Remove default_timeout hook.

Of the remaining implementations left, ssl3_, dtls1_, and ssl23_, dtls1_ is
redundant and can be folded into ssl3_. ssl23_ actually isn't; it sets 5
minutes rather than 2 hours. Two hours seems to be what everything else uses
and seems a saner default. Most consumers seem to override it anyway
(SSL_CTX_set_timeout). But it is a behavior change.

The method is called at two points:
- SSL_get_default_timeout
- SSL_CTX_new

Incidentally, the latter call actually makes the former never called internally
and the value it returns a lie. SSL_get_default_timeout returns the default
timeout of the /current/ method, but in ssl_get_new_session, the timeout is
shadowed by session_timeout on the context. That is initialized when
SSL_CTX_new is called. So, unless you go out of your way to
SSL_CTX_set_timeout(0), it always overrides. (And it actually used to a
difference because, for SSL23, the SSL_CTX's method is SSL23, but, when session
creation happens, the SSL's method is the version-specific one.)

Change-Id: I331d3fd69b726242b36492402717b6d0b521c6ee
Reviewed-on: https://boringssl-review.googlesource.com/1521
Reviewed-by: Adam Langley <agl@google.com>

1 files changed, 0 insertions, 7 deletions

diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 65cd7dad..d4c32335 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -116,13 +116,6 @@ SSL3_ENC_METHOD DTLSv1_2_enc_data={
 	dtls1_handshake_write	
 	};
 
-long dtls1_default_timeout(void)
-	{
-	/* 2 hours, the 24 hours mentioned in the DTLSv1 spec
-	 * is way too long for http, the cache would over fill */
-	return(60*60*2);
-	}
-
 int dtls1_new(SSL *s)
 	{
 	DTLS1_STATE *d1;