diff options
author | David Benjamin <davidben@chromium.org> | 2014-08-15 01:24:37 +0400 |
---|---|---|
committer | Adam Langley <agl@google.com> | 2014-08-18 21:25:20 +0400 |
commit | f4501347c9f709fe3dad745ac96479513a1c9a8d (patch) | |
tree | 4883c1fda61e331cd556246865c6c2990adf4038 /ssl/d1_lib.c | |
parent | 5216a931b7644a20b2a714cd80ed4bc7ae7a7d5e (diff) |
Remove default_timeout hook.
Of the remaining implementations left, ssl3_, dtls1_, and ssl23_, dtls1_ is
redundant and can be folded into ssl3_. ssl23_ actually isn't; it sets 5
minutes rather than 2 hours. Two hours seems to be what everything else uses
and seems a saner default. Most consumers seem to override it anyway
(SSL_CTX_set_timeout). But it is a behavior change.
The method is called at two points:
- SSL_get_default_timeout
- SSL_CTX_new
Incidentally, the latter call actually makes the former never called internally
and the value it returns a lie. SSL_get_default_timeout returns the default
timeout of the /current/ method, but in ssl_get_new_session, the timeout is
shadowed by session_timeout on the context. That is initialized when
SSL_CTX_new is called. So, unless you go out of your way to
SSL_CTX_set_timeout(0), it always overrides. (And it actually used to a
difference because, for SSL23, the SSL_CTX's method is SSL23, but, when session
creation happens, the SSL's method is the version-specific one.)
Change-Id: I331d3fd69b726242b36492402717b6d0b521c6ee
Reviewed-on: https://boringssl-review.googlesource.com/1521
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'ssl/d1_lib.c')
-rw-r--r-- | ssl/d1_lib.c | 7 |
1 files changed, 0 insertions, 7 deletions
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index 65cd7dad..d4c32335 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -116,13 +116,6 @@ SSL3_ENC_METHOD DTLSv1_2_enc_data={ dtls1_handshake_write }; -long dtls1_default_timeout(void) - { - /* 2 hours, the 24 hours mentioned in the DTLSv1 spec - * is way too long for http, the cache would over fill */ - return(60*60*2); - } - int dtls1_new(SSL *s) { DTLS1_STATE *d1; |