From 7aa0b022460e1a7bfdf5c70e8cd084d916bac012 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Mon, 2 Feb 2015 11:08:16 -0500 Subject: [PATCH] Dead code cleanup: crypto/*.c, x509v3, demos Some of the #if 0 code in demo's was kept, but given helpful #ifdef names, to show more sample code. Reviewed-by: Andy Polyakov --- crypto/o_init.c | 3 - crypto/sparcv9cap.c | 131 ------------------------------- crypto/x509v3/pcy_lib.c | 9 --- crypto/x509v3/pcy_tree.c | 51 +----------- crypto/x509v3/v3_utl.c | 12 --- demos/bio/server-arg.c | 2 +- demos/engines/rsaref/rsaref.c | 3 - demos/engines/zencod/hw_zencod.c | 2 +- demos/evp/aesgcm.c | 12 +-- demos/selfsign.c | 4 +- 10 files changed, 6 insertions(+), 223 deletions(-) diff --git a/crypto/o_init.c b/crypto/o_init.c index 2088388128..b7b969b00b 100644 --- a/crypto/o_init.c +++ b/crypto/o_init.c @@ -77,7 +77,4 @@ void OPENSSL_init(void) FIPS_set_malloc_callbacks(CRYPTO_malloc, CRYPTO_free); RAND_init_fips(); #endif -#if 0 - fprintf(stderr, "Called OPENSSL_init\n"); -#endif } diff --git a/crypto/sparcv9cap.c b/crypto/sparcv9cap.c index 8bf2846929..1731ef65f1 100644 --- a/crypto/sparcv9cap.c +++ b/crypto/sparcv9cap.c @@ -109,128 +109,6 @@ size_t OPENSSL_instrument_bus2(unsigned int *out, size_t cnt, size_t max) return 0; } -#if 0 && defined(__sun) && defined(__SVR4) -/* - * This code path is disabled, because of incompatibility of libdevinfo.so.1 - * and libmalloc.so.1 (see below for details) - */ -# include -# include -# include -# include - -typedef di_node_t(*di_init_t) (const char *, uint_t); -typedef void (*di_fini_t) (di_node_t); -typedef char *(*di_node_name_t) (di_node_t); -typedef int (*di_walk_node_t) (di_node_t, uint_t, di_node_name_t, - int (*)(di_node_t, di_node_name_t)); - -# define DLLINK(h,name) (name=(name##_t)dlsym((h),#name)) - -static int walk_nodename(di_node_t node, di_node_name_t di_node_name) -{ - char *name = (*di_node_name) (node); - - /* This is expected to catch all UltraSPARC flavors prior T1 */ - if (!strcmp(name, "SUNW,UltraSPARC") || - /* covers II,III,IV */ - !strncmp(name, "SUNW,UltraSPARC-I", 17)) { - OPENSSL_sparcv9cap_P[0] |= SPARCV9_PREFER_FPU | SPARCV9_VIS1; - - /* %tick is privileged only on UltraSPARC-I/II, but not IIe */ - if (name[14] != '\0' && name[17] != '\0' && name[18] != '\0') - OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED; - - return DI_WALK_TERMINATE; - } - /* This is expected to catch remaining UltraSPARCs, such as T1 */ - else if (!strncmp(name, "SUNW,UltraSPARC", 15)) { - OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED; - - return DI_WALK_TERMINATE; - } - - return DI_WALK_CONTINUE; -} - -void OPENSSL_cpuid_setup(void) -{ - void *h; - char *e, si[256]; - static int trigger = 0; - - if (trigger) - return; - trigger = 1; - - if ((e = getenv("OPENSSL_sparcv9cap"))) { - OPENSSL_sparcv9cap_P[0] = strtoul(e, NULL, 0); - return; - } - - if (sysinfo(SI_MACHINE, si, sizeof(si)) > 0) { - if (strcmp(si, "sun4v")) - /* FPU is preferred for all CPUs, but US-T1/2 */ - OPENSSL_sparcv9cap_P[0] |= SPARCV9_PREFER_FPU; - } - - if (sysinfo(SI_ISALIST, si, sizeof(si)) > 0) { - if (strstr(si, "+vis")) - OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS1 | SPARCV9_BLK; - if (strstr(si, "+vis2")) { - OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS2; - OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED; - return; - } - } -# ifdef M_KEEP - /* - * Solaris libdevinfo.so.1 is effectively incomatible with - * libmalloc.so.1. Specifically, if application is linked with - * -lmalloc, it crashes upon startup with SIGSEGV in - * free(3LIBMALLOC) called by di_fini. Prior call to - * mallopt(M_KEEP,0) somehow helps... But not always... - */ - if ((h = dlopen(NULL, RTLD_LAZY))) { - union { - void *p; - int (*f) (int, int); - } sym; - if ((sym.p = dlsym(h, "mallopt"))) - (*sym.f) (M_KEEP, 0); - dlclose(h); - } -# endif - if ((h = dlopen("libdevinfo.so.1", RTLD_LAZY))) - do { - di_init_t di_init; - di_fini_t di_fini; - di_walk_node_t