kris
/
boringssl
1
0
Форкнуть 0
Код Задачи 0 Pull Request'ы 0 Релизы 0 Вики Активность
Вы не можете выбрать более 25 тем Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.
5667 коммитов
12 Ветки
38 MiB
Дерево: 9978f0a865
Ветки Теги
${ item.name }
Создать ветку ${ searchTerm }
из '9978f0a865'
${ noResults }
boringssl/include/openssl/opensslconf.h

opensslconf.h 2.0 KiB
Исходник Обычный вид История

Add <opensslfeatures.h> to ease migration from OpenSSL. The <opensslfeatures.h> header provides #defines which are normally declared by OpenSSL when features are disabled. This way applications are able to detect which features were removed from BoringSSL and use it as drop-in replacement for OpenSSL. Inspired by LibreSSL, which provides similar header. Change-Id: If4352743fd938267e2640fb09ca851464b9240b9 Signed-off-by: Piotr Sikora <piotr@cloudflare.com> Reviewed-on: https://boringssl-review.googlesource.com/1191 Reviewed-by: Adam Langley <agl@google.com>
10 лет назад
Rename opensslfeatures.h to opensslconf.h. Some software #includes opensslconf.h which typically contains settings that we put in opensslfeatures.h (a header name not in OpenSSL). Rename it to opensslconf.h. Change-Id: Icd21dde172e5e489ce90dd5c16ae4d2696909fb6 Reviewed-on: https://boringssl-review.googlesource.com/7216 Reviewed-by: Adam Langley <agl@google.com>
8 лет назад
Add <opensslfeatures.h> to ease migration from OpenSSL. The <opensslfeatures.h> header provides #defines which are normally declared by OpenSSL when features are disabled. This way applications are able to detect which features were removed from BoringSSL and use it as drop-in replacement for OpenSSL. Inspired by LibreSSL, which provides similar header. Change-Id: If4352743fd938267e2640fb09ca851464b9240b9 Signed-off-by: Piotr Sikora <piotr@cloudflare.com> Reviewed-on: https://boringssl-review.googlesource.com/1191 Reviewed-by: Adam Langley <agl@google.com>
10 лет назад
Switch OPENSSL_VERSION_NUMBER to 1.1.0. Although we are derived from 1.0.2, we mimic 1.1.0 in some ways around our FOO_up_ref functions and opaque libssl types. This causes some difficulties when porting third-party code as any OPENSSL_VERSION_NUMBER checks for 1.1.0 APIs we have will be wrong. Moreover, adding accessors without changing OPENSSL_VERSION_NUMBER can break external projects. It is common to implement a compatibility version of an accessor under #ifdef as a static function. This then conflicts with our headers if we, unlike OpenSSL 1.0.2, have this function. This change switches OPENSSL_VERSION_NUMBER to 1.1.0 and atomically adds enough accessors for software with 1.1.0 support already. The hope is this will unblock hiding SSL_CTX and SSL_SESSION, which will be especially useful with C++-ficiation. The cost is we will hit some growing pains as more 1.1.0 consumers enter the ecosystem and we converge on the right set of APIs to import from upstream. It does not remove any 1.0.2 APIs, so we will not require that all projects support 1.1.0. The exception is APIs which changed in 1.1.0 but did not change the function signature. Those are breaking changes. Specifically: - SSL_CTX_sess_set_get_cb is now const-correct. - X509_get0_signature is now const-correct. For C++ consumers only, this change temporarily includes an overload hack for SSL_CTX_sess_set_get_cb that keeps the old callback working. This is a workaround for Node not yet supporting OpenSSL 1.1.0. The version number is set at (the as yet unreleased) 1.1.0g to denote that this change includes https://github.com/openssl/openssl/pull/4384. Bug: 91 Change-Id: I5eeb27448a6db4c25c244afac37f9604d9608a76 Reviewed-on: https://boringssl-review.googlesource.com/10340 Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
8 лет назад
Add <opensslfeatures.h> to ease migration from OpenSSL. The <opensslfeatures.h> header provides #defines which are normally declared by OpenSSL when features are disabled. This way applications are able to detect which features were removed from BoringSSL and use it as drop-in replacement for OpenSSL. Inspired by LibreSSL, which provides similar header. Change-Id: If4352743fd938267e2640fb09ca851464b9240b9 Signed-off-by: Piotr Sikora <piotr@cloudflare.com> Reviewed-on: https://boringssl-review.googlesource.com/1191 Reviewed-by: Adam Langley <agl@google.com>
