Remove SSL_get_shared_ciphers.

This removes the need to track the client cipher list in the SSL_SESSION. It also eliminates a field in SSL_SESSION that wasn't serialized by i2d_SSL_SESSION. It's only used to implement SSL_get_shared_ciphers which is only used by debug code. Moreover, it doesn't work anyway. The SSLv2 logic pruned that field to the common ciphers, but the SSLv3+ logic just stores the client list as-is. I found no internal callers that were actually compiled (if need be we can stub in something that always returns the empty string or so). Change-Id: I55ad45964fb4037fd623f7591bc574b2983c0698 Reviewed-on: https://boringssl-review.googlesource.com/1866 Reviewed-by: Adam Langley <agl@google.com>
author: David Benjamin <davidben@chromium.org> 2014-10-01 09:21:51 +0400
committer: Adam Langley <agl@google.com> 2014-10-01 22:59:14 +0400
commit: 180d1eb04c8f9205187d22c9f5187985cedf1177 (patch)
tree: 0abfd7b96a1519418892aa734a6bce37cd95b61f /ssl/ssl_sess.c
parent: 176b70efd1be70afa62369ecd6ee1f356acdec9a (diff)
1 files changed, 0 insertions, 1 deletions
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 7fd17248..c8de7783 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -707,7 +707,6 @@ void SSL_SESSION_free(SSL_SESSION *ss)
 	OPENSSL_cleanse(ss->session_id,sizeof ss->session_id);
 	if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert);
 	if (ss->peer != NULL) X509_free(ss->peer);
-	if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers);
 	if (ss->tlsext_hostname != NULL) OPENSSL_free(ss->tlsext_hostname);
 	if (ss->tlsext_tick != NULL) OPENSSL_free(ss->tlsext_tick);
 	ss->tlsext_ecpointformatlist_length = 0;
author	David Benjamin <davidben@chromium.org>	2014-10-01 09:21:51 +0400
committer	Adam Langley <agl@google.com>	2014-10-01 22:59:14 +0400
commit	180d1eb04c8f9205187d22c9f5187985cedf1177 (patch)
tree	0abfd7b96a1519418892aa734a6bce37cd95b61f /ssl/ssl_sess.c
parent	176b70efd1be70afa62369ecd6ee1f356acdec9a (diff)