Remove SSL_CTX_set_ssl_version.

Missed this one. It requires that we be able to change an SSL_METHOD after the after, which complicates compiling the version locking into min_version / max_version configurations. Change-Id: I24ba54b7939360bbfafe3feb355a65840bda7611 Reviewed-on: https://boringssl-review.googlesource.com/2579 Reviewed-by: Adam Langley <agl@google.com>
2014-12-13 00:15:23 -05:00 · 2014-12-13 00:15:23 -05:00 · 69b9e597ae
commit 69b9e597ae
parent 7e23746dd4
2 changed files with 0 additions and 23 deletions
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@ -2022,9 +2022,6 @@ OPENSSL_EXPORT int SSL_CIPHER_has_MD5_HMAC(const SSL_CIPHER *c);
 OPENSSL_EXPORT int SSL_CIPHER_is_AESGCM(const SSL_CIPHER *c);
 OPENSSL_EXPORT int SSL_CIPHER_is_CHACHA20POLY1305(const SSL_CIPHER *c);

-/* This sets the 'default' SSL version that SSL_new() will create */
-OPENSSL_EXPORT int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
-
 OPENSSL_EXPORT const SSL_METHOD *SSLv3_method(void);		/* SSLv3 */
 OPENSSL_EXPORT const SSL_METHOD *SSLv3_server_method(void);	/* SSLv3 */
 OPENSSL_EXPORT const SSL_METHOD *SSLv3_client_method(void);	/* SSLv3 */
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@ -227,26 +227,6 @@ int SSL_clear(SSL *s)
 	return(1);
 	}

-/** Used to change an SSL_CTXs default SSL method type */
-int SSL_CTX_set_ssl_version(SSL_CTX *ctx,const SSL_METHOD *meth)
-	{
-	STACK_OF(SSL_CIPHER) *sk;
-
-	ctx->method=meth;
-
-	sk=ssl_create_cipher_list(
-		ctx->method, &ctx->cipher_list, &ctx->cipher_list_by_id,
-		SSL_DEFAULT_CIPHER_LIST,
-		ctx->cert);
-
-	if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
-		{
-		OPENSSL_PUT_ERROR(SSL, SSL_CTX_set_ssl_version, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
-		return(0);
-		}
-	return(1);
-	}
-
 SSL *SSL_new(SSL_CTX *ctx)
 	{
 	SSL *s;