From 44629abd96c6f7f20f6592fa510851abfea9b2f0 Mon Sep 17 00:00:00 2001 From: tb Date: Mon, 8 May 2023 05:37:36 +0000 Subject: [PATCH] X509_verify_cert(): Garbage collect the unused roots variable roots was used to store the trusted stack or pull the roots out of the X509_STORE before beck unmooned Ethel in x509_vfy.c r1.88. Since then this variable is effectively unused. It seems the STACK_OF(3) madness is too complicated for -Wunused-but-set-variable to notice. ok miod --- lib/libcrypto/x509/x509_vfy.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/lib/libcrypto/x509/x509_vfy.c b/lib/libcrypto/x509/x509_vfy.c index bb94d55daba..461e1d2ef26 100644 --- a/lib/libcrypto/x509/x509_vfy.c +++ b/lib/libcrypto/x509/x509_vfy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_vfy.c,v 1.120 2023/04/30 14:59:52 tb Exp $ */ +/* $OpenBSD: x509_vfy.c,v 1.121 2023/05/08 05:37:36 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -592,7 +592,6 @@ X509_verify_cert_legacy(X509_STORE_CTX *ctx) int X509_verify_cert(X509_STORE_CTX *ctx) { - STACK_OF(X509) *roots = NULL; struct x509_verify_ctx *vctx = NULL; int chain_count = 0; @@ -656,8 +655,6 @@ X509_verify_cert(X509_STORE_CTX *ctx) } x509_verify_ctx_free(vctx); - sk_X509_pop_free(roots, X509_free); - /* if we succeed we have a chain in ctx->chain */ return (chain_count > 0 && ctx->chain != NULL); } -- 2.20.1