dead code cleanup: #if 0 in ssl

[openssl.git] / ssl / ssl_cert.c

diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index d81e06b582337db49a85e48215d3edf2cd617d9a..974259969f0585c489e89fa10774578b9b16cd12 100644 (file)
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -664,10 +664,12 @@ void ssl_sess_cert_free(SESS_CERT *sc)
     for (i = 0; i < SSL_PKEY_NUM; i++) {
         if (sc->peer_pkeys[i].x509 != NULL)
             X509_free(sc->peer_pkeys[i].x509);
-#if 0                           /* We don't have the peer's private key.
-                                 * These lines are just * here as a reminder
-                                 * that we're still using a
-                                 * not-quite-appropriate * data structure. */
+#if 0
+        /*
+         * We don't have the peer's private key. These lines are just
+         * here as a reminder that we're still using a not-quite-appropriate
+         *  data structure.
+         */
         if (sc->peer_pkeys[i].privatekey != NULL)
             EVP_PKEY_free(sc->peer_pkeys[i].privatekey);
 #endif
@@ -717,10 +719,6 @@ int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk)
     }
     /* Set suite B flags if needed */
     X509_STORE_CTX_set_flags(&ctx, tls1_suiteb(s));
-#if 0
-    if (SSL_get_verify_depth(s) >= 0)
-        X509_STORE_CTX_set_depth(&ctx, SSL_get_verify_depth(s));
-#endif
     X509_STORE_CTX_set_ex_data(&ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), s);
 
     /*