From patchwork Thu Apr  4 18:16:22 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Juliusz Sosinowicz <juliusz@wolfssl.com>
X-Patchwork-Id: 1919931
Return-Path: 
 <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
	dkim=pass (2048-bit key;
 secure) header.d=lists.infradead.org header.i=@lists.infradead.org
 header.a=rsa-sha256 header.s=bombadil.20210309 header.b=Tw6fGMIu;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=wolfssl-com.20230601.gappssmtp.com
 header.i=@wolfssl-com.20230601.gappssmtp.com header.a=rsa-sha256
 header.s=20230601 header.b=pbSsPGD+;
	dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
 spf=none (no SPF record) smtp.mailfrom=lists.infradead.org
 (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org;
 envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;
 receiver=patchwork.ozlabs.org)
Received: from bombadil.infradead.org (bombadil.infradead.org
 [IPv6:2607:7c80:54:3::133])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4V9Wf66D8qz23vG
	for <incoming@patchwork.ozlabs.org>; Fri,  5 Apr 2024 06:19:58 +1100 (AEDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20210309; h=Sender:
	Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:
	Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description:
	Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
	List-Owner; bh=F2ugrLqfXQNQLpBts/ojVTcj+6qT/T9cH4Y0/SMmrao=; b=Tw6fGMIuAm43Aw
	vgs2Y6MwUIU8x3y+OxDbyxabgnbmHj6uvX2YkF/BttGeLPH7ag3GBH0gKv6MZJDQh8iHukwV5Zfvi
	GrGgkpRx08HAH6xp1dNZSUdpYh/XtpFTnU/cuHa4j4vn1o5i/XHahsXv8dctHSsOprAnCENKYe7Ig
	lS4Zi9eVQxIBWpu1+7DFf2iv8KHcsU8VRgzxP37+zQ2niD6JEKhdL/tKOSS62uOE9h7jaoxdin+iE
	IRUNaAzxxGB/TLD+jPtk2tpb4mIcovQCvMoUAN3HV0rrw5OCzWoZdmaJd/mjblATcciqfEnwmyDYJ
	j1akfyeVkyP+aQFZm/NA==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux))
	id 1rsScn-000000040eZ-3x4Z;
	Thu, 04 Apr 2024 19:19:49 +0000
Received: from mail-ed1-x52a.google.com ([2a00:1450:4864:20::52a])
	by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux))
	id 1rsReF-00000003mla-2wls
	for hostap@lists.infradead.org;
	Thu, 04 Apr 2024 18:17:19 +0000
Received: by mail-ed1-x52a.google.com with SMTP id
 4fb4d7f45d1cf-56e136cbcecso1677384a12.3
        for <hostap@lists.infradead.org>;
 Thu, 04 Apr 2024 11:17:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=wolfssl-com.20230601.gappssmtp.com; s=20230601; t=1712254631;
 x=1712859431; darn=lists.infradead.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=IgPE4fjOiqoN9Wovg8jOvNcWlVjo64FVRP4n3d5QxDw=;
        b=pbSsPGD+Wcl9JVF8TgHvIPgJGU7IYCRsgODYOxXk6WdZ4zWSxrlC9AP1LDr1ESYcY0
         k83wZ9qwwUdhQN1R72gkkJnm3GmslP4eatLgQJH4rTyR61juIqUHZyo5Q1yFA6THTbj8
         IqWA6xxLrdnVdjSSUxeG4WjDyWRd88CI63F5lWg17X4L0f3xT/VWxteUEZIhZge2OZ7v
         3iqpjHKTewmFjeAT8Us8bGSWQd34gCxIBB9gO7C0ZP6cBmQBX9TyvoanuiN0PNt4obn9
         DaV7lk5Alati0LZFl+fqMvkRp4vKQ7bDDI4DYYbvmJdwboFj7ZQb1D2ECiFiqgLRVqp3
         ZC9w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1712254631; x=1712859431;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=IgPE4fjOiqoN9Wovg8jOvNcWlVjo64FVRP4n3d5QxDw=;
        b=VbYD4iOaaB+pwmYSajpqx+fmeg8BUvgp0FSYxXFbrG7rgMLs9MkV10rhY/D8ZeUybB
         43X+g0+fsgitFCNVjgp1Km2LDEkEejASgV7aMXp0ZujvPFUJWSw60/pczdA6nAMxpbXf
         jUrTJylQwoORhzw7hucfyoOX2qUzKC6QP6A9dOu0B/+bDs99lALHY15GjVe6JY6lu8NO
         RNVJ8709mtYKHdCnH1OZ3uSpgfunKRSdJF8l9Iz/3qcqpfYGCTS/lDehvye0EPCrAsWs
         s3GtC8d4sCrle5KegQrDjxVMHaR+dxHGNkT9aWKbkXH4M4wnmxQRpAJXbjAcRjU+I66w
         rD8Q==
X-Gm-Message-State: AOJu0YxAme8+HeZ3O1p64MknN3mpZKwmcYg+oIHWtFrJxepvrOa6vvGP
	3DD9Vd2JtOVXUZC5TID7aRwBFep+1dIp7V00FGHoOQ4Ukrx+f2KxaD8Qk3b8ovaXbslPO4Dqk3h
	8xYY=
X-Google-Smtp-Source: 
 AGHT+IGbF8RiwIwXH/ua+PQPdUEHAJ7pLIcMF7U74CYV9io8tf7IfplxF0qfy/CtNl9jiCwpffGMUw==
X-Received: by 2002:a50:9e69:0:b0:568:1882:651f with SMTP id
 z96-20020a509e69000000b005681882651fmr333623ede.25.1712254631803;
        Thu, 04 Apr 2024 11:17:11 -0700 (PDT)
Received: from localhost.localdomain ([82.118.30.15])
        by smtp.gmail.com with ESMTPSA id
 dh26-20020a0564021d3a00b0056e0b358e86sm1976349edb.97.2024.04.04.11.17.10
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 04 Apr 2024 11:17:11 -0700 (PDT)
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
To: hostap@lists.infradead.org
Cc: Juliusz Sosinowicz <juliusz@wolfssl.com>
Subject: [PATCH 16/24] wolfssl: remove unused and non-compiling code
Date: Thu,  4 Apr 2024 20:16:22 +0200
Message-Id: <20240404181630.2431991-16-juliusz@wolfssl.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20240404181630.2431991-1-juliusz@wolfssl.com>
References: <20240404181630.2431991-1-juliusz@wolfssl.com>
MIME-Version: 1.0
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20240404_111716_045098_D21F1D30 
X-CRM114-Status: GOOD (  10.76  )
X-Spam-Score: 0.0 (/)
X-Spam-Report: Spam detection software,
 running on the system "bombadil.infradead.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview:  OCSP is handled internally by wolfSSL. Signed-off-by:
 Juliusz
    Sosinowicz <juliusz@wolfssl.com> --- src/crypto/tls_wolfssl.c | 25 1 file
    changed,
 25 deletions(-) diff --git a/src/crypto/tls_wolfssl.c
 b/src/crypto/tls_wolfssl.c
    index 360a4a3b48..32331d25b8 100644 --- a/src/crypto/tls_wolfssl.c +++
 b/src/crypto/tls_wolfssl.c
    @@ -1275,31 +1275,6 @@ static int tls [...]
 Content analysis details:   (0.0 points, 5.0 required)
  pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/, no
                             trust
                             [2a00:1450:4864:20:0:0:0:52a listed in]
                             [list.dnswl.org]
 -0.0 SPF_PASS               SPF: sender matches SPF record
  0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.1 DKIM_VALID             Message has at least one valid DKIM or DK
 signature
  0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily valid
X-BeenThere: hostap@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <hostap.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/hostap>,
 <mailto:hostap-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/hostap/>
List-Post: <mailto:hostap@lists.infradead.org>
List-Help: <mailto:hostap-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/hostap>,
 <mailto:hostap-request@lists.infradead.org?subject=subscribe>
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

