aboutsummaryrefslogtreecommitdiffstats
path: root/socket.c
diff options
context:
space:
mode:
Diffstat (limited to 'socket.c')
-rw-r--r--socket.c36
1 files changed, 0 insertions, 36 deletions
diff --git a/socket.c b/socket.c
index d3cf90d7..2a3e1ba1 100644
--- a/socket.c
+++ b/socket.c
@@ -593,42 +593,6 @@ SSL *SSLGetContext( int sock )
return _ssl_context[sock];
}
-/** A picky certificate name check:
- * check if the pattern or string in s1 (from a certificate) matches the
- * hostname (in s2), returns true if matched.
- *
- * The only place where a wildcard is allowed is in the leftmost
- * position of p1. */
-static int name_match(const char *p1, const char *p2) {
- const char *const dom = "0123456789.";
- int wildcard_ok = 1;
-
- /* blank patterns never match */
- if (p1[0] == '\0')
- return 0;
-
- /* disallow wildcards in certificates for domain literals
- * (10.9.8.7-like) */
- if (strspn(p1+(*p1 == '*' ? 1 : 0), dom) == strlen(p1))
- wildcard_ok = 0;
-
- /* disallow wildcards for domain literals */
- if (strspn(p2, dom) == strlen(p2))
- wildcard_ok = 0;
-
- if (wildcard_ok && p1[0] == '*' && p1[1] == '.') {
- size_t l1, l2;
-
- ++p1;
- l1 = strlen(p1);
- l2 = strlen(p2);
- if (l2 > l1)
- p2 += l2 - l1;
- }
-
- return (0 == strcasecmp(p1, p2));
-}
-
/* ok_return (preverify_ok) is 1 if this stage of certificate verification
passed, or 0 if it failed. This callback lets us display informative
errors, and perform additional validation (e.g. CN matches) */