asterisk/third-party/pjproject/patches/0031-Revert-Fixed-2204-Add-OpenSSL-remote-certificate-cha.patch

From 616a13933f33a6d74f84d85b5bfb858279a09e2d Mon Sep 17 00:00:00 2001
From: George Joseph <gjoseph@digium.com>
Date: Tue, 24 Sep 2019 06:42:04 -0600
Subject: [PATCH 31/33] Revert "Fixed #2204: Add OpenSSL remote certificate
 chain info"

This reverts commit f71d60c866c4572a7c8398fe982416771fc6a7f5.
---
 pjlib/src/pj/ssl_sock_ossl.c | 45 ------------------------------------
 1 file changed, 45 deletions(-)

diff --git a/pjlib/src/pj/ssl_sock_ossl.c b/pjlib/src/pj/ssl_sock_ossl.c
index debb105b1..109c5c1e2 100644
--- a/pjlib/src/pj/ssl_sock_ossl.c
+++ b/pjlib/src/pj/ssl_sock_ossl.c
@@ -1566,41 +1566,6 @@ static void get_cert_info(pj_pool_t *pool, pj_ssl_cert_info *ci, X509 *x,
     }	 
 }
 
-/* Update remote certificates chain info. This function should be
- * called after handshake or renegotiation successfully completed.
- */
-static void ssl_update_remote_cert_chain_info(pj_pool_t *pool,
-					      pj_ssl_cert_info *ci,
-					      STACK_OF(X509) *chain,
-					      pj_bool_t get_pem)
-{
-    int i;
-
-    ci->raw_chain.cert_raw = (pj_str_t *)pj_pool_calloc(pool,
-       				    			sk_X509_num(chain),
-       				    			sizeof(pj_str_t));
-    ci->raw_chain.cnt = sk_X509_num(chain);
-
-    for (i = 0; i < sk_X509_num(chain); i++) {
-        BIO *bio;
-        BUF_MEM *ptr;
-	X509 *x = sk_X509_value(chain, i);
-
-        bio = BIO_new(BIO_s_mem());
-        
-        if (!PEM_write_bio_X509(bio, x)) {
-            PJ_LOG(3, (THIS_FILE, "Error retrieving raw certificate info"));
-            ci->raw_chain.cert_raw[i].ptr  = NULL;
-            ci->raw_chain.cert_raw[i].slen = 0;
-        } else {
-            BIO_write(bio, "\0", 1);
-            BIO_get_mem_ptr(bio, &ptr);
-            pj_strdup2(pool, &ci->raw_chain.cert_raw[i], ptr->data );
-        }
-        
-        BIO_free(bio);
-    }
-}
 
 /* Update local & remote certificates info. This function should be
  * called after handshake or renegotiation successfully completed.
@@ -1609,7 +1574,6 @@ static void ssl_update_certs_info(pj_ssl_sock_t *ssock)
 {
     ossl_sock_t *ossock = (ossl_sock_t *)ssock;
     X509 *x;
-    STACK_OF(X509) *chain;
 
     pj_assert(ssock->ssl_state == SSL_STATE_ESTABLISHED);
 
@@ -1631,15 +1595,6 @@ static void ssl_update_certs_info(pj_ssl_sock_t *ssock)
     } else {
 	pj_bzero(&ssock->remote_cert_info, sizeof(pj_ssl_cert_info));
     }
-
-    chain = SSL_get_peer_cert_chain(ossock->ossl_ssl);
-    if (chain) {
-       ssl_update_remote_cert_chain_info(ssock->pool,
-       					 &ssock->remote_cert_info,
-       					 chain, PJ_TRUE);
-    } else {
-       ssock->remote_cert_info.raw_chain.cnt = 0;
-    }
 }
 
 
-- 
2.21.0