From f79f0de8c9ca0056c2e30adc1e6d870b9c25ca41 Mon Sep 17 00:00:00 2001 From: Alessandro Ghedini Date: Thu, 8 Oct 2015 22:00:27 +0200 Subject: Remove useless code RT#4081 Reviewed-by: Rich Salz Reviewed-by: Richard Levitte (cherry picked from commit 070c23325af4526c9a8532a60d63522c58d5554b) --- apps/apps.c | 3 --- apps/ca.c | 12 +++--------- apps/ecparam.c | 2 -- apps/engine.c | 5 ----- crypto/bio/b_dump.c | 1 - crypto/dsa/dsa_gen.c | 12 ++---------- crypto/evp/e_aes_cbc_hmac_sha256.c | 2 -- crypto/ocsp/ocsp_lib.c | 6 ------ crypto/ocsp/ocsp_prn.c | 3 +-- crypto/pem/pvkfmt.c | 2 -- crypto/pkcs7/pk7_doit.c | 1 - crypto/x509/x509_lu.c | 2 -- ssl/s3_clnt.c | 1 - ssl/s3_srvr.c | 1 - 14 files changed, 6 insertions(+), 47 deletions(-) diff --git a/apps/apps.c b/apps/apps.c index 68287b1..2e77805 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -119,9 +119,6 @@ #include #include #include -#if !defined(OPENSSL_SYSNAME_WIN32) && !defined(OPENSSL_SYSNAME_WINCE) && !defined(NETWARE_CLIB) -# include -#endif #include #include #include diff --git a/apps/ca.c b/apps/ca.c index 3b7336c..7fb9285 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -99,25 +99,19 @@ #undef PROG #define PROG ca_main -#define BASE_SECTION "ca" -#define CONFIG_FILE "openssl.cnf" +#define BASE_SECTION "ca" +#define CONFIG_FILE "openssl.cnf" #define ENV_DEFAULT_CA "default_ca" -#define STRING_MASK "string_mask" +#define STRING_MASK "string_mask" #define UTF8_IN "utf8" -#define ENV_DIR "dir" -#define ENV_CERTS "certs" -#define ENV_CRL_DIR "crl_dir" -#define ENV_CA_DB "CA_DB" #define ENV_NEW_CERTS_DIR "new_certs_dir" #define ENV_CERTIFICATE "certificate" #define ENV_SERIAL "serial" #define ENV_CRLNUMBER "crlnumber" -#define ENV_CRL "crl" #define ENV_PRIVATE_KEY "private_key" -#define ENV_RANDFILE "RANDFILE" #define ENV_DEFAULT_DAYS "default_days" #define ENV_DEFAULT_STARTDATE "default_startdate" #define ENV_DEFAULT_ENDDATE "default_enddate" diff --git a/apps/ecparam.c b/apps/ecparam.c index f09c802..71b67f4 100644 --- a/apps/ecparam.c +++ b/apps/ecparam.c @@ -416,8 +416,6 @@ int MAIN(int argc, char **argv) } if (check) { - if (group == NULL) - BIO_printf(bio_err, "no elliptic curve parameters\n"); BIO_printf(bio_err, "checking elliptic curve parameters: "); if (!EC_GROUP_check(group, NULL)) { BIO_printf(bio_err, "failed\n"); diff --git a/apps/engine.c b/apps/engine.c index 3d70cac..460ec60 100644 --- a/apps/engine.c +++ b/apps/engine.c @@ -99,8 +99,6 @@ static void identity(char *ptr) static int append_buf(char **buf, const char *s, int *size, int step) { - int l = strlen(s); - if (*buf == NULL) { *size = step; *buf = OPENSSL_malloc(*size); @@ -109,9 +107,6 @@ static int append_buf(char **buf, const char *s, int *size, int step) **buf = '\0'; } - if (**buf != '\0') - l += 2; /* ", " */ - if (strlen(*buf) + strlen(s) >= (unsigned int)*size) { *size += step; *buf = OPENSSL_realloc(*buf, *size); diff --git a/crypto/bio/b_dump.c b/crypto/bio/b_dump.c index ed8e521..ccf0e28 100644 --- a/crypto/bio/b_dump.c +++ b/crypto/bio/b_dump.c @@ -104,7 +104,6 @@ int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u), if ((rows * dump_width) < len) rows++; for (i = 0; i < rows; i++) { - buf[0] = '\0'; /* start with empty string */ BUF_strlcpy(buf, str, sizeof buf); BIO_snprintf(tmp, sizeof tmp, "%04x - ", i * dump_width); BUF_strlcat(buf, tmp, sizeof buf); diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c index 1256a8e..15f3bb4 100644 --- a/crypto/dsa/dsa_gen.c +++ b/crypto/dsa/dsa_gen.c @@ -114,16 +114,8 @@ int DSA_generate_parameters_ex(DSA *ret, int bits, } # endif else { - const EVP_MD *evpmd; - size_t qbits = bits >= 2048 ? 