move CFErrorRef instantiation

rlm2002 · rlm2002 · commit 9b6b41627ea5 · 2025-06-26T09:06:01.000-06:00
cleanup
diff --git a/src/internal.c b/src/internal.c
@@ -16336,7 +16336,6 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                 }
             #endif
 
-                WOLFSSL_MSG_EX("checking for ability to match names verifyNone = %d and domainname is null? %s", ssl->options.verifyNone, ((ssl->buffers.domainName.buffer == NULL) ? "yes" : "no"));
                 if (!ssl->options.verifyNone && ssl->buffers.domainName.buffer) {
                 #ifndef WOLFSSL_ALLOW_NO_CN_IN_SAN
                     /* Per RFC 5280 section 4.2.1.6, "Whenever such identities
@@ -42874,7 +42873,7 @@ static int MaxValidityPeriodErrorOnly(CFErrorRef error)
                 CFErrorCopyUserInfo((CFErrorRef)underlying);
             if (underlyingDict) {
                 char buffer[512];
-                CFStringRef values = 
+                CFStringRef values =
                     CFDictionaryGetValue(underlyingDict,
                         kCFErrorLocalizedDescriptionKey);
                 if(CFStringGetCString(values, buffer, sizeof(buffer),
@@ -42926,6 +42925,7 @@ static int DoAppleNativeCertValidation(WOLFSSL*                   ssl,
     SecTrustRef       trust     = NULL;
     SecPolicyRef      policy    = NULL;
     CFStringRef       hostname  = NULL;
+    CFErrorRef        error     = NULL;
 
     WOLFSSL_ENTER("DoAppleNativeCertValidation");
 
@@ -42991,7 +42991,6 @@ static int DoAppleNativeCertValidation(WOLFSSL*                   ssl,
     /* Evaluate the certificate's authenticity */
     WOLFSSL_MSG("Performing Apple native cert validation via "
                 "SecTrustEvaluateWithError");
-    CFErrorRef error = NULL;
     ret              = SecTrustEvaluateWithError(trust, &error);
     if (ret != 1) {
         if (error) {
@@ -43016,7 +43015,6 @@ static int DoAppleNativeCertValidation(WOLFSSL*                   ssl,
                     WOLFSSL_MSG("Skipping certificate validity period error");
                     ret = 1;
                 }
-                /* TODO: ensure other errors aren't masked by this error */
             }
 #endif
             (void)code;
diff --git a/tests/api.c b/tests/api.c
@@ -8070,7 +8070,6 @@ static int test_wolfSSL_client_server_nofail_memio_ex(test_ssl_cbf* client_cb,
     test_ctx.s_cb.return_code = EXPECT_FAILURE_CODEPOINT_ID;
 
     ExpectIntEQ(test_ssl_memio_setup(&test_ctx), TEST_SUCCESS);
-    WOLFSSL_MSG("DONE WITH THE FEKIN SETUP");
     ExpectIntEQ(test_ssl_memio_do_handshake(&test_ctx, 10, NULL), TEST_SUCCESS);
 
     if (client_on_handshake != NULL) {
@@ -8115,7 +8114,6 @@ static int test_wolfSSL_client_server_nofail_memio_ex(test_ssl_cbf* client_cb,
 int test_wolfSSL_client_server_nofail_memio(test_ssl_cbf* client_cb,
     test_ssl_cbf* server_cb, cbType client_on_handshake)
 {
-    WOLFSSL_MSG("EHE ANOTHER EXTENSION >:(");
     return (test_wolfSSL_client_server_nofail_memio_ex(client_cb, server_cb,
         client_on_handshake, NULL));
 }

Original file line number	Diff line number	Diff line change
`@@ -8070,7 +8070,6 @@ static int test_wolfSSL_client_server_nofail_memio_ex(test_ssl_cbf* client_cb,`
`8070`	`8070`	`test_ctx.s_cb.return_code = EXPECT_FAILURE_CODEPOINT_ID;`
`8071`	`8071`
`8072`	`8072`	`ExpectIntEQ(test_ssl_memio_setup(&test_ctx), TEST_SUCCESS);`
`8073`		`- WOLFSSL_MSG("DONE WITH THE FEKIN SETUP");`
`8074`	`8073`	`ExpectIntEQ(test_ssl_memio_do_handshake(&test_ctx, 10, NULL), TEST_SUCCESS);`
`8075`	`8074`
`8076`	`8075`	`if (client_on_handshake != NULL) {`
`@@ -8115,7 +8114,6 @@ static int test_wolfSSL_client_server_nofail_memio_ex(test_ssl_cbf* client_cb,`
`8115`	`8114`	`int test_wolfSSL_client_server_nofail_memio(test_ssl_cbf* client_cb,`
`8116`	`8115`	`test_ssl_cbf* server_cb, cbType client_on_handshake)`
`8117`	`8116`	`{`
`8118`		`- WOLFSSL_MSG("EHE ANOTHER EXTENSION >:(");`
`8119`	`8117`	`return (test_wolfSSL_client_server_nofail_memio_ex(client_cb, server_cb,`
`8120`	`8118`	`client_on_handshake, NULL));`
`8121`	`8119`	`}`