Mop up dtls1_get_ccs_header() and struct ccs_header_st.

All this code does is read one byte from memory with an unknown length,
potentially being a one byte overread... and then nothing is actually done
with the value.

ok tb@

1 files changed, 1 insertions, 5 deletions

diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 36dd255722..2610206797 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.100 2021/07/19 08:39:28 jsing Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.101 2021/07/19 08:42:24 jsing Exp $ */
 /*
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -835,10 +835,6 @@ dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
         }
 
         if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
-                struct ccs_header_st ccs_hdr;
-
-                dtls1_get_ccs_header(rr->data, &ccs_hdr);
-
                 /* 'Change Cipher Spec' is just a single byte, so we know
                  * exactly what the record payload has to look like */
                 /* XDTLS: check that epoch is consistent */