diff options
| author | David Benjamin <davidben@chromium.org> | 2014-11-07 00:48:32 -0500 |
|---|---|---|
| committer | Adam Langley <agl@google.com> | 2014-11-10 22:39:24 +0000 |
| commit | 60e799276419e843b6af13de69f26582a97ed67e (patch) | |
| tree | 6f8cf423e03eeb46df8266f828876bad03ecfa9d /include | |
| parent | b044020f84803dca2878b84e314b4f74f13d4c80 (diff) | |
| download | boringssl-60e799276419e843b6af13de69f26582a97ed67e.zip boringssl-60e799276419e843b6af13de69f26582a97ed67e.tar.gz boringssl-60e799276419e843b6af13de69f26582a97ed67e.tar.bz2 | |
Remove DTLSv1_listen.
This was added in http://rt.openssl.org/Ticket/Display.html?id=2033 to support
a mode where a DTLS socket would statelessly perform the ClientHello /
HelloVerifyRequest portion of the handshake, to be handed off to a socket
specific to this peer address.
This is not used by WebRTC or other current consumers. If we need to support
something like this, it would be cleaner to do the listen portion (cookieless
ClientHello + HelloVerifyRequest) externally and then spin up an SSL instance
on receipt of a cookied ClientHello. This would require a slightly more complex
BIO to replay the second ClientHello but would avoid peppering the DTLS
handshake state with a special short-circuiting mode.
Change-Id: I7a413932edfb62f8b9368912a9a0621d4155f1aa
Reviewed-on: https://boringssl-review.googlesource.com/2220
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'include')
| -rw-r--r-- | include/openssl/dtls1.h | 3 | ||||
| -rw-r--r-- | include/openssl/ssl.h | 3 |
2 files changed, 0 insertions, 6 deletions
diff --git a/include/openssl/dtls1.h b/include/openssl/dtls1.h index a9e3ada..2069aed 100644 --- a/include/openssl/dtls1.h +++ b/include/openssl/dtls1.h @@ -209,9 +209,6 @@ typedef struct dtls1_state_st */ record_pqueue buffered_app_data; - /* Is set when listening for new connections with dtls1_listen() */ - unsigned int listen; - unsigned int mtu; /* max DTLS packet size */ struct hm_header_st w_msg_hdr; diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 31ff5db..a08b412 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1645,7 +1645,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define DTLS_CTRL_GET_TIMEOUT 73 #define DTLS_CTRL_HANDLE_TIMEOUT 74 -#define DTLS_CTRL_LISTEN 75 #define SSL_CTRL_GET_RI_SUPPORT 76 #define SSL_CTRL_CLEAR_OPTIONS 77 @@ -1690,8 +1689,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg) #define DTLSv1_handle_timeout(ssl) \ SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL) -#define DTLSv1_listen(ssl, peer) \ - SSL_ctrl(ssl,DTLS_CTRL_LISTEN,0, (void *)peer) #define SSL_session_reused(ssl) \ SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL) |