Remove SSL_set_fallback_version.

Ding-dong the fallback's dead.
https://mailarchive.ietf.org/arch/msg/tls/xfCh7D7hISFs5x-eA0xHwksoLrc

Also we'll need to tweak the versioning code slightly to implement
supported_versions and it's nice to have this out of the way.

Change-Id: I0961e19ea56b4afd828f6f48858ac6310129503d
Reviewed-on: https://boringssl-review.googlesource.com/11120
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

ssl/ssl_lib.c

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 1e1f752..aa03999 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -965,10 +965,6 @@
   ssl->max_version = ssl->method->version_from_wire(version);
 }
 
-void SSL_set_fallback_version(SSL *ssl, uint16_t version) {
-  ssl->fallback_version = ssl->method->version_from_wire(version);
-}
-
 uint32_t SSL_CTX_set_options(SSL_CTX *ctx, uint32_t options) {
   ctx->options |= options;
   return ctx->options;
@@ -2682,9 +2678,8 @@
 
 static const size_t kVersionsLen = OPENSSL_ARRAY_SIZE(kVersions);
 
-int ssl_get_full_version_range(const SSL *ssl, uint16_t *out_min_version,
-                               uint16_t *out_fallback_version,
-                               uint16_t *out_max_version) {
+int ssl_get_version_range(const SSL *ssl, uint16_t *out_min_version,
+                          uint16_t *out_max_version) {
   /* For historical reasons, |SSL_OP_NO_DTLSv1| aliases |SSL_OP_NO_TLSv1|, but
    * DTLS 1.0 should be mapped to TLS 1.1. */
   uint32_t options = ssl->options;
@@ -2743,32 +2738,16 @@
     }
   }
 
-  uint16_t fallback_version = max_version;
-  if (ssl->fallback_version != 0 && ssl->fallback_version < fallback_version) {
-    fallback_version = ssl->fallback_version;
-  }
-
-  if (!any_enabled || fallback_version < min_version) {
+  if (!any_enabled) {
     OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_SSL_VERSION);
     return 0;
   }
 
   *out_min_version = min_version;
-  *out_fallback_version = fallback_version;
   *out_max_version = max_version;
   return 1;
 }
 
-int ssl_get_version_range(const SSL *ssl, uint16_t *out_min_version,
-                          uint16_t *out_effective_max_version) {
-  /* This function returns the effective maximum version and not the fallback
-   * version. */
-  uint16_t real_max_version_unused;
-  return ssl_get_full_version_range(ssl, out_min_version,
-                                    out_effective_max_version,
-                                    &real_max_version_unused);
-}
-
 uint16_t ssl3_protocol_version(const SSL *ssl) {
   assert(ssl->s3->have_version);
   return ssl->method->version_from_wire(ssl->version);