diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index f78c819a..ff23010e 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1333,10 +1333,6 @@ struct ssl_st { int client_version; /* what was passed, used for * SSLv3/TLS rollback check */ unsigned int max_send_fragment; - /* TLS extension debug callback */ - void (*tlsext_debug_cb)(SSL *s, int client_server, int type, uint8_t *data, - int len, void *arg); - void *tlsext_debug_arg; char *tlsext_hostname; /* should_ack_sni is true if the SNI extension should be acked. This is * only used by a server. */ @@ -1608,8 +1604,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53 #define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54 #define SSL_CTRL_SET_TLSEXT_HOSTNAME 55 -#define SSL_CTRL_SET_TLSEXT_DEBUG_CB 56 -#define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57 #define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58 #define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63 diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h index 98374cf2..3e3f8122 100644 --- a/include/openssl/tls1.h +++ b/include/openssl/tls1.h @@ -321,12 +321,6 @@ OPENSSL_EXPORT int SSL_get_shared_sigalgs(SSL *s, int idx, int *psign, SSL_ctrl(s, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, \ (char *)name) -#define SSL_set_tlsext_debug_callback(ssl, cb) \ - SSL_callback_ctrl(ssl, SSL_CTRL_SET_TLSEXT_DEBUG_CB, (void (*)(void))cb) - -#define SSL_set_tlsext_debug_arg(ssl, arg) \ - SSL_ctrl(ssl, SSL_CTRL_SET_TLSEXT_DEBUG_ARG, 0, (void *)arg) - #define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \ SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TLSEXT_SERVERNAME_CB, \ (void (*)(void))cb) diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 76441d04..3538459a 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -687,11 +687,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) { } break; - case SSL_CTRL_SET_TLSEXT_DEBUG_ARG: - s->tlsext_debug_arg = parg; - ret = 1; - break; - case SSL_CTRL_CHAIN: if (larg) { return ssl_cert_set1_chain(s->cert, (STACK_OF(X509) *)parg); @@ -852,11 +847,6 @@ long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void)) { s->cert->ecdh_tmp_cb = (EC_KEY * (*)(SSL *, int, int))fp; break; - case SSL_CTRL_SET_TLSEXT_DEBUG_CB: - s->tlsext_debug_cb = - (void (*)(SSL *, int, int, uint8_t *, int, void *))fp; - break; - default: break; } diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 696b13b7..36841113 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -292,8 +292,6 @@ SSL *SSL_new(SSL_CTX *ctx) { CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX); s->ctx = ctx; - s->tlsext_debug_cb = 0; - s->tlsext_debug_arg = NULL; s->tlsext_ticket_expected = 0; CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX); s->initial_ctx = ctx; diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 4be839c4..59abae01 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1411,11 +1411,6 @@ static int ssl_scan_clienthello_tlsext(SSL *s, CBS *cbs, int *out_alert) { return 0; } - if (s->tlsext_debug_cb) { - s->tlsext_debug_cb(s, 0, type, (uint8_t *)CBS_data(&extension), - CBS_len(&extension), s->tlsext_debug_arg); - } - /* The servername extension is treated as follows: - Only the hostname type is supported with a maximum length of 255. @@ -1742,11 +1737,6 @@ static int ssl_scan_serverhello_tlsext(SSL *s, CBS *cbs, int *out_alert) { return 0; } - if (s->tlsext_debug_cb) { - s->tlsext_debug_cb(s, 1, type, (uint8_t *)CBS_data(&extension), - CBS_len(&extension), s->tlsext_debug_arg); - } - if (type == TLSEXT_TYPE_server_name) { /* The extension must be empty. */ if (CBS_len(&extension) != 0) {