1 files changed, 0 insertions, 110 deletions

diff --git a/src/daemon/https/x509/x509.c b/src/daemon/https/x509/x509.c
index e64d34b2..21c27371 100644
--- a/src/daemon/https/x509/x509.c
+++ b/src/daemon/https/x509/x509.c
@@ -1111,113 +1111,3 @@ MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert,
                                       output_data, output_data_size);
 }
 
-#ifdef ENABLE_PKI
-
-/**
- * MHD_gnutls_x509_crt_check_revocation - This function checks if the given certificate is revoked
- * @cert: should contain a MHD_gnutls_x509_crt_t structure
- * @crl_list: should contain a list of MHD_gnutls_x509_crl_t structures
- * @crl_list_length: the length of the crl_list
- *
- * This function will return check if the given certificate is
- * revoked.  It is assumed that the CRLs have been verified before.
- *
- * Returns: 0 if the certificate is NOT revoked, and 1 if it is.  A
- * negative value is returned on error.
- **/
-int
-MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert,
-                                      const MHD_gnutls_x509_crl_t * crl_list,
-                                      int crl_list_length)
-{
-  opaque serial[64];
-  opaque cert_serial[64];
-  size_t serial_size, cert_serial_size;
-  int ncerts, ret, i, j;
-  MHD_gnutls_datum_t dn1, dn2;
-
-  if (cert == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  for (j = 0; j < crl_list_length; j++)
-    {                           /* do for all the crls */
-
-      /* Step 1. check if issuer's DN match
-       */
-      ret = MHD__gnutls_x509_crl_get_raw_issuer_dn (crl_list[j], &dn1);
-      if (ret < 0)
-        {
-          MHD_gnutls_assert ();
-          return ret;
-        }
-
-      ret = MHD_gnutls_x509_crt_get_raw_issuer_dn (cert, &dn2);
-      if (ret < 0)
-        {
-          MHD_gnutls_assert ();
-          return ret;
-        }
-
-      ret = MHD__gnutls_x509_compare_raw_dn (&dn1, &dn2);
-      MHD__gnutls_free_datum (&dn1);
-      MHD__gnutls_free_datum (&dn2);
-      if (ret == 0)
-        {
-          /* issuers do not match so don't even
-           * bother checking.
-           */
-          continue;
-        }
-
-      /* Step 2. Read the certificate's serial number
-       */
-      cert_serial_size = sizeof (cert_serial);
-      ret =
-        MHD_gnutls_x509_crt_get_serial (cert, cert_serial, &cert_serial_size);
-      if (ret < 0)
-        {
-          MHD_gnutls_assert ();
-          return ret;
-        }
-
-      /* Step 3. cycle through the CRL serials and compare with
-       *   certificate serial we have.
-       */
-
-      ncerts = MHD_gnutls_x509_crl_get_crt_count (crl_list[j]);
-      if (ncerts < 0)
-        {
-          MHD_gnutls_assert ();
-          return ncerts;
-        }
-
-      for (i = 0; i < ncerts; i++)
-        {
-          serial_size = sizeof (serial);
-          ret = MHD_gnutls_x509_crl_get_crt_serial (crl_list[j], i, serial,
-                                                    &serial_size, NULL);
-
-          if (ret < 0)
-            {
-              MHD_gnutls_assert ();
-              return ret;
-            }
-
-          if (serial_size == cert_serial_size)
-            {
-              if (memcmp (serial, cert_serial, serial_size) == 0)
-                {
-                  /* serials match */
-                  return 1;     /* revoked! */
-                }
-            }
-        }
-
-    }
-  return 0;                     /* not revoked. */
-}
-
-#endif