Deprecate and no-op SSL_set_state.
Yes, OpenSSL lets you randomly change its internal state. This is used
as part of server-side renegotiation. Server-side renegotiation is gone.
BUG=429450
Change-Id: Ic1b013705734357acf64e8bf89a051b2b7521c64
Reviewed-on: https://boringssl-review.googlesource.com/4828
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index aee6e18..0af4599 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -2099,7 +2099,6 @@
OPENSSL_EXPORT void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl,
int type, int val);
OPENSSL_EXPORT int SSL_state(const SSL *ssl);
-OPENSSL_EXPORT void SSL_set_state(SSL *ssl, int state);
OPENSSL_EXPORT void SSL_set_verify_result(SSL *ssl, long v);
OPENSSL_EXPORT long SSL_get_verify_result(const SSL *ssl);
@@ -2404,6 +2403,9 @@
/* SSL_renegotiate put an error on the error queue and returns zero. */
OPENSSL_EXPORT int SSL_renegotiate(SSL *ssl);
+/* SSL_set_state does nothing. */
+OPENSSL_EXPORT void SSL_set_state(SSL *ssl, int state);
+
/* Android compatibility section.
*
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index cca4dd1..c3997a9 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2322,7 +2322,7 @@
int SSL_state(const SSL *ssl) { return ssl->state; }
-void SSL_set_state(SSL *ssl, int state) { ssl->state = state; }
+void SSL_set_state(SSL *ssl, int state) { }
void SSL_set_verify_result(SSL *ssl, long arg) { ssl->verify_result = arg; }