ssl: remove SSL_set_read_ahead for DTLS mode

since it has no impact for DTLS: https://docs.openssl.org/1.1.1/man3/SSL_CTX_set_read_ahead/ BUG=webrtc:353750117 Change-Id: I09d135aa69471af9d2feaf82e35625da3ae2e247 Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/361220 Commit-Queue: Philipp Hancke <phancke@meta.com> Reviewed-by: Harald Alvestrand <hta@webrtc.org> Reviewed-by: David Benjamin <davidben@webrtc.org> Cr-Commit-Position: refs/heads/main@{#42950}
2024-08-31 13:41:12 -07:00 · 2024-08-31 13:41:12 -07:00 · 8480808c2f
commit 8480808c2f
parent af8f6264ca
2 changed files with 2 additions and 10 deletions
--- a/rtc_base/openssl_adapter.cc
+++ b/rtc_base/openssl_adapter.cc
@ -1000,10 +1000,6 @@ SSL_CTX* OpenSSLAdapter::CreateContext(SSLMode mode,
  SSL_CTX_set_cipher_list(
      ctx, "ALL:!SHA256:!SHA384:!aPSK:!ECDSA+SHA1:!ADH:!LOW:!EXP:!MD5:!3DES");

-  if (mode == SSL_MODE_DTLS) {
-    SSL_CTX_set_read_ahead(ctx, 1);
-  }
-
  if (enable_cache) {
    SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_CLIENT);
    SSL_CTX_sess_set_new_cb(ctx, &OpenSSLAdapter::NewSSLSessionCallback);
--- a/rtc_base/openssl_stream_adapter.cc
+++ b/rtc_base/openssl_stream_adapter.cc
@ -874,15 +874,11 @@ int OpenSSLStreamAdapter::BeginSSL() {
  SSL_set_app_data(ssl_, this);

  SSL_set_bio(ssl_, bio, bio);  // the SSL object owns the bio now.
-  if (ssl_mode_ == SSL_MODE_DTLS) {
 #ifdef OPENSSL_IS_BORINGSSL
+  if (ssl_mode_ == SSL_MODE_DTLS) {
    DTLSv1_set_initial_timeout_duration(ssl_, dtls_handshake_timeout_ms_);
-#else
-    // Enable read-ahead for DTLS so whole packets are read from internal BIO
-    // before parsing. This is done internally by BoringSSL for DTLS.
-    SSL_set_read_ahead(ssl_, 1);
-#endif
  }
+#endif

  SSL_set_mode(ssl_, SSL_MODE_ENABLE_PARTIAL_WRITE |
                         SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);