Remove obsolete NSS version checks.

net/cert/cert_verify_proc_nss.cc

Index: net/cert/cert_verify_proc_nss.cc
diff --git a/net/cert/cert_verify_proc_nss.cc b/net/cert/cert_verify_proc_nss.cc
index c401eba7837a6bed9379f63ca9bf146259f3d312..e48888218b523da7786d719f724000b30efa0a8c 100644
--- a/net/cert/cert_verify_proc_nss.cc
+++ b/net/cert/cert_verify_proc_nss.cc
@@ -33,17 +33,6 @@
 #include "net/cert/x509_util_ios.h"
 #endif  // defined(OS_IOS)
 
-#define NSS_VERSION_NUM (NSS_VMAJOR * 10000 + NSS_VMINOR * 100 + NSS_VPATCH)
-#if NSS_VERSION_NUM < 31305
-// Added in NSS 3.13.5.
-#define SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED -8016
-#endif
-
-#if NSS_VERSION_NUM < 31402
-// Added in NSS 3.14.2.
-#define cert_pi_useOnlyTrustAnchors static_cast<CERTValParamInType>(14)
-#endif
-
 namespace net {
 
 namespace {
@@ -744,8 +733,7 @@ CertVerifyProcNSS::CertVerifyProcNSS() {}
 CertVerifyProcNSS::~CertVerifyProcNSS() {}
 
 bool CertVerifyProcNSS::SupportsAdditionalTrustAnchors() const {
-  // This requires APIs introduced in 3.14.2.
-  return NSS_VersionCheck("3.14.2");
+  return true;

[Joao da Silva, 2014/01/17 09:04:53]

Why not remove this function altogether?

[Joao da Silva, 2014/01/17 13:22:21]

Meh, ignore this comment. Other implementations return false.

 }
 
 int CertVerifyProcNSS::VerifyInternal(
@@ -801,7 +789,7 @@ int CertVerifyProcNSS::VerifyInternal(
     verify_result->cert_status |= CERT_STATUS_REV_CHECKING_ENABLED;
 
   ScopedCERTCertList trust_anchors;
-  if (SupportsAdditionalTrustAnchors() && !additional_trust_anchors.empty()) {
+  if (!additional_trust_anchors.empty()) {
     trust_anchors.reset(
         CertificateListToCERTCertList(additional_trust_anchors));
   }