From 55282fa20f46c193bd4a89ad5bcd048048a8734d Mon Sep 17 00:00:00 2001 From: Michael Paquier Date: Sat, 28 Sep 2019 15:22:49 +0900 Subject: Remove code relevant to OpenSSL 0.9.6 in be/fe-secure-openssl.c HEAD supports OpenSSL 0.9.8 and newer versions, and this code likely got forgotten as its surrounding comments mention an incorrect version number. Author: Michael Paquier Reviewed-by: Peter Eisentraut Discussion: https://postgr.es/m/20190927032311.GB8485@paquier.xyz --- src/interfaces/libpq/fe-secure-openssl.c | 12 ------------ 1 file changed, 12 deletions(-) (limited to 'src/interfaces/libpq/fe-secure-openssl.c') diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c index c8b8d070395..c8dddfb5fdb 100644 --- a/src/interfaces/libpq/fe-secure-openssl.c +++ b/src/interfaces/libpq/fe-secure-openssl.c @@ -869,20 +869,8 @@ initialize_SSL(PGconn *conn) if (fnbuf[0] != '\0' && X509_STORE_load_locations(cvstore, fnbuf, NULL) == 1) { - /* OpenSSL 0.96 does not support X509_V_FLAG_CRL_CHECK */ -#ifdef X509_V_FLAG_CRL_CHECK X509_STORE_set_flags(cvstore, X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL); -#else - char *err = SSLerrmessage(ERR_get_error()); - - printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("SSL library does not support CRL certificates (file \"%s\")\n"), - fnbuf); - SSLerrfree(err); - SSL_CTX_free(SSL_context); - return -1; -#endif } /* if not found, silently ignore; we do not require CRL */ ERR_clear_error(); -- cgit v1.2.3