From d0297db1085eab113f93db2b2059ce9a0c110bbe Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@chromium.org>
Date: Mon, 10 Nov 2014 12:09:44 -0500
Subject: [PATCH] Remove TODO about DTLS cookie lengths.

The limit increased from 32 to 255 between DTLS 1.0 and DTLS 1.2.

Change-Id: I329a59f9ba2bccc70282e2b47679c57b67e5ed43
Reviewed-on: https://boringssl-review.googlesource.com/2242
Reviewed-by: Adam Langley <agl@google.com>
---
 ssl/s3_srvr.c | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 01cff646..5f861a7b 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -904,12 +904,6 @@ int ssl3_get_client_hello(SSL *s)
 		{
 		CBS cookie;
 
-		/* TODO(davidben): The length check here is off. Per
-		 * spec, the maximum cookie length is 32. However, the
-		 * DTLS1_COOKIE_LENGTH check is checking against 256,
-		 * not 32 (so it's actually redundant).
-		 * 07a9d1a2c2b735cbc327065000b545deb5e136cf from
-		 * OpenSSL switched this from 32 to 256. */
 		if (!CBS_get_u8_length_prefixed(&client_hello, &cookie) ||
 			CBS_len(&cookie) > DTLS1_COOKIE_LENGTH)
 			{