Remove dead code in client auth logic.

Remove dead code in client auth logic.

Both socket implementations have client auth logic to remove a session from the
session cache in case of client auth. In both cases, this doesn't do anything.
The OpenSSL one was copied from the NSS one. It was always dead code and became
a no-op when we stopped using the internal session cache (see
https://crbug.com/466352).

The NSS one dates to http://codereview.chromium.org/276037. At that time, we
returned SECFailure rather than SECWouldBlock, so the handshake would continue
and potentially poison the session cache. As of
http://codereview.chromium.org/669198, this was no longer an issue.

BUG=none

Committed: https://crrev.com/8114f805d2c7ac5692bbf8c854146196cffed11c
Cr-Commit-Position: refs/heads/master@{#322178}

[davidben, 2015-03-17 22:26:43]

davidben@chromium.org changed reviewers:
+ rsleevi@chromium.org

[Ryan Sleevi, 2015-03-19 03:17:02]

Can you link to more details about why it's unnecessary for the OpenSSl case?

The bug you mention is about the Fatal alerts, but we'll never get those for the
optional client auth case.

[davidben, 2015-03-19 04:08:58]

On 2015/03/19 03:17:02, Ryan Sleevi wrote:
> Can you link to more details about why it's unnecessary for the OpenSSl case?

Same reason it's unnecessary as the NSS case. Whenever we set
client_auth_cert_needed_, the callback returns -1, which causes the SSL_read or
SSL_do_handshake operation to fail[*]. The OpenSSL bits date to when client auth
was added to the OpenSSL port. It was adapted from the NSS port, but it wasn't
necessary in the NSS port either. It's not possible for rv == 1 and
client_auth_cert_needed_.

(Really we don't need the flag at all and should just be checking for
SSL_ERROR_WANT_X509_LOOKUP. But I'll poke at that after
https://codereview.chromium.org/1017903003/ lands.)

[*] In general, OpenSSL does not distinguish between failing and and needing
something asynchronous. Either way, the SSL_* function call returns immediately
with -1. It's up to the caller to check the retry flags (BIO) or SSL_get_error
result (SSL) to determine if it was a fatal error or something resumable.

> The bug you mention is about the Fatal alerts, but we'll never get those for
the
> optional client auth case.

SSL_CTX_remove_session never does anything because we don't use the internal
session cache and instead listen for remove_cb. Except, per that bug, remove_cb
is never called unless you *do* use the internal session cache.

[Ryan Sleevi, 2015-03-24 23:06:16]

lgtm

[davidben, 2015-03-24 23:53:18]

The CQ bit was checked by davidben@chromium.org

[commit-bot: I haz the power, 2015-03-24 23:54:18]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/1013193004/1

[commit-bot: I haz the power, 2015-03-25 02:59:55]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2015-03-25 02:59:56]

Try jobs failed on following builders:
  linux_chromium_chromeos_ozone_rel_ng on tryserver.chromium.linux (JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_...)

[davidben, 2015-03-25 15:22:46]

The CQ bit was checked by davidben@chromium.org

[commit-bot: I haz the power, 2015-03-25 15:23:03]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/1013193004/1

[commit-bot: I haz the power, 2015-03-25 17:02:44]

Committed patchset #1 (id:1)

[commit-bot: I haz the power, 2015-03-25 17:03:33]

Patchset 1 (id:??) landed as
https://crrev.com/8114f805d2c7ac5692bbf8c854146196cffed11c
Cr-Commit-Position: refs/heads/master@{#322178}