X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/d8f41ccd20de16f8ebe2ccc84d47bf1cb2b26bbb..e0e0d90ebff497686991a933ae2f7db24e7d8e0f:/sslViewer/sslServer.cpp

diff --git a/sslViewer/sslServer.cpp b/sslViewer/sslServer.cpp
index fca50f3e..9a0113f1 100644
--- a/sslViewer/sslServer.cpp
+++ b/sslViewer/sslServer.cpp
@@ -226,7 +226,6 @@ static OSStatus sslServe(
 	const char				*acceptedProts,
 	CFArrayRef				serverCerts,		// required
 	char					*password,			// optional
-	CFArrayRef				encryptServerCerts,	// optional
 	bool				allowExpired,
 	bool				allowAnyRoot,
 	bool				allowExpiredRoot,
@@ -337,13 +336,6 @@ static OSStatus sslServe(
 			goto cleanup;
 		}
 	}
-	if(encryptServerCerts) {
-		ortn = SSLSetEncryptionCertificate(ctx, encryptServerCerts);
-		if(ortn) {
-			printSslErrStr("SSLSetEncryptionCertificate", ortn);
-			goto cleanup;
-		}
-	}
 	if(allowExpiredRoot) {
 		ortn = SSLSetAllowsExpiredRoots(ctx, true);
 		if(ortn) {
@@ -700,9 +692,7 @@ int main(int argc, char **argv)
 	char				*argp;
 	otSocket			listenSock;
 	CFArrayRef			serverCerts = nil;		// required
-	CFArrayRef			encryptCerts = nil;		// optional
 	SecKeychainRef		serverKc = nil;
-	SecKeychainRef		encryptKc = nil;
 	int 				loopNum;
 	int					errCount = 0;
 	SSLClientCertificateState certState;		// obtained from sslServe
@@ -722,7 +712,6 @@ int main(int argc, char **argv)
 	bool			resumableEnable = true;
 	bool			pause = false;
 	char				*keyChainName = NULL;
-	char				*encryptKeyChainName = NULL;
 	int					loops = 1;
 	SSLAuthenticate		authenticate = kNeverAuthenticate;
 	bool			nonBlocking = false;
@@ -751,9 +740,6 @@ int main(int argc, char **argv)
 			case 'k':
 				keyChainName = &argp[2];
 				break;
-			case 'y':
-				encryptKeyChainName = &argp[2];
-				break;
 			case 'e':
 				allowExpired = true;
 				break;
@@ -950,16 +936,8 @@ int main(int argc, char **argv)
 			/* oh well */
 		}
 	}
-	if(encryptKeyChainName) {
-		encryptCerts = getSslCerts(encryptKeyChainName, true, completeCertChain,
-			anchorFile, &encryptKc);
-		if(encryptCerts == nil) {
-			exit(1);
-		}
-	}
 #else
     (void) doIdSearch;
-    (void) encryptKeyChainName;
 #endif
 	if(protXOnly) {
 		switch(attemptProt) {
@@ -999,7 +977,6 @@ int main(int argc, char **argv)
 			acceptedProts,
 			serverCerts,
 			password,
-			encryptCerts,
 			allowExpired,
 			allowAnyRoot,
 			allowExpiredRoot,
@@ -1055,9 +1032,6 @@ int main(int argc, char **argv)
 	if(serverKc) {
 		CFRelease(serverKc);
 	}
-	if(encryptKc) {
-		CFRelease(encryptKc);
-	}
     return errCount;
 
 }