Remove OPENSSL_ALLOW_PROXY_CERTS. One less random environment variable for us to be sensitive to. (We should probably unwind all this proxy cert stuff. I don't believe they are ever enabled.) Change-Id: I74993178679ea49e60c81d8416e502cbebf02ec9 Reviewed-on: https://boringssl-review.googlesource.com/8948 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

commit: 69e0a457a146252bde7270c4b32a557321c177e8 [log] [tgz]
author: David Benjamin <davidben@google.com> Tue Jul 26 12:59:20 2016 -0400
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Tue Jul 26 22:49:52 2016 +0000
tree: 9101950a77dc55ed74918f1261b04ce18d85a45a
parent: ac6a84bc7ac7fe15002c9466aedb5f311a62b88e [diff]
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index af05cdb..7363ec6 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c

@@ -588,12 +588,6 @@
     } else {
         allow_proxy_certs =
             ! !(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS);
-        /*
-         * A hack to keep people who don't want to modify their software
-         * happy
-         */
-        if (getenv("OPENSSL_ALLOW_PROXY_CERTS"))
-            allow_proxy_certs = 1;
         purpose = ctx->param->purpose;
     }
commit	69e0a457a146252bde7270c4b32a557321c177e8	[log] [tgz]
author	David Benjamin <davidben@google.com>	Tue Jul 26 12:59:20 2016 -0400
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Tue Jul 26 22:49:52 2016 +0000
tree	9101950a77dc55ed74918f1261b04ce18d85a45a
parent	ac6a84bc7ac7fe15002c9466aedb5f311a62b88e [diff]