sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-04 00:00:14 -04:00
Code Issues Projects Releases Wiki Activity

pki: Drop legacy registration for OCSP responders

Browse Source
This commit is contained in:
Tobias Brunner 2023-10-30 17:50:18 +01:00
parent efac611566
commit 3e42b2f5cb
1 changed files with 0 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/pki/commands/ocsp.c
View File

@ -23,7 +23,6 @@
#include <credentials/certificates/ocsp_request.h> #include <credentials/certificates/ocsp_request.h>
#include <credentials/certificates/ocsp_response.h> #include <credentials/certificates/ocsp_response.h>
#include <credentials/certificates/ocsp_single_response.h> #include <credentials/certificates/ocsp_single_response.h>
#include <credentials/certificates/ocsp_responder.h>
/* /*
* Verifies the optional OCSP request signature generated by an OCSP requestor * Verifies the optional OCSP request signature generated by an OCSP requestor
@ -229,7 +228,6 @@ static int ocsp()
certificate_t *cacert = NULL, *first_issuer = NULL; certificate_t *cacert = NULL, *first_issuer = NULL;
ocsp_request_t *ocsp_request; ocsp_request_t *ocsp_request;
ocsp_status_t ocsp_status = OCSP_SUCCESSFUL; ocsp_status_t ocsp_status = OCSP_SUCCESSFUL;
ocsp_responder_t *ocsp_responder = NULL;
linked_list_t *responses = NULL; linked_list_t *responses = NULL;
chunk_t encoding = chunk_empty, nonce = chunk_empty; chunk_t encoding = chunk_empty, nonce = chunk_empty;
chunk_t issuerNameHash, issuerKeyHash, serialNumber; chunk_t issuerNameHash, issuerKeyHash, serialNumber;
@ -406,16 +404,6 @@ static int ocsp()
DBG1(DBG_APP, "nonce: %#B", &nonce); DBG1(DBG_APP, "nonce: %#B", &nonce);
} }
/* check for an ocsp responder */
if (op == OP_RESPOND)
{
ocsp_responder = lib->get(lib, "ocsp-responder");
if (ocsp_responder)
{
lib->ocsp->add_responder(lib->ocsp, ocsp_responder);
}
}
/* enumerate over the ocsp requests and try to identify the issuers */ /* enumerate over the ocsp requests and try to identify the issuers */
enumerator = ocsp_request->create_request_enumerator(ocsp_request); enumerator = ocsp_request->create_request_enumerator(ocsp_request);
while (enumerator->enumerate(enumerator, &hashAlgorithm, &issuerNameHash, while (enumerator->enumerate(enumerator, &hashAlgorithm, &issuerNameHash,
@ -554,10 +542,6 @@ gen:
res = 0; res = 0;
end: end:
if (ocsp_responder)
{
lib->ocsp->remove_responder(lib->ocsp, ocsp_responder);
}
DESTROY_IF(key); DESTROY_IF(key);
lib->credmgr->remove_local_set(lib->credmgr, &creds->set); lib->credmgr->remove_local_set(lib->credmgr, &creds->set);
creds->destroy(creds); creds->destroy(creds);