Remove SSL_CTX_get_extra_chain_certs_only.

This is in preparation for folding away certificate slots. extra_certs
and the slot-specific certificate chain will be the same.
SSL_CTX_get_extra_chain_certs already falls back to the slot-specific
chain if missing. SSL_CTX_get_extra_chain_certs_only is similar but
never falls back. This isn't very useful and is confusing with them
merged, so remove it.

BUG=486295

Change-Id: Ic708105bcf453dfe4e1969353d7eb7547ed2981b
Reviewed-on: https://boringssl-review.googlesource.com/5350
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin 2015-07-05 02:00:58 -04:00 committed by Adam Langley
parent bb20f52383
commit 570364800c
2 changed files with 1 additions and 3 deletions

View File

@ -1860,8 +1860,6 @@ OPENSSL_EXPORT size_t SSL_get_tls_channel_id(SSL *ssl, uint8_t *out,
SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, (char *)x509) SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, (char *)x509)
#define SSL_CTX_get_extra_chain_certs(ctx, px509) \ #define SSL_CTX_get_extra_chain_certs(ctx, px509) \
SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, px509) SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, px509)
#define SSL_CTX_get_extra_chain_certs_only(ctx, px509) \
SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 1, px509)
#define SSL_CTX_clear_extra_chain_certs(ctx) \ #define SSL_CTX_clear_extra_chain_certs(ctx) \
SSL_CTX_ctrl(ctx, SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS, 0, NULL) SSL_CTX_ctrl(ctx, SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS, 0, NULL)

View File

@ -503,7 +503,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) {
break; break;
case SSL_CTRL_GET_EXTRA_CHAIN_CERTS: case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
if (ctx->extra_certs == NULL && larg == 0) { if (ctx->extra_certs == NULL) {
*(STACK_OF(X509) **)parg = ctx->cert->key->chain; *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
} else { } else {
*(STACK_OF(X509) **)parg = ctx->extra_certs; *(STACK_OF(X509) **)parg = ctx->extra_certs;