Remove SSL_CTX_get_extra_chain_certs_only.

This is in preparation for folding away certificate slots. extra_certs and the slot-specific certificate chain will be the same. SSL_CTX_get_extra_chain_certs already falls back to the slot-specific chain if missing. SSL_CTX_get_extra_chain_certs_only is similar but never falls back. This isn't very useful and is confusing with them merged, so remove it. BUG=486295 Change-Id: Ic708105bcf453dfe4e1969353d7eb7547ed2981b Reviewed-on: https://boringssl-review.googlesource.com/5350 Reviewed-by: Adam Langley <agl@google.com>
2015-07-05 02:00:58 -04:00 · 2015-07-05 02:00:58 -04:00 · 570364800c
commit 570364800c
parent bb20f52383
2 changed files with 1 additions and 3 deletions
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@ -1860,8 +1860,6 @@ OPENSSL_EXPORT size_t SSL_get_tls_channel_id(SSL *ssl, uint8_t *out,
  SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, (char *)x509)
 #define SSL_CTX_get_extra_chain_certs(ctx, px509) \
  SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, px509)
-#define SSL_CTX_get_extra_chain_certs_only(ctx, px509) \
-  SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 1, px509)
 #define SSL_CTX_clear_extra_chain_certs(ctx) \
  SSL_CTX_ctrl(ctx, SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS, 0, NULL)

--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@ -503,7 +503,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) {
      break;

    case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
-      if (ctx->extra_certs == NULL && larg == 0) {
+      if (ctx->extra_certs == NULL) {
        *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
      } else {
        *(STACK_OF(X509) **)parg = ctx->extra_certs;