Remove support for blocking DTLS timeout handling.
The DTLS stack has two very different APIs for handling timeouts. In
non-blocking mode, timeouts are driven externally by the caller with
DTLSv1_get_timeout. In blocking mode, timeouts are driven by the BIO by
calling a BIO_ctrl with BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT.
The latter is never used by consumers, so remove support for it.
BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT implicitly depends on struct timeval
being used for timestamps, which we would like to remove. Without this,
the only public API which relies on this is the testing-only
SSL_CTX_set_current_time_cb which is BoringSSL-only and we can change at
our leisure.
BUG=155
Change-Id: Ic68fa70afab2fa9e6286b84d010eac8ddc9d2ef4
Reviewed-on: https://boringssl-review.googlesource.com/13945
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/include/openssl/bio.h b/include/openssl/bio.h
index 6ba1421..a18ad1c 100644
--- a/include/openssl/bio.h
+++ b/include/openssl/bio.h
@@ -565,12 +565,8 @@
#define BIO_CTRL_DGRAM_MTU_EXCEEDED 43 /* check whether the MTU was exceed in
the previous write operation. */
-/* BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT sets a read deadline to drive
- * retransmits. The |parg| argument to |BIO_ctrl| will be a pointer to a
- * |timeval| struct. If the structure is all zeros, it clears the read
- * deadline. Otherwise, |BIO_read| must fail with a temporary error
- * (e.g. |EAGAIN|) after the deadline. */
-#define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45
+/* BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT is unsupported as it is unused by consumers
+ * and depends on |timeval|, which is not 2038-clean on all platforms. */
#define BIO_CTRL_DGRAM_GET_PEER 46
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index a018f84..5b88bb2 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -241,8 +241,8 @@
* takes ownership of the two |BIO|s. If |rbio| and |wbio| are the same, |ssl|
* only takes ownership of one reference.
*
- * In DTLS, if |rbio| is blocking, it must handle
- * |BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT| control requests to set read timeouts.
+ * In DTLS, |rbio| must be non-blocking to properly handle timeouts and
+ * retransmits.
*
* If |rbio| is the same as the currently configured |BIO| for reading, that
* side is left untouched and is not freed.
@@ -322,12 +322,11 @@
* returns <= 0. The caller should pass the value into |SSL_get_error| to
* determine how to proceed.
*
- * In DTLS, if the read |BIO| is non-blocking, the caller must drive
- * retransmissions. Whenever |SSL_get_error| signals |SSL_ERROR_WANT_READ|, use
- * |DTLSv1_get_timeout| to determine the current timeout. If it expires before
- * the next retry, call |DTLSv1_handle_timeout|. Note that DTLS handshake
- * retransmissions use fresh sequence numbers, so it is not sufficient to replay
- * packets at the transport.
+ * In DTLS, the caller must drive retransmissions. Whenever |SSL_get_error|
+ * signals |SSL_ERROR_WANT_READ|, use |DTLSv1_get_timeout| to determine the
+ * current timeout. If it expires before the next retry, call
+ * |DTLSv1_handle_timeout|. Note that DTLS handshake retransmissions use fresh
+ * sequence numbers, so it is not sufficient to replay packets at the transport.
*
* TODO(davidben): Ensure 0 is only returned on transport EOF.
* https://crbug.com/466303. */
