Remove ssl_cert_inst()
It created the cert structure in SSL_CTX or SSL if it was NULL, but they can
never be NULL as the comments already said.
(Imported from upstream's 2c3823491d8812560922a58677e3ad2db4b2ec8d.)
Change-Id: I97c7bb306d6f3c18597850db9f08023b2ef74839
Reviewed-on: https://boringssl-review.googlesource.com/4042
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 04f6c54..e17ee5a 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -265,21 +265,9 @@
s->mode = ctx->mode;
s->max_cert_list = ctx->max_cert_list;
- if (ctx->cert != NULL) {
- /* Earlier library versions used to copy the pointer to the CERT, not its
- * contents; only when setting new parameters for the per-SSL copy,
- * ssl_cert_new would be called (and the direct reference to the
- * per-SSL_CTX settings would be lost, but those still were indirectly
- * accessed for various purposes, and for that reason they used to be known
- * as s->ctx->default_cert). Now we don't look at the SSL_CTX's CERT after
- * having duplicated it once. */
-
- s->cert = ssl_cert_dup(ctx->cert);
- if (s->cert == NULL) {
- goto err;
- }
- } else {
- s->cert = NULL; /* Cannot really happen (see SSL_CTX_new) */
+ s->cert = ssl_cert_dup(ctx->cert);
+ if (s->cert == NULL) {
+ goto err;
}
s->read_ahead = ctx->read_ahead;