From fc16d9cec8b013a5f1a6fbe69abe781b1dd8c0e5 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 5 Jun 2015 00:02:17 +0200
Subject: openssl: remove dummy callback use from SSL_CTX_set_verify()

The existing callback served no purpose.
---
 lib/vtls/openssl.c | 13 +------------
 1 file changed, 1 insertion(+), 12 deletions(-)

(limited to 'lib/vtls/openssl.c')

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index eb2cf5bf5..240295b6f 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -716,17 +716,6 @@ static int x509_name_oneline(X509_NAME *a, char *buf, size_t size)
 #endif
 }
 
-static
-int cert_verify_callback(int ok, X509_STORE_CTX *ctx)
-{
-  X509 *err_cert;
-  char buf[256];
-
-  err_cert=X509_STORE_CTX_get_current_cert(ctx);
-  (void)x509_name_oneline(X509_get_subject_name(err_cert), buf, sizeof(buf));
-  return ok;
-}
-
 /* Return error string for last OpenSSL error
  */
 static char *SSL_strerror(unsigned long error, char *buf, size_t size)
@@ -2079,7 +2068,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
    * SSL_get_verify_result() below. */
   SSL_CTX_set_verify(connssl->ctx,
                      data->set.ssl.verifypeer?SSL_VERIFY_PEER:SSL_VERIFY_NONE,
-                     cert_verify_callback);
+                     NULL);
 
   /* give application a chance to interfere with SSL set up. */
   if(data->set.ssl.fsslctx) {
-- 
cgit v1.2.3