256 : 160; - - if (bits >= 2048) { - qbits = 256; - evpmd = EVP_sha256(); - } else { - qbits = 160; - evpmd = EVP_sha1(); - } + const EVP_MD *evpmd = bits >= 2048 ? EVP_sha256() : EVP_sha1(); + size_t qbits = EVP_MD_size(evpmd) * 8; return dsa_builtin_paramgen(ret, bits, qbits, evpmd, seed_in, seed_len, NULL, counter_ret, diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c index b1c586e..028658b 100644 --- a/crypto/evp/e_aes_cbc_hmac_sha256.c +++ b/crypto/evp/e_aes_cbc_hmac_sha256.c @@ -816,8 +816,6 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, if (arg != EVP_AEAD_TLS1_AAD_LEN) return -1; - len = p[arg - 2] << 8 | p[arg - 1]; - if (ctx->encrypt) { key->payload_length = len; if ((key->aux.tls_ver = diff --git a/crypto/ocsp/ocsp_lib.c b/crypto/ocsp/ocsp_lib.c index 442a5b6..cabf539 100644 --- a/crypto/ocsp/ocsp_lib.c +++ b/crypto/ocsp/ocsp_lib.c @@ -246,12 +246,6 @@ int OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath, if ((p = strchr(p, ':'))) { *p = 0; port = p + 1; - } else { - /* Not found: set default port */ - if (*pssl) - port = "443"; - else - port = "80"; } *pport = BUF_strdup(port); diff --git a/crypto/ocsp/ocsp_prn.c b/crypto/ocsp/ocsp_prn.c index 1834256..47d5f83 100644 --- a/crypto/ocsp/ocsp_prn.c +++ b/crypto/ocsp/ocsp_prn.c @@ -212,8 +212,7 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE *o, unsigned long flags) return 1; } - i = ASN1_STRING_length(rb->response); - if (!(br = OCSP_response_get1_basic(o))) + if ((br = OCSP_response_get1_basic(o)) == NULL) goto err; rd = br->tbsResponseData; l = ASN1_INTEGER_get(rd->version); diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c index 54df0b4..82d4527 100644 --- a/crypto/pem/pvkfmt.c +++ b/crypto/pem/pvkfmt.c @@ -624,13 +624,11 @@ static int do_PVK_header(const unsigned char **in, unsigned int length, PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT); return 0; } - length -= 20; } else { if (length < 24) { PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT); return 0; } - length -= 24; pvk_magic = read_ledword(&p); if (pvk_magic != MS_PVKMAGIC) { PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_BAD_MAGIC_NUMBER); diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index c8d7db0..83f3b77 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -1156,7 +1156,6 @@ PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx) rsk = p7->d.signed_and_enveloped->recipientinfo; if (rsk == NULL) return NULL; - ri = sk_PKCS7_RECIP_INFO_value(rsk, 0); if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx) return (NULL); ri = sk_PKCS7_RECIP_INFO_value(rsk, idx); diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index b0d6539..50120a4 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -536,8 +536,6 @@ STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm) X509_OBJECT *obj, xobj; sk = sk_X509_CRL_new_null(); CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); - /* Check cache first */ - idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt); /* * Always do lookup to possibly add new CRLs to cache diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index a6209e7..c5e0e36 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -3389,7 +3389,6 @@ int ssl3_send_client_certificate(SSL *s) * If we get an error, we need to ssl->rwstate=SSL_X509_LOOKUP; * return(-1); We then get retied later */ - i = 0; i = ssl_do_client_cert_cb(s, &x509, &pkey); if (i < 0) { s->rwstate = SSL_X509_LOOKUP; diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index a355fde..704289a 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -383,7 +383,6 @@ int ssl3_accept(SSL *s) */ if (al != TLS1_AD_UNKNOWN_PSK_IDENTITY) SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_CLIENTHELLO_TLSEXT); - ret = SSL_TLSEXT_ERR_ALERT_FATAL; ret = -1; s->state = SSL_ST_ERR; goto end; -- 1.7.12.1