[Openvpn-devel] Remove superfluous x509_write_pem()

Message ID	20231122190125.120500-1-dazo+openvpn@eurephia.org
State	Not Applicable
Headers	show Return-Path: <openvpn-devel-bounces@lists.sourceforge.net> Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; From: David Sommerseth <dazo+openvpn@eurephia.org> To: openvpn-devel@lists.sourceforge.net Date: Wed, 22 Nov 2023 20:01:25 +0100 Message-Id: <20231122190125.120500-1-dazo+openvpn@eurephia.org> In-Reply-To: <20231122143110.58520-1-dazo+openvpn@eurephia.org> References: <20231122143110.58520-1-dazo+openvpn@eurephia.org> MIME-Version: 1.0 preview: From: David Sommerseth <davids@openvpn.net> After removing --tls-export-cert, this function was left in the code base with no other users. This was an oversight in the previous change. Removing it to avoid leaving dead code behind. Content analysis details: (-2.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [217.170.196.134 listed in list.dnswl.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record -0.0 T_SCC_BODY_TEXT_LINE No description available. Subject: [Openvpn-devel] [PATCH] Remove superfluous x509_write_pem() Precedence: list Cc: David Sommerseth <davids@openvpn.net> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox
Series	[Openvpn-devel] Remove superfluous x509_write_pem() \| expand [Openvpn-devel] Remove superfluous x509_write_pem()

Message ID

20231122190125.120500-1-dazo+openvpn@eurephia.org

State

Not Applicable

Headers

Received-SPF: pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) client-ip=216.105.38.7;
From: David Sommerseth <dazo+openvpn@eurephia.org>
To: openvpn-devel@lists.sourceforge.net
Date: Wed, 22 Nov 2023 20:01:25 +0100
Message-Id: <20231122190125.120500-1-dazo+openvpn@eurephia.org>
In-Reply-To: <20231122143110.58520-1-dazo+openvpn@eurephia.org>
References: <20231122143110.58520-1-dazo+openvpn@eurephia.org>
MIME-Version: 1.0
Subject: [Openvpn-devel] [PATCH] Remove superfluous x509_write_pem()
Precedence: list
Cc: David Sommerseth <davids@openvpn.net>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net

Series

[Openvpn-devel] Remove superfluous x509_write_pem() | expand

Commit Message

David Sommerseth Nov. 22, 2023, 7:01 p.m. UTC

From: David Sommerseth <davids@openvpn.net>

After removing --tls-export-cert, this function was left in the code
base with no other users.  This was an oversight in the previous
change.  Removing it to avoid leaving dead code behind.

Signed-off-by: David Sommerseth <davids@openvpn.net>
---
 src/openvpn/ssl_verify_backend.h | 11 -----------
 src/openvpn/ssl_verify_mbedtls.c |  7 -------
 src/openvpn/ssl_verify_openssl.c | 11 -----------
 3 files changed, 29 deletions(-)

diff --git a/src/openvpn/ssl_verify_backend.h b/src/openvpn/ssl_verify_backend.h
index 3b798811..d402b1f2 100644
--- a/src/openvpn/ssl_verify_backend.h
+++ b/src/openvpn/ssl_verify_backend.h
@@ -249,17 +249,6 @@  result_t x509_verify_cert_ku(openvpn_x509_cert_t *x509, const unsigned *const ex
  */
 result_t x509_verify_cert_eku(openvpn_x509_cert_t *x509, const char *const expected_oid);
 
-/*
- * Store the given certificate in pem format in a temporary file in tmp_dir
- *
- * @param cert          Certificate to store
- * @param tmp_dir       Temporary directory to store the directory
- * @param gc            gc_arena to store temporary objects in
- *
- *
- */
-result_t x509_write_pem(FILE *peercert_file, openvpn_x509_cert_t *peercert);
-
 /**
  * Return true iff a CRL is configured, but is not loaded.  This can be caused
  * by e.g. a CRL parsing error, a missing CRL file or CRL file permission
diff --git a/src/openvpn/ssl_verify_mbedtls.c b/src/openvpn/ssl_verify_mbedtls.c
index a1ddf8d0..4596843c 100644
--- a/src/openvpn/ssl_verify_mbedtls.c
+++ b/src/openvpn/ssl_verify_mbedtls.c
@@ -547,13 +547,6 @@  x509_verify_cert_eku(mbedtls_x509_crt *cert, const char *const expected_oid)
     return fFound;
 }
 
-result_t
-x509_write_pem(FILE *peercert_file, mbedtls_x509_crt *peercert)
-{
-    msg(M_WARN, "mbed TLS does not support writing peer certificate in PEM format");
-    return FAILURE;
-}
-
 bool
 tls_verify_crl_missing(const struct tls_options *opt)
 {
diff --git a/src/openvpn/ssl_verify_openssl.c b/src/openvpn/ssl_verify_openssl.c
index 3194c232..5afffc1f 100644
--- a/src/openvpn/ssl_verify_openssl.c
+++ b/src/openvpn/ssl_verify_openssl.c
@@ -762,17 +762,6 @@  x509_verify_cert_eku(X509 *x509, const char *const expected_oid)
     return fFound;
 }
 
-result_t
-x509_write_pem(FILE *peercert_file, X509 *peercert)
-{
-    if (PEM_write_X509(peercert_file, peercert) < 0)
-    {
-        msg(M_NONFATAL, "Failed to write peer certificate in PEM format");
-        return FAILURE;
-    }
-    return SUCCESS;
-}
-
 bool
 tls_verify_crl_missing(const struct tls_options *opt)
 {

[Openvpn-devel] Remove superfluous x509_write_pem()

Commit Message

Patch