[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Fri Jan 30 20:36:37 UTC 2015
The branch master has been updated
via 02a938c953b3e1ced71d9a832de1618f907eb96d (commit)
from 75d0ebef2aef7a2c77b27575b8da898e22f3ccd5 (commit)
- Log -----------------------------------------------------------------
commit 02a938c953b3e1ced71d9a832de1618f907eb96d
Author: Rich Salz <rsalz at openssl.org>
Date: Fri Jan 30 15:35:49 2015 -0500
Dead code removal: #if 0 asn1, pkcs7
Keep one #if 0 but rename the symbol to be more descriptive of what
it's doing (you can disable support for old broken Netscape software).
Reviewed-by: Tim Hudson <tjh at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/asn1/a_gentm.c | 51 ---------------------------
crypto/asn1/a_strex.c | 12 -------
crypto/asn1/a_time.c | 27 --------------
crypto/asn1/a_utctm.c | 87 ----------------------------------------------
crypto/asn1/asn1_lib.c | 6 ----
crypto/asn1/asn1_par.c | 4 ---
crypto/asn1/t_x509.c | 8 -----
crypto/asn1/tasn_prn.c | 9 -----
crypto/pkcs7/pk7_doit.c | 35 -------------------
crypto/pkcs7/pk7_smime.c | 9 ++---
10 files changed, 5 insertions(+), 243 deletions(-)
diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c
index db4510f..97011f8 100644
--- a/crypto/asn1/a_gentm.c
+++ b/crypto/asn1/a_gentm.c
@@ -66,57 +66,6 @@
#include <openssl/asn1.h>
#include "asn1_locl.h"
-#if 0
-
-int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
-{
-# ifdef CHARSET_EBCDIC
- /* KLUDGE! We convert to ascii before writing DER */
- int len;
- char tmp[24];
- ASN1_STRING tmpstr = *(ASN1_STRING *)a;
-
- len = tmpstr.length;
- ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len);
- tmpstr.data = tmp;
-
- a = (ASN1_GENERALIZEDTIME *)&tmpstr;
-# endif
- return (i2d_ASN1_bytes((ASN1_STRING *)a, pp,
- V_ASN1_GENERALIZEDTIME, V_ASN1_UNIVERSAL));
-}
-
-ASN1_GENERALIZEDTIME *d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a,
- unsigned char **pp,
- long length)
-{
- ASN1_GENERALIZEDTIME *ret = NULL;
-
- ret =
- (ASN1_GENERALIZEDTIME *)d2i_ASN1_bytes((ASN1_STRING **)a, pp, length,
- V_ASN1_GENERALIZEDTIME,
- V_ASN1_UNIVERSAL);
- if (ret == NULL) {
- ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ERR_R_NESTED_ASN1_ERROR);
- return (NULL);
- }
-# ifdef CHARSET_EBCDIC
- ascii2ebcdic(ret->data, ret->data, ret->length);
-# endif
- if (!ASN1_GENERALIZEDTIME_check(ret)) {
- ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ASN1_R_INVALID_TIME_FORMAT);
- goto err;
- }
-
- return (ret);
- err:
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- M_ASN1_GENERALIZEDTIME_free(ret);
- return (NULL);
-}
-
-#endif
-
int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d)
{
static const int min[9] = { 0, 0, 1, 1, 0, 0, 0, 0, 0 };
diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
index 765698f..1744853 100644
--- a/crypto/asn1/a_strex.c
+++ b/crypto/asn1/a_strex.c
@@ -83,18 +83,6 @@
* Three IO functions for sending data to memory, a BIO and and a FILE
* pointer.
