Remove remnants of old OCSP stapling API.
Probably we'll want some simpler server-side API later. But, as things stand, all consumers of these functions are #ifdef'd out and have to be because the requisite OCSP_RESPONSE types are gone. Change-Id: Ic82b2ab3feca14c56656da3ceb3651819e3eb377 Reviewed-on: https://boringssl-review.googlesource.com/4551 Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
parent
9a727c21c1
commit
f32d6b292e
@ -874,11 +874,6 @@ struct ssl_ctx_st {
|
|||||||
int (*tlsext_ticket_key_cb)(SSL *ssl, uint8_t *name, uint8_t *iv,
|
int (*tlsext_ticket_key_cb)(SSL *ssl, uint8_t *name, uint8_t *iv,
|
||||||
EVP_CIPHER_CTX *ectx, HMAC_CTX *hctx, int enc);
|
EVP_CIPHER_CTX *ectx, HMAC_CTX *hctx, int enc);
|
||||||
|
|
||||||
/* certificate status request info */
|
|
||||||
/* Callback for status request */
|
|
||||||
int (*tlsext_status_cb)(SSL *ssl, void *arg);
|
|
||||||
void *tlsext_status_arg;
|
|
||||||
|
|
||||||
/* Server-only: psk_identity_hint is the default identity hint to send in
|
/* Server-only: psk_identity_hint is the default identity hint to send in
|
||||||
* PSK-based key exchanges. */
|
* PSK-based key exchanges. */
|
||||||
char *psk_identity_hint;
|
char *psk_identity_hint;
|
||||||
@ -1606,8 +1601,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
|
|||||||
#define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
|
#define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
|
||||||
#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
|
#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
|
||||||
#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
|
#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
|
||||||
#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63
|
|
||||||
#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64
|
|
||||||
|
|
||||||
#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
|
#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
|
||||||
|
|
||||||
|
@ -338,13 +338,6 @@ OPENSSL_EXPORT int SSL_get_shared_sigalgs(SSL *s, int idx, int *psign,
|
|||||||
#define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
|
#define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
|
||||||
SSL_CTX_ctrl((ctx), SSL_CTRL_SET_TLSEXT_TICKET_KEYS, (keylen), (keys))
|
SSL_CTX_ctrl((ctx), SSL_CTRL_SET_TLSEXT_TICKET_KEYS, (keylen), (keys))
|
||||||
|
|
||||||
#define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
|
|
||||||
SSL_CTX_callback_ctrl(ssl, SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB, \
|
|
||||||
(void (*)(void))cb)
|
|
||||||
|
|
||||||
#define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
|
|
||||||
SSL_CTX_ctrl(ssl, SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG, 0, (void *)arg)
|
|
||||||
|
|
||||||
#define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
|
#define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
|
||||||
SSL_CTX_callback_ctrl(ssl, SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB, \
|
SSL_CTX_callback_ctrl(ssl, SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB, \
|
||||||
(void (*)(void))cb)
|
(void (*)(void))cb)
|
||||||
|
@ -937,11 +937,6 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) {
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
|
|
||||||
ctx->tlsext_status_arg = parg;
|
|
||||||
return 1;
|
|
||||||
break;
|
|
||||||
|
|
||||||
case SSL_CTRL_SET_CURVES:
|
case SSL_CTRL_SET_CURVES:
|
||||||
return tls1_set_curves(&ctx->tlsext_ellipticcurvelist,
|
return tls1_set_curves(&ctx->tlsext_ellipticcurvelist,
|
||||||
&ctx->tlsext_ellipticcurvelist_length, parg, larg);
|
&ctx->tlsext_ellipticcurvelist_length, parg, larg);
|
||||||
@ -1051,10 +1046,6 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) {
|
|||||||
ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp;
|
ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
|
|
||||||
ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp;
|
|
||||||
break;
|
|
||||||
|
|
||||||
case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
|
case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
|
||||||
ctx->tlsext_ticket_key_cb = (int (
|
ctx->tlsext_ticket_key_cb = (int (
|
||||||
*)(SSL *, uint8_t *, uint8_t *, EVP_CIPHER_CTX *, HMAC_CTX *, int))fp;
|
*)(SSL *, uint8_t *, uint8_t *, EVP_CIPHER_CTX *, HMAC_CTX *, int))fp;
|
||||||
|
@ -1780,9 +1780,6 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth) {
|
|||||||
ret->options |= SSL_OP_NO_TICKET;
|
ret->options |= SSL_OP_NO_TICKET;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret->tlsext_status_cb = 0;
|
|
||||||
ret->tlsext_status_arg = NULL;
|
|
||||||
|
|
||||||
ret->next_protos_advertised_cb = 0;
|
ret->next_protos_advertised_cb = 0;
|
||||||
ret->next_proto_select_cb = 0;
|
ret->next_proto_select_cb = 0;
|
||||||
ret->psk_identity_hint = NULL;
|
ret->psk_identity_hint = NULL;
|
||||||
|
Loading…
Reference in New Issue
Block a user