Google Git
Sign in
boringssl / boringssl / 9961dff055842bba9f2363c9135811dcbe22ee66^! / .
commit9961dff055842bba9f2363c9135811dcbe22ee66[log] [tgz]
authorDavid Benjamin <davidben@google.com>Fri Jun 16 16:05:49 2017 -0400
committerDavid Benjamin <davidben@google.com>Fri Jun 16 20:24:00 2017 +0000
tree8c90165e34bff0cfc04bd087f0e5ea36a847d4f7
parent0d1730ddf1a9462a8c270ac5bad1a6851eb35ae9 [diff]
Unwind V2ClientHello counters.

It does not appear removing support for these is feasible right now. :-(

Change-Id: I99521ba6c141855b5140d98bce445d7e62415661
Reviewed-on: https://boringssl-review.googlesource.com/17251
Reviewed-by: David Benjamin <davidben@google.com>

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 921ae2a..285b85c 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h

@@ -3170,10 +3170,6 @@
 OPENSSL_EXPORT int SSL_set_max_send_fragment(SSL *ssl,
                                              size_t max_send_fragment);
 
-/* SSL_get_v2clienthello_count returns the total number of V2ClientHellos that
- * are accepted. */
-OPENSSL_EXPORT uint64_t SSL_get_v2clienthello_count(void);
-
 /* ssl_early_callback_ctx (aka |SSL_CLIENT_HELLO|) is passed to certain
  * callbacks that are called very early on during the server handshake. At this
  * point, much of the SSL* hasn't been filled out and only the ClientHello can

diff --git a/ssl/handshake_server.c b/ssl/handshake_server.c
index 2915e2e..872347d 100644
--- a/ssl/handshake_server.c
+++ b/ssl/handshake_server.c

@@ -184,17 +184,6 @@
 static int ssl3_get_channel_id(SSL_HANDSHAKE *hs);
 static int ssl3_send_server_finished(SSL_HANDSHAKE *hs);
 
-static struct CRYPTO_STATIC_MUTEX g_v2clienthello_lock =
-    CRYPTO_STATIC_MUTEX_INIT;
-static uint64_t g_v2clienthello_count = 0;
-
-uint64_t SSL_get_v2clienthello_count(void) {
-  CRYPTO_STATIC_MUTEX_lock_read(&g_v2clienthello_lock);
-  uint64_t ret = g_v2clienthello_count;
-  CRYPTO_STATIC_MUTEX_unlock_read(&g_v2clienthello_lock);
-  return ret;
-}
-
 int ssl3_accept(SSL_HANDSHAKE *hs) {
   SSL *const ssl = hs->ssl;
   uint32_t alg_a;
@@ -441,12 +430,6 @@
           hs->new_session = NULL;
         }
 
-        if (hs->v2_clienthello) {
-          CRYPTO_STATIC_MUTEX_lock_write(&g_v2clienthello_lock);
-          g_v2clienthello_count++;
-          CRYPTO_STATIC_MUTEX_unlock_write(&g_v2clienthello_lock);
-        }
-
         ssl->s3->initial_handshake_complete = 1;
         ssl_update_cache(hs, SSL_SESS_CACHE_SERVER);
 

diff --git a/ssl/internal.h b/ssl/internal.h
index 24ec6ce..7843af5 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h

@@ -1124,9 +1124,6 @@
    * or received. */
   unsigned ticket_expected:1;
 
-  /* v2_clienthello is one if we received a V2ClientHello. */
-  unsigned v2_clienthello:1;
-
   /* extended_master_secret is one if the extended master secret extension is
    * negotiated in this handshake. */
   unsigned extended_master_secret:1;

diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index 1b6c3c7..65d438a 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c

@@ -678,8 +678,6 @@
   ssl_read_buffer_discard(ssl);
 
   ssl->s3->is_v2_hello = 1;
-  /* This is the first message, so hs must be non-NULL. */
-  ssl->s3->hs->v2_clienthello = 1;
   return 1;
 }