di_walk_node; - di_node_name_t di_node_name; - di_node_t root_node; - - if (!DLLINK(h, di_init)) - break; - if (!DLLINK(h, di_fini)) - break; - if (!DLLINK(h, di_walk_node)) - break; - if (!DLLINK(h, di_node_name)) - break; - - if ((root_node = (*di_init) ("/", DINFOSUBTREE)) != DI_NODE_NIL) { - (*di_walk_node) (root_node, DI_WALK_SIBFIRST, - di_node_name, walk_nodename); - (*di_fini) (root_node); - } - } while (0); - - if (h) - dlclose(h); -} - -#else - static sigjmp_buf common_jmp; static void common_handler(int sig) { @@ -307,13 +185,6 @@ void OPENSSL_cpuid_setup(void) _sparcv9_vis3_probe(); OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS3; } -# if 0 /* was planned at some point but never - * implemented in hardware */ - if (sigsetjmp(common_jmp, 1) == 0) { - (void)_sparcv9_random(); - OPENSSL_sparcv9cap_P[0] |= SPARCV9_RANDOM; - } -# endif /* * In wait for better solution _sparcv9_rdcfr is masked by @@ -342,5 +213,3 @@ void OPENSSL_cpuid_setup(void) } # endif } - -#endif diff --git a/crypto/x509v3/pcy_lib.c b/crypto/x509v3/pcy_lib.c index dbb29835fa..58ce8a0d12 100644 --- a/crypto/x509v3/pcy_lib.c +++ b/crypto/x509v3/pcy_lib.c @@ -140,15 +140,6 @@ const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node) return node->data->valid_policy; } -#if 0 -int X509_policy_node_get_critical(const X509_POLICY_NODE *node) -{ - if (node_critical(node)) - return 1; - return 0; -} -#endif - STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const X509_POLICY_NODE *node) diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c index d4b550e4cf..cc52fa2de7 100644 --- a/crypto/x509v3/pcy_tree.c +++ b/crypto/x509v3/pcy_tree.c @@ -156,14 +156,10 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, int explicit_policy; int any_skip; int map_skip; + *ptree = NULL; n = sk_X509_num(certs); -#if 0 - /* Disable policy mapping for now... */ - flags |= X509_V_FLAG_INHIBIT_MAP; -#endif - if (flags & X509_V_FLAG_EXPLICIT_POLICY) explicit_policy = 0; else @@ -340,19 +336,6 @@ static int tree_link_nodes(X509_POLICY_LEVEL *curr, for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++) { data = sk_X509_POLICY_DATA_value(cache->data, i); - /* - * If a node is mapped any it doesn't have a corresponding - * CertificatePolicies entry. However such an identical node would - * be created if anyPolicy matching is enabled because there would be - * no match with the parent valid_policy_set. So we create link - * because then it will have the mapping flags right and we can prune - * it later. - */ -#if 0 - if ((data->flags & POLICY_DATA_FLAG_MAPPED_ANY) - && !(curr->flags & X509_V_FLAG_INHIBIT_ANY)) - continue; -#endif /* Look for matching nodes in previous level */ if (!tree_link_matching_nodes(curr, data)) return 0; @@ -432,9 +415,6 @@ static int tree_link_any(X509_POLICY_LEVEL *curr, X509_POLICY_TREE *tree) { int i; - /* - * X509_POLICY_DATA *data; - */ X509_POLICY_NODE *node; X509_POLICY_LEVEL *last = curr - 1; @@ -443,35 +423,6 @@ static int tree_link_any(X509_POLICY_LEVEL *curr, if (!tree_link_unmatched(curr, cache, node, tree)) return 0; - -#if 0 - - /* - * Skip any node with any children: we only want unmathced nodes. - * Note: need something better for policy mapping because each node - * may have multiple children - */ - if (node->nchild) - continue; - - /* - * Create a new node with qualifiers from anyPolicy and id from - * unmatched node. - */ - data = policy_data_new(NULL, node->data->valid_policy, - node_critical(node)); - - if (data == NULL) - return 0; - /* Curr may not have anyPolicy */ - data->qualifier_set = cache->anyPolicy->qualifier_set; - data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS; - if (!level_add_node(curr, data, node, tree)) { - policy_data_free(data); - return 0; - } -#endif - } /* Finally add link to anyPolicy */ if (last->anyPolicy) { diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c index f65323be05..1ad3999c92 100644 --- a/crypto/x509v3/v3_utl.c +++ b/crypto/x509v3/v3_utl.c @@ -307,9 +307,6 