* was planned at some point but never
- * implemented in hardware */
- if (sigsetjmp(common_jmp, 1) == 0) {
- (void)_sparcv9_random();
- OPENSSL_sparcv9cap_P[0] |= SPARCV9_RANDOM;
- }
-# endif
/*
* In wait for better solution _sparcv9_rdcfr is masked by
@@ -342,5 +213,3 @@ void OPENSSL_cpuid_setup(void)
}
# endif
}
-
-#endif
diff --git a/crypto/x509v3/pcy_lib.c b/crypto/x509v3/pcy_lib.c
index dbb2983..58ce8a0 100644
--- a/crypto/x509v3/pcy_lib.c
+++ b/crypto/x509v3/pcy_lib.c
@@ -140,15 +140,6 @@ const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node)
return node->data->valid_policy;
}
-#if 0
-int X509_policy_node_get_critical(const X509_POLICY_NODE *node)
-{
- if (node_critical(node))
- return 1;
- return 0;
-}
-#endif
-
STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const
X509_POLICY_NODE
*node)
diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c
index d4b550e..cc52fa2 100644
--- a/crypto/x509v3/pcy_tree.c
+++ b/crypto/x509v3/pcy_tree.c
@@ -156,14 +156,10 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
int explicit_policy;
int any_skip;
int map_skip;
+
*ptree = NULL;
n = sk_X509_num(certs);
-#if 0
- /* Disable policy mapping for now... */
- flags |= X509_V_FLAG_INHIBIT_MAP;
-#endif
-
if (flags & X509_V_FLAG_EXPLICIT_POLICY)
explicit_policy = 0;
else
@@ -340,19 +336,6 @@ static int tree_link_nodes(X509_POLICY_LEVEL *curr,
for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++) {
data = sk_X509_POLICY_DATA_value(cache->data, i);
- /*
- * If a node is mapped any it doesn't have a corresponding
- * CertificatePolicies entry. However such an identical node would
- * be created if anyPolicy matching is enabled because there would be
- * no match with the parent valid_policy_set. So we create link
- * because then it will have the mapping flags right and we can prune
- * it later.
- */
-#if 0
- if ((data->flags & POLICY_DATA_FLAG_MAPPED_ANY)
- && !(curr->flags & X509_V_FLAG_INHIBIT_ANY))
- continue;
-#endif
/* Look for matching nodes in previous level */
if (!tree_link_matching_nodes(curr, data))
return 0;
@@ -432,9 +415,6 @@ static int tree_link_any(X509_POLICY_LEVEL *curr,
X509_POLICY_TREE *tree)
{
int i;
- /*
- * X509_POLICY_DATA *data;
- */
X509_POLICY_NODE *node;
X509_POLICY_LEVEL *last = curr - 1;
@@ -443,35 +423,6 @@ static int tree_link_any(X509_POLICY_LEVEL *curr,
if (!tree_link_unmatched(curr, cache, node, tree))
return 0;
-
-#if 0
-
- /*
- * Skip any node with any children: we only want unmathced nodes.
- * Note: need something better for policy mapping because each node
- * may have multiple children
- */
- if (node->nchild)
- continue;
-
- /*
- * Create a new node with qualifiers from anyPolicy and id from
- * unmatched node.
- */
- data = policy_data_new(NULL, node->data->valid_policy,
- node_critical(node));
-
- if (data == NULL)
- return 0;
- /* Curr may not have anyPolicy */
- data->qualifier_set = cache->anyPolicy->qualifier_set;
- data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
- if (!level_add_node(curr, data, node, tree)) {
- policy_data_free(data);
- return 0;
- }
-#endif
-
}
/* Finally add link to anyPolicy */
if (last->anyPolicy) {
diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c
index f65323b..1ad3999 100644
--- a/crypto/x509v3/v3_utl.c
+++ b/crypto/x509v3/v3_utl.c
@@ -307,9 +307,6 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
*p = 0;
ntmp = strip_spaces(q);
q = p + 1;
-#if 0
- printf("%s\n", ntmp);
-#endif
if (!ntmp) {
X509V3err(X509V3_F_X509V3_PARSE_LIST,
X509V3_R_INVALID_NULL_NAME);
@@ -324,9 +321,6 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
state = HDR_NAME;
*p = 0;
vtmp = strip_spaces(q);
-#if 0
- printf("%s\n", ntmp);
-#endif
if (!vtmp) {
X509V3err(X509V3_F_X509V3_PARSE_LIST,
X509V3_R_INVALID_NULL_VALUE);
@@ -342,9 +336,6 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
if (state == HDR_VALUE) {
vtmp = strip_spaces(q);
-#if 0
- printf("%s=%s\n", ntmp, vtmp);
-#endif
if (!vtmp) {
X509V3err(X509V3_F_X509V3_PARSE_LIST,
X509V3_R_INVALID_NULL_VALUE);
@@ -353,9 +344,6 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
X509V3_add_value(ntmp, vtmp, &values);
} else {
ntmp = strip_spaces(q);
-#if 0
- printf("%s\n", ntmp);
-#endif
if (!ntmp) {
X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME);
goto err;
diff --git a/demos/bio/server-arg.c b/demos/bio/server-arg.c
index 1d0e1db..7ba54db 100644
--- a/demos/bio/server-arg.c
+++ b/demos/bio/server-arg.c
@@ -72,7 +72,7 @@ int main(int argc, char *argv[])
ERR_print_errors_fp(stderr);
goto err;
}
-#if 0
+#ifdef ITERATE_CERTS
/*
* Demo of how to iterate over all certificates in an SSL_CTX structure.