10 лет назад
Switch OPENSSL_VERSION_NUMBER to 1.1.0. Although we are derived from 1.0.2, we mimic 1.1.0 in some ways around our FOO_up_ref functions and opaque libssl types. This causes some difficulties when porting third-party code as any OPENSSL_VERSION_NUMBER checks for 1.1.0 APIs we have will be wrong. Moreover, adding accessors without changing OPENSSL_VERSION_NUMBER can break external projects. It is common to implement a compatibility version of an accessor under #ifdef as a static function. This then conflicts with our headers if we, unlike OpenSSL 1.0.2, have this function. This change switches OPENSSL_VERSION_NUMBER to 1.1.0 and atomically adds enough accessors for software with 1.1.0 support already. The hope is this will unblock hiding SSL_CTX and SSL_SESSION, which will be especially useful with C++-ficiation. The cost is we will hit some growing pains as more 1.1.0 consumers enter the ecosystem and we converge on the right set of APIs to import from upstream. It does not remove any 1.0.2 APIs, so we will not require that all projects support 1.1.0. The exception is APIs which changed in 1.1.0 but did not change the function signature. Those are breaking changes. Specifically: - SSL_CTX_sess_set_get_cb is now const-correct. - X509_get0_signature is now const-correct. For C++ consumers only, this change temporarily includes an overload hack for SSL_CTX_sess_set_get_cb that keeps the old callback working. This is a workaround for Node not yet supporting OpenSSL 1.1.0. The version number is set at (the as yet unreleased) 1.1.0g to denote that this change includes https://github.com/openssl/openssl/pull/4384. Bug: 91 Change-Id: I5eeb27448a6db4c25c244afac37f9604d9608a76 Reviewed-on: https://boringssl-review.googlesource.com/10340 Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
8 лет назад
Set OPENSSL_NO_BUF_FREELISTS The memory freelist maintained by OpenSSL claims to be a performance optimization for platforms that have a slow malloc/free implementation. This should not be the case on modern linux/glibc. Remove the freelist as it poses a potential security hazard of buffer-reuse that is of "initialized" memory that will not be caught be tools such as valgrind. Change-Id: I3cfa6a05f9bdfbbba7820060bae5a673dee43014 Reviewed-on: https://boringssl-review.googlesource.com/1385 Reviewed-by: Adam Langley <agl@google.com>
10 лет назад
Add <opensslfeatures.h> to ease migration from OpenSSL. The <opensslfeatures.h> header provides #defines which are normally declared by OpenSSL when features are disabled. This way applications are able to detect which features were removed from BoringSSL and use it as drop-in replacement for OpenSSL. Inspired by LibreSSL, which provides similar header. Change-Id: If4352743fd938267e2640fb09ca851464b9240b9 Signed-off-by: Piotr Sikora <piotr@cloudflare.com> Reviewed-on: https://boringssl-review.googlesource.com/1191 Reviewed-by: Adam Langley <agl@google.com>
10 лет назад
Define more OPENSSL_NO_xxx flags in opensslfeatures.h. Change-Id: I464159dd03a2ea9a5e01452888fda86a5af51024 Reviewed-on: https://boringssl-review.googlesource.com/3924 Reviewed-by: Adam Langley <agl@google.com>
9 лет назад
Add <opensslfeatures.h> to ease migration from OpenSSL. The <opensslfeatures.h> header provides #defines which are normally declared by OpenSSL when features are disabled. This way applications are able to detect which features were removed from BoringSSL and use it as drop-in replacement for OpenSSL. Inspired by LibreSSL, which provides similar header. Change-Id: If4352743fd938267e2640fb09ca851464b9240b9 Signed-off-by: Piotr Sikora <piotr@cloudflare.com> Reviewed-on: https://boringssl-review.googlesource.com/1191 Reviewed-by: Adam Langley <agl@google.com>
10 лет назад
