From fc16d9cec8b013a5f1a6fbe69abe781b1dd8c0e5 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 5 Jun 2015 00:02:17 +0200 Subject: openssl: remove dummy callback use from SSL_CTX_set_verify() The existing callback served no purpose. --- lib/vtls/openssl.c | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index eb2cf5bf5..240295b6f 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -716,17 +716,6 @@ static int x509_name_oneline(X509_NAME *a, char *buf, size_t size) #endif } -static -int cert_verify_callback(int ok, X509_STORE_CTX *ctx) -{ - X509 *err_cert; - char buf[256]; - - err_cert=X509_STORE_CTX_get_current_cert(ctx); - (void)x509_name_oneline(X509_get_subject_name(err_cert), buf, sizeof(buf)); - return ok; -} - /* Return error string for last OpenSSL error */ static char *SSL_strerror(unsigned long error, char *buf, size_t size) @@ -2079,7 +2068,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) * SSL_get_verify_result() below. */ SSL_CTX_set_verify(connssl->ctx, data->set.ssl.verifypeer?SSL_VERIFY_PEER:SSL_VERIFY_NONE, - cert_verify_callback); + NULL); /* give application a chance to interfere with SSL set up. */ if(data->set.ssl.fsslctx) { -- cgit v1.2.3