*/
diff --git a/demos/engines/rsaref/rsaref.c b/demos/engines/rsaref/rsaref.c
index b6429de..d5a6e6c 100644
--- a/demos/engines/rsaref/rsaref.c
+++ b/demos/engines/rsaref/rsaref.c
@@ -36,9 +36,6 @@ static const char *engine_rsaref_name = "RSAref engine support";
static int rsaref_destroy(ENGINE *e);
static int rsaref_init(ENGINE *e);
static int rsaref_finish(ENGINE *e);
-#if 0
-static int rsaref_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) ());
-#endif
/*****************************************************************************
* Engine commands
diff --git a/demos/engines/zencod/hw_zencod.c b/demos/engines/zencod/hw_zencod.c
index 26ec3f6..1c76284 100644
--- a/demos/engines/zencod/hw_zencod.c
+++ b/demos/engines/zencod/hw_zencod.c
@@ -82,7 +82,7 @@
# define ZEN_LIBRARY "zenbridge"
-# if 0
+# ifdef ZENCOD_TRACING
# define PERROR(s) perror(s)
# define CHEESE() fputs("## [ZenEngine] ## " __FUNCTION__ "\n", stderr)
# else
diff --git a/demos/evp/aesgcm.c b/demos/evp/aesgcm.c
index 9159c5c..72028a0 100644
--- a/demos/evp/aesgcm.c
+++ b/demos/evp/aesgcm.c
@@ -85,13 +85,6 @@ void aes_gcm_decrypt(void)
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(gcm_iv), NULL);
/* Specify key and IV */
EVP_DecryptInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv);
-#if 0
- /*
- * Set expected tag value. A restriction in OpenSSL 1.0.1c and earlier
- * required the tag before any AAD or ciphertext
- */
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(gcm_tag), gcm_tag);
-#endif
/* Zero or more calls to specify any AAD */
EVP_DecryptUpdate(ctx, NULL, &outlen, gcm_aad, sizeof(gcm_aad));
/* Decrypt plaintext */
@@ -99,10 +92,7 @@ void aes_gcm_decrypt(void)
/* Output decrypted block */
printf("Plaintext:\n");
BIO_dump_fp(stdout, outbuf, outlen);
- /*
- * Set expected tag value. Works in OpenSSL 1.0.1d and later
- * In versions prior to OpenSSL 1.1.0 you should use EVP_CTRL_GCM_SET_TAG
- */
+ /* Set expected tag value. */
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(gcm_tag), gcm_tag);
/* Finalise: note get no output for GCM */
rv = EVP_DecryptFinal_ex(ctx, outbuf, &outlen);
diff --git a/demos/selfsign.c b/demos/selfsign.c
index 49228b9..0cc265c 100644
--- a/demos/selfsign.c
+++ b/demos/selfsign.c
@@ -136,7 +136,7 @@ int days;
X509_add_ext(x, ex, -1);
X509_EXTENSION_free(ex);
-#if 0
+#ifdef ADD_CA_CONSTRAINT
/* might want something like this too.... */
ex = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints,
"critical,CA:TRUE");
@@ -145,7 +145,7 @@ int days;
X509_EXTENSION_free(ex);
#endif
-#ifdef CUSTOM_EXT
+#ifdef ADD_A_CUSTOM_EXTENSION
/* Maybe even add our own extension based on existing */
{
int nid;
More information about the openssl-commits
mailing list