Revert "[wpa_supplicant] Cumulative patch from c4e90da6d"

This reverts commit 39bc25d3a79c1375de430a7918d949c1a86f70c6.

Test: Compilation
Change-Id: Iae7670429466958911b5296cb1359bceecc0b03e
Exempt-From-Owner-Approval: Revert since it's breaking the build
diff --git a/hs20/server/www/est.php b/hs20/server/www/est.php
index b7fb260..6983ec9 100644
--- a/hs20/server/www/est.php
+++ b/hs20/server/www/est.php
@@ -10,12 +10,6 @@
 unset($user);
 unset($rowid);
 
-$db = new PDO($osu_db);
-if (!$db) {
-  error_log("EST: Could not access database");
-  die("Could not access database");
-}
-
 if (!empty($_SERVER['PHP_AUTH_DIGEST'])) {
   $needed = array('nonce'=>1, 'nc'=>1, 'cnonce'=>1, 'qop'=>1, 'username'=>1,
 		  'uri'=>1, 'response'=>1);
@@ -37,6 +31,12 @@
     die('Authentication failed');
   }
 
+  $db = new PDO($osu_db);
+  if (!$db) {
+    error_log("EST: Could not access database");
+    die("Could not access database");
+  }
+
   $sql = "SELECT rowid,password,operation FROM sessions " .
     "WHERE user='$user' AND realm='$realm'";
   $q = $db->query($sql);
@@ -70,29 +70,6 @@
     error_log("EST: Incorrect authentication response for user=$user realm=$realm");
     die('Authentication failed');
   }
-} else if (isset($_SERVER["SSL_CLIENT_VERIFY"]) &&
-	   $_SERVER["SSL_CLIENT_VERIFY"] == "SUCCESS" &&
-	   isset($_SERVER["SSL_CLIENT_M_SERIAL"])) {
-  $user = "cert-" . $_SERVER["SSL_CLIENT_M_SERIAL"];
-  $sql = "SELECT rowid,password,operation FROM sessions " .
-    "WHERE user='$user' AND realm='$realm'";
-  $q = $db->query($sql);
-  if (!$q) {
-    error_log("EST: Session not found for user=$user realm=$realm");
-    die("Session not found");
-  }
-  $row = $q->fetch();
-  if (!$row) {
-    error_log("EST: Session fetch failed for user=$user realm=$realm");
-    die('Session not found');
-  }
-  $rowid = $row['rowid'];
-
-  $oper = $row['operation'];
-  if ($oper != '10') {
-    error_log("EST: Unexpected operation $oper for user=$user realm=$realm");
-    die("Session not found");
-  }
 }
 
 
@@ -115,24 +92,14 @@
   header("Content-Type: application/csrattrs");
   readfile("$osu_root/est/est-attrs.b64");
   error_log("EST: csrattrs");
-} else if ($method == "POST" &&
-           ($cmd == "simpleenroll" || $cmd == "simplereenroll")) {
-  $reenroll = $cmd == "simplereenroll";
-  if (!$reenroll && (!isset($user) || strlen($user) == 0)) {
+} else if ($method == "POST" && $cmd == "simpleenroll") {
+  if (!isset($user) || strlen($user) == 0) {
     header('HTTP/1.1 401 Unauthorized');
     header('WWW-Authenticate: Digest realm="'.$realm.
 	   '",qop="auth",nonce="'.uniqid().'",opaque="'.md5($realm).'"');
     error_log("EST: simpleenroll - require authentication");
     die('Authentication required');
   }
-  if ($reenroll &&
-      (!isset($user) ||
-       !isset($_SERVER["SSL_CLIENT_VERIFY"]) ||
-       $_SERVER["SSL_CLIENT_VERIFY"] != "SUCCESS")) {
-    header('HTTP/1.1 403 Forbidden');
-    error_log("EST: simplereenroll - require certificate authentication");
-    die('Authentication required');
-  }
   if (!isset($_SERVER["CONTENT_TYPE"])) {
     error_log("EST: simpleenroll without Content-Type");
     die("Missing Content-Type");
@@ -200,7 +167,6 @@
   }
   $der = file_get_contents($cert_der);
   $fingerprint = hash("sha256", $der);
-  error_log("EST: sha256(DER cert): $fingerprint");
 
   $pkcs7 = "$cadir/tmp/est-client.pkcs7";
   if (file_exists($pkcs7))