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) *p = 0; ntmp = strip_spaces(q); q = p + 1; -#if 0 - printf("%s\n", ntmp); -#endif if (!ntmp) { X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME); @@ -324,9 +321,6 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) state = HDR_NAME; *p = 0; vtmp = strip_spaces(q); -#if 0 - printf("%s\n", ntmp); -#endif if (!vtmp) { X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_VALUE); @@ -342,9 +336,6 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) if (state == HDR_VALUE) { vtmp = strip_spaces(q); -#if 0 - printf("%s=%s\n", ntmp, vtmp); -#endif if (!vtmp) { X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_VALUE); @@ -353,9 +344,6 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) X509V3_add_value(ntmp, vtmp, &values); } else { ntmp = strip_spaces(q); -#if 0 - printf("%s\n", ntmp); -#endif if (!ntmp) { X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME); goto err; diff --git a/demos/bio/server-arg.c b/demos/bio/server-arg.c index 1d0e1db234..7ba54dbe50 100644 --- a/demos/bio/server-arg.c +++ b/demos/bio/server-arg.c @@ -72,7 +72,7 @@ int main(int argc, char *argv[]) ERR_print_errors_fp(stderr); goto err; } -#if 0 +#ifdef ITERATE_CERTS /* * Demo of how to iterate over all certificates in an SSL_CTX structure. */ diff --git a/demos/engines/rsaref/rsaref.c b/demos/engines/rsaref/rsaref.c index b6429de1a7..d5a6e6c833 100644 --- a/demos/engines/rsaref/rsaref.c +++ b/demos/engines/rsaref/rsaref.c @@ -36,9 +36,6 @@ static const char *engine_rsaref_name = "RSAref engine support"; static int rsaref_destroy(ENGINE *e); static int rsaref_init(ENGINE *e); static int rsaref_finish(ENGINE *e); -#if 0 -static int rsaref_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) ()); -#endif /***************************************************************************** * Engine commands diff --git a/demos/engines/zencod/hw_zencod.c b/demos/engines/zencod/hw_zencod.c index 26ec3f6d1f..1c76284544 100644 --- a/demos/engines/zencod/hw_zencod.c +++ b/demos/engines/zencod/hw_zencod.c @@ -82,7 +82,7 @@ # define ZEN_LIBRARY "zenbridge" -# if 0 +# ifdef ZENCOD_TRACING # define PERROR(s) perror(s) # define CHEESE() fputs("## [ZenEngine] ## " __FUNCTION__ "\n", stderr) # else diff --git a/demos/evp/aesgcm.c b/demos/evp/aesgcm.c index 9159c5c00f..72028a04a0 100644 --- a/demos/evp/aesgcm.c +++ b/demos/evp/aesgcm.c @@ -85,13 +85,6 @@ void aes_gcm_decrypt(void) EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(gcm_iv), NULL); /* Specify key and IV */ EVP_DecryptInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv); -#if 0 - /* - * Set expected tag value. A restriction in OpenSSL 1.0.1c and earlier - * required the tag before any AAD or ciphertext - */ - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(gcm_tag), gcm_tag); -#endif /* Zero or more calls to specify any AAD */ EVP_DecryptUpdate(ctx, NULL, &outlen, gcm_aad, sizeof(gcm_aad)); /* Decrypt plaintext */ @@ -99,10 +92,7 @@ void aes_gcm_decrypt(void) /* Output decrypted block */ printf("Plaintext:\n"); BIO_dump_fp(stdout, outbuf, outlen); - /* - * Set expected tag value. Works in OpenSSL 1.0.1d and later - * In versions prior to OpenSSL 1.1.0 you should use EVP_CTRL_GCM_SET_TAG - */ + /* Set expected tag value. */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(gcm_tag), gcm_tag); /* Finalise: note get no output for GCM */ rv = EVP_DecryptFinal_ex(ctx, outbuf, &outlen); diff --git a/demos/selfsign.c b/demos/selfsign.c index 49228b9c16..0cc265c597 100644 --- a/demos/selfsign.c +++ b/demos/selfsign.c @@ -136,7 +136,7 @@ int days; X509_add_ext(x, ex, -1); X509_EXTENSION_free(ex); -#if 0 +#ifdef ADD_CA_CONSTRAINT /* might want something like this too.... */ ex = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints, "critical,CA:TRUE"); @@ -145,7 +145,7 @@ int days; X509_EXTENSION_free(ex); #endif -#ifdef CUSTOM_EXT +#ifdef ADD_A_CUSTOM_EXTENSION /* Maybe even add our own extension based on existing */ { int nid; -- 2.40.0