Certificate verification is done by libtls. The former code is not used anymore and can be unplugged.
Eric. Index: dispatcher.c =================================================================== RCS file: /cvs/src/usr.sbin/smtpd/dispatcher.c,v retrieving revision 1.2 diff -u -p -r1.2 dispatcher.c --- dispatcher.c 5 Mar 2021 12:37:32 -0000 1.2 +++ dispatcher.c 11 Apr 2021 11:46:17 -0000 @@ -64,11 +64,6 @@ dispatcher_imsg(struct mproc *p, struct resolver_dispatch_result(p, imsg); return; - case IMSG_CERT_INIT: - case IMSG_CERT_VERIFY: - cert_dispatch_result(p, imsg); - return; - case IMSG_CONF_START: return; case IMSG_CONF_END: Index: lka.c =================================================================== RCS file: /cvs/src/usr.sbin/smtpd/lka.c,v retrieving revision 1.244 diff -u -p -r1.244 lka.c --- lka.c 31 Dec 2020 08:27:15 -0000 1.244 +++ lka.c 11 Apr 2021 11:45:24 -0000 @@ -111,12 +111,6 @@ lka_imsg(struct mproc *p, struct imsg *i resolver_dispatch_request(p, imsg); return; - case IMSG_CERT_INIT: - case IMSG_CERT_CERTIFICATE: - case IMSG_CERT_VERIFY: - cert_dispatch_request(p, imsg); - return; - case IMSG_MTA_DNS_HOST: case IMSG_MTA_DNS_MX: case IMSG_MTA_DNS_MX_PREFERENCE: Index: smtpd.c =================================================================== RCS file: /cvs/src/usr.sbin/smtpd/smtpd.c,v retrieving revision 1.337 diff -u -p -r1.337 smtpd.c --- smtpd.c 5 Mar 2021 12:37:32 -0000 1.337 +++ smtpd.c 11 Apr 2021 11:46:38 -0000 @@ -2003,10 +2003,6 @@ imsg_to_str(int type) CASE(IMSG_GETNAMEINFO); CASE(IMSG_RES_QUERY); - CASE(IMSG_CERT_INIT); - CASE(IMSG_CERT_CERTIFICATE); - CASE(IMSG_CERT_VERIFY); - CASE(IMSG_SETUP_KEY); CASE(IMSG_SETUP_PEER); CASE(IMSG_SETUP_DONE); Index: smtpd.h =================================================================== RCS file: /cvs/src/usr.sbin/smtpd/smtpd.h,v retrieving revision 1.667 diff -u -p -r1.667 smtpd.h --- smtpd.h 11 Apr 2021 07:18:08 -0000 1.667 +++ smtpd.h 11 Apr 2021 11:45:58 -0000 @@ -102,12 +102,6 @@ #define P_NEWALIASES 1 #define P_MAKEMAP 2 -#define CERT_ERROR -1 -#define CERT_OK 0 -#define CERT_NOCA 1 -#define CERT_NOCERT 2 -#define CERT_INVALID 3 - struct userinfo { char username[SMTPD_VUSERNAME_SIZE]; char directory[PATH_MAX]; @@ -211,10 +205,6 @@ enum imsg_type { IMSG_GETNAMEINFO, IMSG_RES_QUERY, - IMSG_CERT_INIT, - IMSG_CERT_CERTIFICATE, - IMSG_CERT_VERIFY, - IMSG_SETUP_KEY, IMSG_SETUP_PEER, IMSG_SETUP_DONE, @@ -1281,14 +1271,6 @@ int ca_X509_verify(void *, void *, cons void ca_imsg(struct mproc *, struct imsg *); void ca_init(void); void ca_engine_init(void); - - -/* cert.c */ -int cert_init(const char *, int, - void (*)(void *, int, const char *, const void *, size_t), void *); -int cert_verify(const void *, const char *, int, void (*)(void *, int), void *); -void cert_dispatch_request(struct mproc *, struct imsg *); -void cert_dispatch_result(struct mproc *, struct imsg *); /* compress_backend.c */ Index: smtpd/Makefile =================================================================== RCS file: /cvs/src/usr.sbin/smtpd/smtpd/Makefile,v retrieving revision 1.112 diff -u -p -r1.112 Makefile --- smtpd/Makefile 11 Apr 2021 07:18:08 -0000 1.112 +++ smtpd/Makefile 11 Apr 2021 11:44:42 -0000 @@ -7,7 +7,6 @@ PROG= smtpd SRCS= aliases.c SRCS+= bounce.c SRCS+= ca.c -SRCS+= cert.c SRCS+= compress_backend.c SRCS+= config.c SRCS+= control.c