OCSP is handled internally by wolfSSL.

Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
---
 src/crypto/tls_wolfssl.c | 25 -------------------------
 1 file changed, 25 deletions(-)

diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c
index 360a4a3b48..32331d25b8 100644
--- a/src/crypto/tls_wolfssl.c
+++ b/src/crypto/tls_wolfssl.c
@@ -1275,31 +1275,6 @@ static int tls_verify_cb(int preverify_ok, WOLFSSL_X509_STORE_CTX *x509_ctx)
 				       TLS_FAIL_SERVER_CHAIN_PROBE);
 	}
 
-#ifdef HAVE_OCSP_WOLFSSL
-	if (depth == 0 && (conn->flags & TLS_CONN_REQUEST_OCSP) &&
-	    preverify_ok) {
-		enum ocsp_result res;
-
-		res = check_ocsp_resp(conn->ssl_ctx, conn->ssl, err_cert,
-				      conn->peer_issuer,
-				      conn->peer_issuer_issuer);
-		if (res == OCSP_REVOKED) {
-			preverify_ok = 0;
-			wolfssl_tls_fail_event(conn, err_cert, err, depth, buf,
-					       "certificate revoked",
-					       TLS_FAIL_REVOKED);
-			if (err == X509_V_OK)
-				X509_STORE_CTX_set_error(
-					x509_ctx, X509_V_ERR_CERT_REVOKED);
-		} else if (res != OCSP_GOOD &&
-			   (conn->flags & TLS_CONN_REQUIRE_OCSP)) {
-			preverify_ok = 0;
-			wolfssl_tls_fail_event(conn, err_cert, err, depth, buf,
-					       "bad certificate status response",
-					       TLS_FAIL_UNSPECIFIED);
-		}
-	}
-#endif /* HAVE_OCSP_WOLFSSL */
 	if (depth == 0 && preverify_ok && context->event_cb != NULL)
 		context->event_cb(context->cb_ctx,
 				  TLS_CERT_CHAIN_SUCCESS, NULL);