Remove SSL cert_flags.
These are never used and no flags are defined anyway.
Change-Id: I206dc2838c5f68d87559a702dcb299b208cc7e1e
Reviewed-on: https://boringssl-review.googlesource.com/4493
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 18967fb..f78c819 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -594,14 +594,6 @@
#define SSL_get_secure_renegotiation_support(ssl) \
SSL_ctrl((SSL *)(ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
-#define SSL_CTX_set_cert_flags(ctx, op) \
- SSL_CTX_ctrl((ctx), SSL_CTRL_CERT_FLAGS, (op), NULL)
-#define SSL_set_cert_flags(s, op) SSL_ctrl((s), SSL_CTRL_CERT_FLAGS, (op), NULL)
-#define SSL_CTX_clear_cert_flags(ctx, op) \
- SSL_CTX_ctrl((ctx), SSL_CTRL_CLEAR_CERT_FLAGS, (op), NULL)
-#define SSL_clear_cert_flags(s, op) \
- SSL_ctrl((s), SSL_CTRL_CLEAR_CERT_FLAGS, (op), NULL)
-
/* SSL_CTX_set_min_version sets the minimum protocol version for |ctx| to
* |version|. */
OPENSSL_EXPORT void SSL_CTX_set_min_version(SSL_CTX *ctx, uint16_t version);
@@ -1652,8 +1644,6 @@
#define SSL_CTRL_SET_CURVES_LIST 92
#define SSL_CTRL_SET_SIGALGS 97
#define SSL_CTRL_SET_SIGALGS_LIST 98
-#define SSL_CTRL_CERT_FLAGS 99
-#define SSL_CTRL_CLEAR_CERT_FLAGS 100
#define SSL_CTRL_SET_CLIENT_SIGALGS 101
#define SSL_CTRL_SET_CLIENT_SIGALGS_LIST 102
#define SSL_CTRL_GET_CLIENT_CERT_TYPES 103
diff --git a/ssl/internal.h b/ssl/internal.h
index c981394..acf5368 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -462,9 +462,6 @@
* keys. If NULL, a curve is selected automatically. See
* |SSL_CTX_set_tmp_ecdh_callback|. */
EC_KEY *(*ecdh_tmp_cb)(SSL *ssl, int is_export, int keysize);
-
- /* Flags related to certificates */
- unsigned int cert_flags;
CERT_PKEY pkeys[SSL_PKEY_NUM];
/* Server-only: client_certificate_types is list of certificate types to
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 313562b..384cf26 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -265,8 +265,6 @@
ret->num_client_certificate_types = cert->num_client_certificate_types;
}
- ret->cert_flags = cert->cert_flags;
-
ret->cert_cb = cert->cert_cb;
ret->cert_cb_arg = cert->cert_cb_arg;
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 2244dbd..038a2f2 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1067,12 +1067,6 @@
}
return 0;
- case SSL_CTRL_CERT_FLAGS:
- return s->cert->cert_flags |= larg;
-
- case SSL_CTRL_CLEAR_CERT_FLAGS:
- return s->cert->cert_flags &= ~larg;
-
case SSL_CTRL_GET_RAW_CIPHERLIST:
if (parg) {
if (s->cert->ciphers_raw == NULL) {
@@ -1183,12 +1177,6 @@
ctx->max_send_fragment = larg;
return 1;
- case SSL_CTRL_CERT_FLAGS:
- return ctx->cert->cert_flags |= larg;
-
- case SSL_CTRL_CLEAR_CERT_FLAGS:
- return ctx->cert->cert_flags &= ~larg;
-
default:
return ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg);
}
