Remove ciphers_raw.
With SSL_get0_raw_cipherlist gone, there's no need to hold onto it.
Change-Id: I258f8bfe21cc354211a777660df680df6c49df2a
Reviewed-on: https://boringssl-review.googlesource.com/4616
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/internal.h b/ssl/internal.h
index d1e667d..beeebb3 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -509,10 +509,6 @@
* If NULL the parent SSL_CTX store is used instead. */
X509_STORE *chain_store;
X509_STORE *verify_store;
-
- /* Raw values of the cipher list from a client */
- uint8_t *ciphers_raw;
- size_t ciphers_rawlen;
} CERT;
typedef struct sess_cert_st {
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 7b48ed8..6a4526e 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -324,7 +324,6 @@
OPENSSL_free(c->client_certificate_types);
X509_STORE_free(c->verify_store);
X509_STORE_free(c->chain_store);
- OPENSSL_free(c->ciphers_raw);
OPENSSL_free(c);
}
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 5fd70ba..a6d2587 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1307,12 +1307,6 @@
goto err;
}
- if (!CBS_stow(&cipher_suites, &s->cert->ciphers_raw,
- &s->cert->ciphers_rawlen)) {
- OPENSSL_PUT_ERROR(SSL, ssl_bytes_to_cipher_list, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
while (CBS_len(&cipher_suites) > 0) {
uint16_t cipher_suite;