generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Dead code cleanup: crypto/*.c, x509v3, demos

Browse Source 
Some of the #if 0 code in demo's was kept, but given helpful #ifdef
names, to show more sample code.

Reviewed-by: Andy Polyakov <appro@openssl.org>
This commit is contained in:
Rich Salz 2015-02-02 11:08:16 -05:00
parent 5da05a26f2
commit 7aa0b02246
10 changed files with 6 additions and 223 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/o_init.c
View File

@ -77,7 +77,4 @@ void OPENSSL_init(void)
FIPS_set_malloc_callbacks(CRYPTO_malloc, CRYPTO_free); FIPS_set_malloc_callbacks(CRYPTO_malloc, CRYPTO_free);
RAND_init_fips(); RAND_init_fips();
#endif #endif
#if 0
fprintf(stderr, "Called OPENSSL_init\n");
#endif
} }

131
crypto/sparcv9cap.c
View File

@ -109,128 +109,6 @@ size_t OPENSSL_instrument_bus2(unsigned int *out, size_t cnt, size_t max)
return 0; return 0;
} }
#if 0 && defined(__sun) && defined(__SVR4)
/*
* This code path is disabled, because of incompatibility of libdevinfo.so.1
* and libmalloc.so.1 (see below for details)
*/
# include <malloc.h>
# include <dlfcn.h>
# include <libdevinfo.h>
# include <sys/systeminfo.h>
typedef di_node_t(*di_init_t) (const char *, uint_t);
typedef void (*di_fini_t) (di_node_t);
typedef char *(*di_node_name_t) (di_node_t);
typedef int (*di_walk_node_t) (di_node_t, uint_t, di_node_name_t,
int (*)(di_node_t, di_node_name_t));
# define DLLINK(h,name) (name=(name##_t)dlsym((h),#name))
static int walk_nodename(di_node_t node, di_node_name_t di_node_name)
{
char *name = (*di_node_name) (node);
/* This is expected to catch all UltraSPARC flavors prior T1 */
if (!strcmp(name, "SUNW,UltraSPARC") ||
/* covers II,III,IV */
!strncmp(name, "SUNW,UltraSPARC-I", 17)) {
OPENSSL_sparcv9cap_P[0] |= SPARCV9_PREFER_FPU | SPARCV9_VIS1;
/* %tick is privileged only on UltraSPARC-I/II, but not IIe */
if (name[14] != '\0' && name[17] != '\0' && name[18] != '\0')
OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED;
return DI_WALK_TERMINATE;
}
/* This is expected to catch remaining UltraSPARCs, such as T1 */
else if (!strncmp(name, "SUNW,UltraSPARC", 15)) {
OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED;
return DI_WALK_TERMINATE;
}
return DI_WALK_CONTINUE;
}
void OPENSSL_cpuid_setup(void)
{
void *h;
char *e, si[256];
static int trigger = 0;
if (trigger)
return;
trigger = 1;
if ((e = getenv("OPENSSL_sparcv9cap"))) {
OPENSSL_sparcv9cap_P[0] = strtoul(e, NULL, 0);
return;
}
if (sysinfo(SI_MACHINE, si, sizeof(si)) > 0) {
if (strcmp(si, "sun4v"))
/* FPU is preferred for all CPUs, but US-T1/2 */
OPENSSL_sparcv9cap_P[0] |= SPARCV9_PREFER_FPU;
}
if (sysinfo(SI_ISALIST, si, sizeof(si)) > 0) {
if (strstr(si, "+vis"))
OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS1 | SPARCV9_BLK;
if (strstr(si, "+vis2")) {
OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS2;
OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED;
return;
}
}
# ifdef M_KEEP
/*
* Solaris libdevinfo.so.1 is effectively incomatible with
* libmalloc.so.1. Specifically, if application is linked with
* -lmalloc, it crashes upon startup with SIGSEGV in
* free(3LIBMALLOC) called by di_fini. Prior call to
* mallopt(M_KEEP,0) somehow helps... But not always...
*/
if ((h = dlopen(NULL, RTLD_LAZY))) {
union {
void *p;
int (*f) (int, int);
} sym;
if ((sym.p = dlsym(h, "mallopt")))
(*sym.f) (M_KEEP, 0);
dlclose(h);
}
# endif
if ((h = dlopen("libdevinfo.so.1", RTLD_LAZY)))
do {
di_init_t di_init;
di_fini_t di_fini;
di_walk_node_t di_walk_node;
di_node_name_t di_node_name;
di_node_t root_node;
if (!DLLINK(h, di_init))
break;
if (!DLLINK(h, di_fini))
break;
if (!DLLINK(h, di_walk_node))
break;
if (!DLLINK(h, di_node_name))
break;
if ((root_node = (*di_init) ("/", DINFOSUBTREE)) != DI_NODE_NIL) {
(*di_walk_node) (root_node, DI_WALK_SIBFIRST,
di_node_name, walk_nodename);
(*di_fini) (root_node);
}
} while (0);
if (h)
dlclose(h);
}
#else
static sigjmp_buf common_jmp; static sigjmp_buf common_jmp;
static void common_handler(int sig) static void common_handler(int sig)
{ {
@ -307,13 +185,6 @@ void OPENSSL_cpuid_setup(void)
_sparcv9_vis3_probe(); _sparcv9_vis3_probe();
OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS3; OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS3;
} }
# if 0 /* was planned at some point but never
* implemented in hardware */
if (sigsetjmp(common_jmp, 1) == 0) {
(void)_sparcv9_random();
OPENSSL_sparcv9cap_P[0] |= SPARCV9_RANDOM;
}
# endif
/* /*
* In wait for better solution _sparcv9_rdcfr is masked by * In wait for better solution _sparcv9_rdcfr is masked by
@ -342,5 +213,3 @@ void OPENSSL_cpuid_setup(void)
} }
# endif # endif
} }
#endif

