commit 263eac02f5c27ad91c1514c93246b84980f73c97
author David Benjamin <davidben@chromium.org> Tue Dec 16 06:20:56 2014 -0500
committer Adam Langley <agl@google.com> Tue Dec 16 19:10:44 2014 +0000
tree ccb9a30f16c8415ae9ee9cb47ae0adaff2a3e534
parent 9cf708807c3dac2ddab893410af82423ac266830

Remove X509 parameter from ssl_cert_type.

No current use of ssl_cert_type passes a NULL EVP_PKEY, so it can be simplified
a little.

Change-Id: I2052cc3b6069cd30e4685ba8a6d0014016a4d712
Reviewed-on: https://boringssl-review.googlesource.com/2620
Reviewed-by: Adam Langley <agl@google.com>

ssl/s3_both.c

diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index 8ce5681..215082d 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -497,29 +497,15 @@
   return 1;
 }
 
-int ssl_cert_type(X509 *x, EVP_PKEY *pkey) {
-  EVP_PKEY *pk = pkey;
-  int ret = -1;
-
-  if (pk == NULL) {
-    pk = X509_get_pubkey(x);
+int ssl_cert_type(EVP_PKEY *pkey) {
+  switch (pkey->type) {
+    case EVP_PKEY_RSA:
+      return SSL_PKEY_RSA_ENC;
+    case EVP_PKEY_EC:
+      return SSL_PKEY_ECC;
+    default:
+      return -1;
   }
-
-  if (pk == NULL) {
-    goto err;
-  }
-
-  if (pk->type == EVP_PKEY_RSA) {
-    ret = SSL_PKEY_RSA_ENC;
-  } else if (pk->type == EVP_PKEY_EC) {
-    ret = SSL_PKEY_ECC;
-  }
-
-err:
-  if (!pkey) {
-    EVP_PKEY_free(pk);
-  }
-  return ret;
 }
 
 int ssl_verify_alarm_type(long type) {

ssl/s3_clnt.c

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 79f3c3a..c200084 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1026,7 +1026,7 @@
 		goto f_err;
 		}
 
-	i=ssl_cert_type(x,pkey);
+	i = ssl_cert_type(pkey);
 	if (i < 0)
 		{
 		x=NULL;

ssl/ssl_locl.h

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 4e5aa44..26e3edc 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -729,7 +729,7 @@
 int ssl_undefined_const_function(const SSL *s);
 CERT_PKEY *ssl_get_server_send_pkey(const SSL *s);
 EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *c);
-int ssl_cert_type(X509 *x,EVP_PKEY *pkey);
+int ssl_cert_type(EVP_PKEY *pkey);
 
 /* ssl_get_compatible_server_ciphers determines the key exchange and
  * authentication cipher suite masks compatible with the server configuration

ssl/ssl_rsa.c

diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index 32469a2..bb91b7d 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -183,7 +183,7 @@
 	{
 	int i;
 
-	i=ssl_cert_type(NULL,pkey);
+	i=ssl_cert_type(pkey);
 	if (i < 0)
 		{
 		OPENSSL_PUT_ERROR(SSL, ssl_set_pkey, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
@@ -394,7 +394,7 @@
 		return(0);
 		}
 
-	i=ssl_cert_type(x,pkey);
+	i=ssl_cert_type(pkey);
 	if (i < 0)
 		{
 		OPENSSL_PUT_ERROR(SSL, ssl_set_cert, SSL_R_UNKNOWN_CERTIFICATE_TYPE);