*/
-#if 0 /* never used */
-static int send_mem_chars(void *arg, const void *buf, int len)
-{
- unsigned char **out = arg;
- if (!out)
- return 1;
- memcpy(*out, buf, len);
- *out += len;
- return 1;
-}
-#endif
-
static int send_bio_chars(void *arg, const void *buf, int len)
{
if (!arg)
diff --git a/crypto/asn1/a_time.c b/crypto/asn1/a_time.c
index 20e7c6d..7ff3de3 100644
--- a/crypto/asn1/a_time.c
+++ b/crypto/asn1/a_time.c
@@ -71,33 +71,6 @@ IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME)
IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME)
-#if 0
-int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
-{
-# ifdef CHARSET_EBCDIC
- /* KLUDGE! We convert to ascii before writing DER */
- char tmp[24];
- ASN1_STRING tmpstr;
-
- if (a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME) {
- int len;
-
- tmpstr = *(ASN1_STRING *)a;
- len = tmpstr.length;
- ebcdic2ascii(tmp, tmpstr.data,
- (len >= sizeof tmp) ? sizeof tmp : len);
- tmpstr.data = tmp;
- a = (ASN1_GENERALIZEDTIME *)&tmpstr;
- }
-# endif
- if (a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME)
- return (i2d_ASN1_bytes((ASN1_STRING *)a, pp,
- a->type, V_ASN1_UNIVERSAL));
- ASN1err(ASN1_F_I2D_ASN1_TIME, ASN1_R_EXPECTING_A_TIME);
- return -1;
-}
-#endif
-
ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t)
{
return ASN1_TIME_adj(s, t, 0, 0);
diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c
index e84e595..9b55284 100644
--- a/crypto/asn1/a_utctm.c
+++ b/crypto/asn1/a_utctm.c
@@ -62,53 +62,6 @@
#include <openssl/asn1.h>
#include "asn1_locl.h"
-#if 0
-int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp)
-{
-# ifndef CHARSET_EBCDIC
- return (i2d_ASN1_bytes((ASN1_STRING *)a, pp,
- V_ASN1_UTCTIME, V_ASN1_UNIVERSAL));
-# else
- /* KLUDGE! We convert to ascii before writing DER */
- int len;
- char tmp[24];
- ASN1_STRING x = *(ASN1_STRING *)a;
-
- len = x.length;
- ebcdic2ascii(tmp, x.data, (len >= sizeof tmp) ? sizeof tmp : len);
- x.data = tmp;
- return i2d_ASN1_bytes(&x, pp, V_ASN1_UTCTIME, V_ASN1_UNIVERSAL);
-# endif
-}
-
-ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp,
- long length)
-{
- ASN1_UTCTIME *ret = NULL;
-
- ret = (ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a, pp, length,
- V_ASN1_UTCTIME, V_ASN1_UNIVERSAL);
- if (ret == NULL) {
- ASN1err(ASN1_F_D2I_ASN1_UTCTIME, ERR_R_NESTED_ASN1_ERROR);
- return (NULL);
- }
-# ifdef CHARSET_EBCDIC
- ascii2ebcdic(ret->data, ret->data, ret->length);
-# endif
- if (!ASN1_UTCTIME_check(ret)) {
- ASN1err(ASN1_F_D2I_ASN1_UTCTIME, ASN1_R_INVALID_TIME_FORMAT);
- goto err;
- }
-
- return (ret);
- err:
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- M_ASN1_UTCTIME_free(ret);
- return (NULL);
-}
-
-#endif
-
int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d)
{
static const int min[8] = { 0, 1, 1, 0, 0, 0, 0, 0 };
@@ -309,43 +262,3 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
return -1;
return 0;
}
-
-#if 0
-time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s)
-{
- struct tm tm;
- int offset;
-
- memset(&tm, '\0', sizeof tm);
-
-# define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
- tm.tm_year = g2(s->data);
- if (tm.tm_year < 50)
- tm.tm_year += 100;
- tm.tm_mon = g2(s->data + 2) - 1;
- tm.tm_mday = g2(s->data + 4);
- tm.tm_hour = g2(s->data + 6);
- tm.tm_min = g2(s->data + 8);
- tm.tm_sec = g2(s->data + 10);
- if (s->data[12] == 'Z')
- offset = 0;
- else {
- offset = g2(s->data + 13) * 60 + g2(s->data + 15);
- if (s->data[12] == '-')
- offset = -offset;
- }
-# undef g2
-
- /*
- * FIXME: mktime assumes the current timezone
- * instead of UTC, and unless we rewrite OpenSSL
- * in Lisp we cannot locally change the timezone
- * without possibly interfering with other parts
- * of the program. timegm, which uses UTC, is
- * non-standard.
- * Also time_t is inappropriate for general
- * UTC times because it may a 32 bit type.
