Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_wpa_supplicant_8 / bf6e0baa89b80019dee7ebfbee1fc34581255a19^! / . / src / crypto / tls.h
commitbf6e0baa89b80019dee7ebfbee1fc34581255a19[log] [tgz]
authorHai Shalom <haishalom@google.com>Mon Feb 11 12:01:50 2019 -0800
committerPeiyong Lin <lpy@google.com>Mon Feb 11 22:30:04 2019 +0000
treefcd62236b41c2ce5b04923ba7a5a0213c8397ead
parent39bc25d3a79c1375de430a7918d949c1a86f70c6 [diff] [blame]
Revert "[wpa_supplicant] Cumulative patch from c4e90da6d"

This reverts commit 39bc25d3a79c1375de430a7918d949c1a86f70c6.

Test: Compilation
Change-Id: Iae7670429466958911b5296cb1359bceecc0b03e
Exempt-From-Owner-Approval: Revert since it's breaking the build

diff --git a/src/crypto/tls.h b/src/crypto/tls.h
index 413cccd..481b346 100644
--- a/src/crypto/tls.h
+++ b/src/crypto/tls.h

@@ -82,7 +82,6 @@
 	int cert_in_cb;
 	const char *openssl_ciphers;
 	unsigned int tls_session_lifetime;
-	unsigned int crl_reload_interval;
 	unsigned int tls_flags;
 
 	void (*event_cb)(void *ctx, enum tls_event ev,
@@ -104,9 +103,6 @@
 #define TLS_CONN_SUITEB BIT(11)
 #define TLS_CONN_SUITEB_NO_ECDH BIT(12)
 #define TLS_CONN_DISABLE_TLSv1_3 BIT(13)
-#define TLS_CONN_ENABLE_TLSv1_0 BIT(14)
-#define TLS_CONN_ENABLE_TLSv1_1 BIT(15)
-#define TLS_CONN_ENABLE_TLSv1_2 BIT(16)
 
 /**
  * struct tls_connection_params - Parameters for TLS connection
@@ -148,8 +144,6 @@
  * @cert_id: the certificate's id when using engine
  * @ca_cert_id: the CA certificate's id when using engine
  * @openssl_ciphers: OpenSSL cipher configuration
- * @openssl_ecdh_curves: OpenSSL ECDH curve configuration. %NULL for auto if
- *	supported, empty string to disable, or a colon-separated curve list.
  * @flags: Parameter options (TLS_CONN_*)
  * @ocsp_stapling_response: DER encoded file with cached OCSP stapling response
  *	or %NULL if OCSP is not enabled
@@ -193,7 +187,6 @@
 	const char *cert_id;
 	const char *ca_cert_id;
 	const char *openssl_ciphers;
-	const char *openssl_ecdh_curves;
 
 	unsigned int flags;
 	const char *ocsp_stapling_response;
@@ -328,11 +321,9 @@
  * @tls_ctx: TLS context data from tls_init()
  * @check_crl: 0 = do not verify CRLs, 1 = verify CRL for the user certificate,
  * 2 = verify CRL for all certificates
- * @strict: 0 = allow CRL time errors, 1 = do not allow CRL time errors
  * Returns: 0 on success, -1 on failure
  */
-int __must_check tls_global_set_verify(void *tls_ctx, int check_crl,
-				       int strict);
+int __must_check tls_global_set_verify(void *tls_ctx, int check_crl);
 
 /**
  * tls_connection_set_verify - Set certificate verification options