Re: smtp: dead code

2021-04-10 Thread Theo Buehler 
On Sat, Apr 10, 2021 at 10:32:16AM +0200, Eric Faurot wrote:
> This diff removes unused code and lib depends from smtp(1).

I think the dependencies on -lssl and -lcrypto should remain. There was
a recent discussion of dropping -lssl from rpki-client and it depends on
the linker if -ltls is enough. ftp also links against -lcrypto and
-lssl.

Apart from this, this looks ok

smtp: dead code

2021-04-10 Thread Eric Faurot 
This diff removes unused code and lib depends from smtp(1).

Eric.

Index: smtpc.c
===
RCS file: /cvs/src/usr.sbin/smtpd/smtpc.c,v
retrieving revision 1.14
diff -u -p -r1.14 smtpc.c
--- smtpc.c 5 Mar 2021 12:37:32 -   1.14
+++ smtpc.c 10 Apr 2021 08:25:20 -
@@ -32,10 +32,7 @@
 #include 
 #include 
 
-#include 
-
 #include "smtp.h"
-#include "ssl.h"
 #include "log.h"
 
 static void parse_server(char *);
@@ -368,37 +365,6 @@ log_trace(int lvl, const char *emsg, ...
vlog(LOG_DEBUG, emsg, ap);
va_end(ap);
}
-}
-
-void
-smtp_verify_server_cert(void *tag, struct smtp_client *proto, void *ctx)
-{
-   SSL *ssl = ctx;
-   X509 *cert;
-   long res;
-   int match;
-
-   if ((cert = SSL_get_peer_certificate(ssl))) {
-   (void)ssl_check_name(cert, servname, );
-   X509_free(cert);
-   res = SSL_get_verify_result(ssl);
-   if (res == X509_V_OK) {
-   if (match) {
-   log_debug("valid certificate");
-   smtp_cert_verified(proto, CERT_OK);
-   }
-   else {
-   log_debug("certificate does not match 
hostname");
-   smtp_cert_verified(proto, CERT_INVALID);
-   }
-   return;
-   }
-   log_debug("certificate validation error %ld", res);
-   }
-   else
-   log_debug("no certificate provided");
-
-   smtp_cert_verified(proto, CERT_INVALID);
 }
 
 void
Index: smtp/Makefile
===
RCS file: /cvs/src/usr.sbin/smtpd/smtp/Makefile,v
retrieving revision 1.4
diff -u -p -r1.4 Makefile
--- smtp/Makefile   5 Mar 2021 12:37:32 -   1.4
+++ smtp/Makefile   10 Apr 2021 08:25:20 -
@@ -12,12 +12,10 @@ SRCS+=  ioev.c
 SRCS+= log.c
 SRCS+= smtp_client.c
 SRCS+= smtpc.c
-SRCS+= ssl.c
-SRCS+= ssl_verify.c
 
 CPPFLAGS+= -DIO_TLS
 
-LDADD+=-levent -lutil -ltls -lssl -lcrypto -lm -lz
-DPADD+=${LIBEVENT} ${LIBUTIL} ${LIBTLS} ${LIBSSL} ${LIBCRYPTO} ${LIBM} 
${LIBZ}
+LDADD+=-levent -lutil -ltls
+DPADD+=${LIBEVENT} ${LIBUTIL} ${LIBTLS}
 
 .include