Security-57336.10.29.tar.gz

[apple/security.git] / sslViewer / sslServer.cpp

diff --git a/sslViewer/sslServer.cpp b/sslViewer/sslServer.cpp
index fca50f3ed8504eb936e6cbef51d3fa1cc1595fd6..9a0113f1e961eeeb42d11b435a5e72c5a81f005d 100644 (file)
--- a/sslViewer/sslServer.cpp
+++ b/sslViewer/sslServer.cpp
@@ -226,7 +226,6 @@ static OSStatus sslServe(
        const char                              *acceptedProts,
        CFArrayRef                              serverCerts,            // required
        char                                    *password,                      // optional
        const char                              *acceptedProts,
        CFArrayRef                              serverCerts,            // required
        char                                    *password,                      // optional

-       CFArrayRef                              encryptServerCerts,     // optional

        bool                            allowExpired,
        bool                            allowAnyRoot,
        bool                            allowExpiredRoot,
        bool                            allowExpired,
        bool                            allowAnyRoot,
        bool                            allowExpiredRoot,


@@ -337,13 +336,6 @@ static OSStatus sslServe(
                        goto cleanup;
                }
        }
                        goto cleanup;
                }
        }

-       if(encryptServerCerts) {
-               ortn = SSLSetEncryptionCertificate(ctx, encryptServerCerts);
-               if(ortn) {
-                       printSslErrStr("SSLSetEncryptionCertificate", ortn);
-                       goto cleanup;
-               }
-       }

        if(allowExpiredRoot) {
                ortn = SSLSetAllowsExpiredRoots(ctx, true);
                if(ortn) {
        if(allowExpiredRoot) {
                ortn = SSLSetAllowsExpiredRoots(ctx, true);
                if(ortn) {


@@ -700,9 +692,7 @@ int main(int argc, char **argv)
        char                            *argp;
        otSocket                        listenSock;
        CFArrayRef                      serverCerts = nil;              // required
        char                            *argp;
        otSocket                        listenSock;
        CFArrayRef                      serverCerts = nil;              // required

-       CFArrayRef                      encryptCerts = nil;             // optional

        SecKeychainRef          serverKc = nil;
        SecKeychainRef          serverKc = nil;

-       SecKeychainRef          encryptKc = nil;

        int                             loopNum;
        int                                     errCount = 0;
        SSLClientCertificateState certState;            // obtained from sslServe
        int                             loopNum;
        int                                     errCount = 0;
        SSLClientCertificateState certState;            // obtained from sslServe


@@ -722,7 +712,6 @@ int main(int argc, char **argv)
        bool                    resumableEnable = true;
        bool                    pause = false;
        char                            *keyChainName = NULL;
        bool                    resumableEnable = true;
        bool                    pause = false;
        char                            *keyChainName = NULL;

-       char                            *encryptKeyChainName = NULL;

        int                                     loops = 1;
        SSLAuthenticate         authenticate = kNeverAuthenticate;
        bool                    nonBlocking = false;
        int                                     loops = 1;
        SSLAuthenticate         authenticate = kNeverAuthenticate;
        bool                    nonBlocking = false;


@@ -751,9 +740,6 @@ int main(int argc, char **argv)
                        case 'k':
                                keyChainName = &argp[2];
                                break;
                        case 'k':
                                keyChainName = &argp[2];
                                break;

-                       case 'y':
-                               encryptKeyChainName = &argp[2];
-                               break;

                        case 'e':
                                allowExpired = true;
                                break;
                        case 'e':
                                allowExpired = true;
                                break;


@@ -950,16 +936,8 @@ int main(int argc, char **argv)
                        /* oh well */
                }
        }
                        /* oh well */
                }
        }

-       if(encryptKeyChainName) {
-               encryptCerts = getSslCerts(encryptKeyChainName, true, completeCertChain,
-                       anchorFile, &encryptKc);
-               if(encryptCerts == nil) {
-                       exit(1);
-               }
-       }

 #else
     (void) doIdSearch;
 #else
     (void) doIdSearch;

-    (void) encryptKeyChainName;

 #endif
        if(protXOnly) {
                switch(attemptProt) {
 #endif
        if(protXOnly) {
                switch(attemptProt) {


@@ -999,7 +977,6 @@ int main(int argc, char **argv)
                        acceptedProts,
                        serverCerts,
                        password,
                        acceptedProts,
                        serverCerts,
                        password,

-                       encryptCerts,

                        allowExpired,
                        allowAnyRoot,
                        allowExpiredRoot,
                        allowExpired,
                        allowAnyRoot,
                        allowExpiredRoot,


@@ -1055,9 +1032,6 @@ int main(int argc, char **argv)
        if(serverKc) {
                CFRelease(serverKc);
        }
        if(serverKc) {
                CFRelease(serverKc);
        }

-       if(encryptKc) {
-               CFRelease(encryptKc);
-       }

     return errCount;
 
 }
     return errCount;
 
 }