[PATCH 3/8] Remove obsolete keystore path

Kenny Root kroot
Wed Jun 26 14:57:31 PDT 2013


It's not possible to get a raw private key from keystore anymore, so
this would fail every time anyway. Remove it so it doesn't confuse
anyone that looks at this code.

Change-Id: I021fc1707b16474d8698c85055a6fcc4095cd215
Signed-off-by: Dmitry Shmidt <dimitrysh at google.com>
---
 src/crypto/tls_openssl.c | 20 --------------------
 1 file changed, 20 deletions(-)

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 2b7b010..862eaf6 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -2208,26 +2208,6 @@ static int tls_connection_private_key(void *_ssl_ctx,
 		break;
 	}
 
-#ifdef ANDROID
-	if (!ok && private_key &&
-	    os_strncmp("keystore://", private_key, 11) == 0) {
-		BIO *bio = BIO_from_keystore(&private_key[11]);
-		EVP_PKEY *pkey = NULL;
-		if (bio) {
-			pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);
-			BIO_free(bio);
-		}
-		if (pkey) {
-			if (SSL_use_PrivateKey(conn->ssl, pkey) == 1) {
-				wpa_printf(MSG_DEBUG, "OpenSSL: Private key "
-					   "from keystore");
-				ok = 1;
-			}
-			EVP_PKEY_free(pkey);
-		}
-	}
-#endif /* ANDROID */
-
 	while (!ok && private_key) {
 #ifndef OPENSSL_NO_STDIO
 		if (SSL_use_PrivateKey_file(conn->ssl, private_key,
-- 
1.8.4.1




More information about the Hostap mailing list