9
crypto/x509v3/pcy_lib.c
View File

@ -140,15 +140,6 @@ const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node)
return node->data->valid_policy; return node->data->valid_policy;
} }
#if 0
int X509_policy_node_get_critical(const X509_POLICY_NODE *node)
{
if (node_critical(node))
return 1;
return 0;
}
#endif
STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const
X509_POLICY_NODE X509_POLICY_NODE
*node) *node)

51
crypto/x509v3/pcy_tree.c
View File

@ -156,14 +156,10 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
int explicit_policy; int explicit_policy;
int any_skip; int any_skip;
int map_skip; int map_skip;
*ptree = NULL; *ptree = NULL;
n = sk_X509_num(certs); n = sk_X509_num(certs);
#if 0
/* Disable policy mapping for now... */
flags |= X509_V_FLAG_INHIBIT_MAP;
#endif
if (flags & X509_V_FLAG_EXPLICIT_POLICY) if (flags & X509_V_FLAG_EXPLICIT_POLICY)
explicit_policy = 0; explicit_policy = 0;
else else
@ -340,19 +336,6 @@ static int tree_link_nodes(X509_POLICY_LEVEL *curr,
for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++) { for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++) {
data = sk_X509_POLICY_DATA_value(cache->data, i); data = sk_X509_POLICY_DATA_value(cache->data, i);
/*
* If a node is mapped any it doesn't have a corresponding
* CertificatePolicies entry. However such an identical node would
* be created if anyPolicy matching is enabled because there would be
* no match with the parent valid_policy_set. So we create link
* because then it will have the mapping flags right and we can prune
* it later.
*/
#if 0
if ((data->flags & POLICY_DATA_FLAG_MAPPED_ANY)
&& !(curr->flags & X509_V_FLAG_INHIBIT_ANY))
continue;
#endif
/* Look for matching nodes in previous level */ /* Look for matching nodes in previous level */
if (!tree_link_matching_nodes(curr, data)) if (!tree_link_matching_nodes(curr, data))
return 0; return 0;
@ -432,9 +415,6 @@ static int tree_link_any(X509_POLICY_LEVEL *curr,
X509_POLICY_TREE *tree) X509_POLICY_TREE *tree)
{ {
int i; int i;
/*
* X509_POLICY_DATA *data;
*/
X509_POLICY_NODE *node; X509_POLICY_NODE *node;
X509_POLICY_LEVEL *last = curr - 1; X509_POLICY_LEVEL *last = curr - 1;
@ -443,35 +423,6 @@ static int tree_link_any(X509_POLICY_LEVEL *curr,
if (!tree_link_unmatched(curr, cache, node, tree)) if (!tree_link_unmatched(curr, cache, node, tree))
return 0; return 0;
#if 0
/*
* Skip any node with any children: we only want unmathced nodes.
* Note: need something better for policy mapping because each node
* may have multiple children
*/
if (node->nchild)
continue;
/*
* Create a new node with qualifiers from anyPolicy and id from
* unmatched node.
*/
data = policy_data_new(NULL, node->data->valid_policy,
node_critical(node));
if (data == NULL)
return 0;
/* Curr may not have anyPolicy */
data->qualifier_set = cache->anyPolicy->qualifier_set;
data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
if (!level_add_node(curr, data, node, tree)) {
policy_data_free(data);
return 0;
}
#endif
} }
/* Finally add link to anyPolicy */ /* Finally add link to anyPolicy */
if (last->anyPolicy) { if (last->anyPolicy) {