- */
- return mktime(&tm) - offset * 60;
-}
-#endif
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
index aaf5d85..bf84526 100644
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -137,12 +137,6 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
if (inf && !(ret & V_ASN1_CONSTRUCTED))
goto err;
-#if 0
- fprintf(stderr, "p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n",
- (int)p, *plength, omax, (int)*pp, (int)(p + *plength),
- (int)(omax + *pp));
-
-#endif
if (*plength > (omax - (p - *pp))) {
ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG);
/*
diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
index 98cf249..58d65ac 100644
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -123,11 +123,7 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
/* ASN1_BMPSTRING *bmp=NULL; */
int dump_indent;
-#if 0
- dump_indent = indent;
-#else
dump_indent = 6; /* Because we know BIO_dump_indent() */
-#endif
p = *pp;
tot = p + length;
op = p - 1;
diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c
index 0bdc2c2..667db26 100644
--- a/crypto/asn1/t_x509.c
+++ b/crypto/asn1/t_x509.c
@@ -166,14 +166,6 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags,
if (!(cflag & X509_FLAG_NO_SIGNAME)) {
if (X509_signature_print(bp, ci->signature, NULL) <= 0)
goto err;
-#if 0
- if (BIO_printf(bp, "%8sSignature Algorithm: ", "") <= 0)
- goto err;
- if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
- goto err;
- if (BIO_puts(bp, "\n") <= 0)
- goto err;
-#endif
}
if (!(cflag & X509_FLAG_NO_ISSUER)) {
diff --git a/crypto/asn1/tasn_prn.c b/crypto/asn1/tasn_prn.c
index d956030..94e220b 100644
--- a/crypto/asn1/tasn_prn.c
+++ b/crypto/asn1/tasn_prn.c
@@ -245,10 +245,6 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
break;
case ASN1_ITYPE_CHOICE:
-#if 0
- if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
- return 0;
-#endif
/* CHOICE type, get selector */
i = asn1_get_choice_selector(fld, it);
/* This should never happen... */
@@ -376,11 +372,6 @@ static int asn1_print_fsname(BIO *out, int indent,
static const char spaces[] = " ";
static const int nspaces = sizeof(spaces) - 1;
-#if 0
- if (!sname && !fname)
- return 1;
-#endif
-
while (indent > nspaces) {
if (BIO_write(out, spaces, nspaces) != nspaces)
return 0;
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index b4886f7..54b7b07 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -479,15 +479,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
}
if (evp_cipher != NULL) {
-#if 0
- unsigned char key[EVP_MAX_KEY_LENGTH];
- unsigned char iv[EVP_MAX_IV_LENGTH];
- unsigned char *p;
- int keylen, ivlen;
- int max;
- X509_OBJECT ret;
-#endif
-
if ((etmp = BIO_new(BIO_f_cipher())) == NULL) {
PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);
goto err;
@@ -593,22 +584,9 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
BIO_push(out, etmp);
etmp = NULL;
}
-#if 1
if (PKCS7_is_detached(p7) || (in_bio != NULL)) {
bio = in_bio;
} else {
-# if 0
- bio = BIO_new(BIO_s_mem());
- /*
- * We need to set this so that when we have read all the data, the
- * encrypt BIO, if present, will read EOF and encode the last few
- * bytes
- */
- BIO_set_mem_eof_return(bio, 0);
-
- if (data_body->length > 0)
- BIO_write(bio, (char *)data_body->data, data_body->length);
-# else
if (data_body->length > 0)
bio = BIO_new_mem_buf(data_body->data, data_body->length);
else {
@@ -617,11 +595,9 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
}
if (bio == NULL)
goto err;
-# endif
}
BIO_push(out, bio);
bio = NULL;
-#endif
if (0) {
err:
if (ek) {
@@ -1017,17 +993,6 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
}
if ((message_digest->length != (int)md_len) ||
(memcmp(message_digest->data, md_dat, md_len))) {
-#if 0
- {
- int ii;
- for (ii = 0; ii < message_digest->length; ii++)
- printf("%02X", message_digest->data[ii]);
- printf(" sent\n");
- for (ii = 0; ii < md_len; ii++)
- printf("%02X", md_dat[ii]);
- printf(" calc\n");
- }
-#endif
PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_DIGEST_FAILURE);
ret = -1;
goto err;
diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c
index dbd4100..e659af8 100644
--- a/crypto/pkcs7/pk7_smime.c
+++ b/crypto/pkcs7/pk7_smime.c
@@ -274,12 +274,13 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_CONTENT);
return 0;
}
-#if 0
+
/*
- * NB: this test commented out because some versions of Netscape
- * illegally include zero length content when signing data.
+ * Very old Netscape illegally included empty content with
+ * a detached signature. To not support that, enable the
+ * following flag.
*/
-
+#ifdef OPENSSL_DONT_SUPPORT_OLD_NETSCAPE
/* Check for data and content: two sets of data */
if (!PKCS7_get_detached(p7) && indata) {
PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CONTENT_AND_DATA_PRESENT);
More information about the openssl-commits
mailing list