[hipl-commit] [trunk] Rev 4310: Remove disabled code from firewall/pisa.c.

  • From: Diego Biurrun <diego@xxxxxxxxxx>
  • To: hipl-commit@xxxxxxxxxxxxx
  • Date: Fri, 16 Apr 2010 02:30:03 +0300

Committer: Diego Biurrun <diego@xxxxxxxxxx>
Date: 16/04/2010 at 02:30:03
Revision: 4310
Revision-id: diego@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Branch nick: trunk

Log:
  Remove disabled code from firewall/pisa.c.

Modified:
  M  firewall/pisa.c

=== modified file 'firewall/pisa.c'
--- firewall/pisa.c     2010-04-09 17:56:34 +0000
+++ firewall/pisa.c     2010-04-15 23:29:49 +0000
@@ -210,41 +210,6 @@
 }
 
 /**
- * Check the signature of the packet.
- *
- * @param ctx context of the packet with the signature to check
- * @return success (0) or failure
- */
-/* This function is not used */
-#if 0
-static int pisa_check_signature(hip_fw_context_t *ctx)
-{
-    struct hip_common *hip = ctx->transport_hdr.hip;
-    int err                = -1;
-    struct hip_host_id *host_id;
-
-    host_id = hip_get_param(hip, HIP_PARAM_HOST_ID);
-    HIP_IFEL(host_id == 0, -1, "Cannot check signature: No HOST_ID found.\n");
-
-    if (hip_get_host_id_algo(host_id) == HIP_HI_RSA) {
-        RSA *rsa;
-        rsa = hip_key_rr_to_rsa(host_id, 0);
-        err = hip_rsa_verify(rsa, hip);
-        RSA_free(rsa);
-    } else {
-        DSA *dsa;
-        dsa = hip_key_rr_to_dsa(host_id, 0);
-        err = hip_dsa_verify(dsa, hip);
-        DSA_free(dsa);
-    }
-
-out_err:
-    return err;
-}
-
-#endif /* 0 */
-
-/**
  * Check the certificate of the packet.
  *
  * @param ctx context of the packet with the certificate to check
@@ -292,10 +257,6 @@
 
     HIP_IFEL(ipv6_addr_cmp(&pc.hit_issuer, &community_operator_hit) != 0,
              -1, "Certificate not issued by the community operator.\n");
-#if 0
-    HIP_IFEL(ipv6_addr_cmp(&pc.hit_subject, &hip->hits) != 0, -1,
-             "Certificate does not belong to subject.\n");
-#endif
 
     HIP_INFO("Certificate successfully verified.\n");
 
@@ -439,8 +400,6 @@
 #endif
 
     solution = pisa_check_challenge_response(ctx);
-    // Done in conntrack.c
-    //sig = pisa_check_signature(ctx);
     cert     = pisa_check_certificate(ctx);
 
     if (solution == NULL || sig != 0 || cert != 0) {
@@ -493,8 +452,6 @@
     struct hip_challenge_response *solution = NULL;
 
     solution = pisa_check_challenge_response(ctx);
-    // Done in conntrack.c
-    //sig = pisa_check_signature(ctx);
     cert = pisa_check_certificate(ctx);
 
     if (solution == NULL || sig != 0 || cert != 0) {

Other related posts:

  • » [hipl-commit] [trunk] Rev 4310: Remove disabled code from firewall/pisa.c. - Diego Biurrun