From b4d309b1855bdbfe38f90baf64e2763035d9fbe7 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sat, 13 Apr 2024 14:19:40 +0200
Subject: Adding upstream version 2.9.6.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 src/ssl_ckch.c | 23 ++---------------------
 1 file changed, 2 insertions(+), 21 deletions(-)

(limited to 'src/ssl_ckch.c')

diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index ab39755..afe6ff6 100644
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -721,27 +721,8 @@ void ssl_sock_free_cert_key_and_chain_contents(struct ckch_data *data)
 		X509_free(data->ocsp_issuer);
 	data->ocsp_issuer = NULL;
 
-
-	/* We need to properly remove the reference to the corresponding
-	 * certificate_ocsp structure if it exists (which it should).
-	 */
-#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) && !defined OPENSSL_IS_BORINGSSL)
-	if (data->ocsp_cid) {
-		struct certificate_ocsp *ocsp = NULL;
-		unsigned char certid[OCSP_MAX_CERTID_ASN1_LENGTH] = {};
-		unsigned int certid_length = 0;
-
-		if (ssl_ocsp_build_response_key(data->ocsp_cid, (unsigned char*)certid, &certid_length) >= 0) {
-			HA_SPIN_LOCK(OCSP_LOCK, &ocsp_tree_lock);
-			ocsp = (struct certificate_ocsp *)ebmb_lookup(&cert_ocsp_tree, certid, OCSP_MAX_CERTID_ASN1_LENGTH);
-			HA_SPIN_UNLOCK(OCSP_LOCK, &ocsp_tree_lock);
-			ssl_sock_free_ocsp(ocsp);
-		}
-
-		OCSP_CERTID_free(data->ocsp_cid);
-		data->ocsp_cid = NULL;
-	}
-#endif
+	OCSP_CERTID_free(data->ocsp_cid);
+	data->ocsp_cid = NULL;
 }
 
 /*
-- 
cgit v1.2.3