diff options
author | Scott Deboy <sdeboy@secondstryke.com> | 2013-06-18 14:34:38 -0700 |
---|---|---|
committer | Ben Laurie <ben@links.org> | 2013-09-06 13:59:13 +0100 |
commit | 36086186a9b90cdad0d2cd0a598a10f03f8f4bcc (patch) | |
tree | a145840fa49b4951e052274b00a6cd9296964954 /ssl/ssl_cert.c | |
parent | cda01d55ba9f238d8892c8e909580030ea5b3ebd (diff) | |
download | openssl-36086186a9b90cdad0d2cd0a598a10f03f8f4bcc.tar.gz |
Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions)
Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API
Tests exercising the new supplemental data registration and callback api can be found in ssltest.c.
Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation.
Diffstat (limited to 'ssl/ssl_cert.c')
-rw-r--r-- | ssl/ssl_cert.c | 22 |
1 files changed, 0 insertions, 22 deletions
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 81b5811fd7..d442e5418f 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -330,23 +330,6 @@ CERT *ssl_cert_dup(CERT *cert) } rpk->valid_flags = 0; #ifndef OPENSSL_NO_TLSEXT - if (cert->pkeys[i].authz != NULL) - { - /* Just copy everything. */ - ret->pkeys[i].authz_length = - cert->pkeys[i].authz_length; - ret->pkeys[i].authz = - OPENSSL_malloc(ret->pkeys[i].authz_length); - if (ret->pkeys[i].authz == NULL) - { - SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE); - return NULL; - } - memcpy(ret->pkeys[i].authz, - cert->pkeys[i].authz, - cert->pkeys[i].authz_length); - } - if (cert->pkeys[i].serverinfo != NULL) { /* Just copy everything. */ @@ -479,11 +462,6 @@ void ssl_cert_clear_certs(CERT *c) cpk->chain = NULL; } #ifndef OPENSSL_NO_TLSEXT - if (cpk->authz) - { - OPENSSL_free(cpk->authz); - cpk->authz = NULL; - } if (cpk->serverinfo) { OPENSSL_free(cpk->serverinfo); |