tls: remove bogus tls_get_local_fingerprint() function

include/re_tls.h

@@ -29,8 +29,6 @@ int tls_alloc(struct tls **tlsp, enum tls_method method, const char *keyfile,
 int tls_add_ca(struct tls *tls, const char *capath);
 int tls_verify_cert(struct tls_conn *tc, char *cn, size_t cn_size);
 
-int tls_get_local_fingerprint(const struct tls *tls, const char *type,
-			      struct tls_fingerprint *fp);
 int tls_get_remote_fingerprint(const struct tls_conn *tc, const char *type,
 			       struct tls_fingerprint *fp);
 

src/tls/openssl/tls.c

@@ -25,6 +25,7 @@
 #include <re_dbg.h>
 
 
+/* NOTE: shadow struct defined in tls_*.c */
 struct tls_conn {
 	SSL *ssl;
 };
@@ -262,40 +263,6 @@ static const EVP_MD *type2evp(const char *type)
 }
 
 
-int tls_get_local_fingerprint(const struct tls *tls, const char *type,
-			      struct tls_fingerprint *fp)
-{
-	SSL *ssl;
-	X509 *x;
-	int err = 0;
-
-	if (!tls || !fp)
-		return EINVAL;
-
-	ssl = SSL_new(tls->ctx);
-	if (!ssl)
-		return ENOMEM;
-
-	x = SSL_get_certificate(ssl);
-	if (!x) {
-		err = ENOENT;
-		goto out;
-	}
-
-	fp->len = sizeof(fp->md);
-	if (1 != X509_digest(x, type2evp(type), fp->md, &fp->len)) {
-		err = ENOENT;
-		goto out;
-	}
-
- out:
-	(void)SSL_shutdown(ssl);
-	SSL_free(ssl);
-
-	return err;
-}
-
-
 int tls_get_remote_fingerprint(const struct tls_conn *tc, const char *type,
 			       struct tls_fingerprint *fp)
 {

src/tls/openssl/tls_tcp.c

@@ -23,6 +23,7 @@
 #include <re_dbg.h>
 
 
+/* NOTE: shadow struct defined in tls_*.c */
 struct tls_conn {
 	SSL *ssl;
 	BIO *sbio_out;

src/tls/openssl/tls_udp.c

@@ -32,6 +32,7 @@ struct tls_sock {
 	struct tls *tls;
 };
 
+/* NOTE: shadow struct defined in tls_*.c */
 struct tls_conn {
 	SSL *ssl;             /* inheritance */
 	BIO *sbio_out;