12
crypto/x509v3/v3_utl.c
View File

@ -307,9 +307,6 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
*p = 0; *p = 0;
ntmp = strip_spaces(q); ntmp = strip_spaces(q);
q = p + 1; q = p + 1;
#if 0
printf("%s\n", ntmp);
#endif
if (!ntmp) { if (!ntmp) {
X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3err(X509V3_F_X509V3_PARSE_LIST,
X509V3_R_INVALID_NULL_NAME); X509V3_R_INVALID_NULL_NAME);
@ -324,9 +321,6 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
state = HDR_NAME; state = HDR_NAME;
*p = 0; *p = 0;
vtmp = strip_spaces(q); vtmp = strip_spaces(q);
#if 0
printf("%s\n", ntmp);
#endif
if (!vtmp) { if (!vtmp) {
X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3err(X509V3_F_X509V3_PARSE_LIST,
X509V3_R_INVALID_NULL_VALUE); X509V3_R_INVALID_NULL_VALUE);
@ -342,9 +336,6 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
if (state == HDR_VALUE) { if (state == HDR_VALUE) {
vtmp = strip_spaces(q); vtmp = strip_spaces(q);
#if 0
printf("%s=%s\n", ntmp, vtmp);
#endif
if (!vtmp) { if (!vtmp) {
X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3err(X509V3_F_X509V3_PARSE_LIST,
X509V3_R_INVALID_NULL_VALUE); X509V3_R_INVALID_NULL_VALUE);
@ -353,9 +344,6 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
X509V3_add_value(ntmp, vtmp, &values); X509V3_add_value(ntmp, vtmp, &values);
} else { } else {
ntmp = strip_spaces(q); ntmp = strip_spaces(q);
#if 0
printf("%s\n", ntmp);
#endif
if (!ntmp) { if (!ntmp) {
X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME); X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME);
goto err; goto err;

2
demos/bio/server-arg.c
View File

@ -72,7 +72,7 @@ int main(int argc, char *argv[])
ERR_print_errors_fp(stderr); ERR_print_errors_fp(stderr);
goto err; goto err;
} }
#if 0 #ifdef ITERATE_CERTS
/* /*
* Demo of how to iterate over all certificates in an SSL_CTX structure. * Demo of how to iterate over all certificates in an SSL_CTX structure.
*/ */

3
demos/engines/rsaref/rsaref.c
View File

@ -36,9 +36,6 @@ static const char *engine_rsaref_name = "RSAref engine support";
static int rsaref_destroy(ENGINE *e); static int rsaref_destroy(ENGINE *e);
static int rsaref_init(ENGINE *e); static int rsaref_init(ENGINE *e);
static int rsaref_finish(ENGINE *e); static int rsaref_finish(ENGINE *e);
#if 0
static int rsaref_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) ());
#endif
/***************************************************************************** /*****************************************************************************
* Engine commands * Engine commands

2
demos/engines/zencod/hw_zencod.c
View File

@ -82,7 +82,7 @@
# define ZEN_LIBRARY "zenbridge" # define ZEN_LIBRARY "zenbridge"
# if 0 # ifdef ZENCOD_TRACING
# define PERROR(s) perror(s) # define PERROR(s) perror(s)
# define CHEESE() fputs("## [ZenEngine] ## " __FUNCTION__ "\n", stderr) # define CHEESE() fputs("## [ZenEngine] ## " __FUNCTION__ "\n", stderr)
# else # else

12
demos/evp/aesgcm.c
View File

@ -85,13 +85,6 @@ void aes_gcm_decrypt(void)
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(gcm_iv), NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(gcm_iv), NULL);
/* Specify key and IV */ /* Specify key and IV */
EVP_DecryptInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv); EVP_DecryptInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv);
#if 0
/*
* Set expected tag value. A restriction in OpenSSL 1.0.1c and earlier
* required the tag before any AAD or ciphertext
*/
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(gcm_tag), gcm_tag);
#endif
/* Zero or more calls to specify any AAD */ /* Zero or more calls to specify any AAD */
EVP_DecryptUpdate(ctx, NULL, &outlen, gcm_aad, sizeof(gcm_aad)); EVP_DecryptUpdate(ctx, NULL, &outlen, gcm_aad, sizeof(gcm_aad));
/* Decrypt plaintext */ /* Decrypt plaintext */
@ -99,10 +92,7 @@ void aes_gcm_decrypt(void)
/* Output decrypted block */ /* Output decrypted block */
printf("Plaintext:\n"); printf("Plaintext:\n");
BIO_dump_fp(stdout, outbuf, outlen); BIO_dump_fp(stdout, outbuf, outlen);
/* /* Set expected tag value. */
* Set expected tag value. Works in OpenSSL 1.0.1d and later
* In versions prior to OpenSSL 1.1.0 you should use EVP_CTRL_GCM_SET_TAG
*/
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(gcm_tag), gcm_tag); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(gcm_tag), gcm_tag);
/* Finalise: note get no output for GCM */ /* Finalise: note get no output for GCM */
rv = EVP_DecryptFinal_ex(ctx, outbuf, &outlen); rv = EVP_DecryptFinal_ex(ctx, outbuf, &outlen);

4
demos/selfsign.c
View File

@ -136,7 +136,7 @@ int days;
X509_add_ext(x, ex, -1); X509_add_ext(x, ex, -1);
X509_EXTENSION_free(ex); X509_EXTENSION_free(ex);
#if 0 #ifdef ADD_CA_CONSTRAINT
/* might want something like this too.... */ /* might want something like this too.... */
ex = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints, ex = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints,
"critical,CA:TRUE"); "critical,CA:TRUE");
@ -145,7 +145,7 @@ int days;
X509_EXTENSION_free(ex); X509_EXTENSION_free(ex);
#endif #endif
#ifdef CUSTOM_EXT #ifdef ADD_A_CUSTOM_EXTENSION
/* Maybe even add our own extension based on existing */ /* Maybe even add our own extension based on existing */
{ {
int nid; int nid;