Switch OPENSSL_VERSION_NUMBER to 1.1.0. Although we are derived from 1.0.2, we mimic 1.1.0 in some ways around our FOO_up_ref functions and opaque libssl types. This causes some difficulties when porting third-party code as any OPENSSL_VERSION_NUMBER checks for 1.1.0 APIs we have will be wrong. Moreover, adding accessors without changing OPENSSL_VERSION_NUMBER can break external projects. It is common to implement a compatibility version of an accessor under #ifdef as a static function. This then conflicts with our headers if we, unlike OpenSSL 1.0.2, have this function. This change switches OPENSSL_VERSION_NUMBER to 1.1.0 and atomically adds enough accessors for software with 1.1.0 support already. The hope is this will unblock hiding SSL_CTX and SSL_SESSION, which will be especially useful with C++-ficiation. The cost is we will hit some growing pains as more 1.1.0 consumers enter the ecosystem and we converge on the right set of APIs to import from upstream. It does not remove any 1.0.2 APIs, so we will not require that all projects support 1.1.0. The exception is APIs which changed in 1.1.0 but did not change the function signature. Those are breaking changes. Specifically: - SSL_CTX_sess_set_get_cb is now const-correct. - X509_get0_signature is now const-correct. For C++ consumers only, this change temporarily includes an overload hack for SSL_CTX_sess_set_get_cb that keeps the old callback working. This is a workaround for Node not yet supporting OpenSSL 1.1.0. The version number is set at (the as yet unreleased) 1.1.0g to denote that this change includes https://github.com/openssl/openssl/pull/4384. Bug: 91 Change-Id: I5eeb27448a6db4c25c244afac37f9604d9608a76 Reviewed-on: https://boringssl-review.googlesource.com/10340 Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
8 лет назад
Add <opensslfeatures.h> to ease migration from OpenSSL. The <opensslfeatures.h> header provides #defines which are normally declared by OpenSSL when features are disabled. This way applications are able to detect which features were removed from BoringSSL and use it as drop-in replacement for OpenSSL. Inspired by LibreSSL, which provides similar header. Change-Id: If4352743fd938267e2640fb09ca851464b9240b9 Signed-off-by: Piotr Sikora <piotr@cloudflare.com> Reviewed-on: https://boringssl-review.googlesource.com/1191 Reviewed-by: Adam Langley <agl@google.com>
10 лет назад
Switch OPENSSL_VERSION_NUMBER to 1.1.0. Although we are derived from 1.0.2, we mimic 1.1.0 in some ways around our FOO_up_ref functions and opaque libssl types. This causes some difficulties when porting third-party code as any OPENSSL_VERSION_NUMBER checks for 1.1.0 APIs we have will be wrong. Moreover, adding accessors without changing OPENSSL_VERSION_NUMBER can break external projects. It is common to implement a compatibility version of an accessor under #ifdef as a static function. This then conflicts with our headers if we, unlike OpenSSL 1.0.2, have this function. This change switches OPENSSL_VERSION_NUMBER to 1.1.0 and atomically adds enough accessors for software with 1.1.0 support already. The hope is this will unblock hiding SSL_CTX and SSL_SESSION, which will be especially useful with C++-ficiation. The cost is we will hit some growing pains as more 1.1.0 consumers enter the ecosystem and we converge on the right set of APIs to import from upstream. It does not remove any 1.0.2 APIs, so we will not require that all projects support 1.1.0. The exception is APIs which changed in 1.1.0 but did not change the function signature. Those are breaking changes. Specifically: - SSL_CTX_sess_set_get_cb is now const-correct. - X509_get0_signature is now const-correct. For C++ consumers only, this change temporarily includes an overload hack for SSL_CTX_sess_set_get_cb that keeps the old callback working. This is a workaround for Node not yet supporting OpenSSL 1.1.0. The version number is set at (the as yet unreleased) 1.1.0g to denote that this change includes https://github.com/openssl/openssl/pull/4384. Bug: 91 Change-Id: I5eeb27448a6db4c25c244afac37f9604d9608a76 Reviewed-on: https://boringssl-review.googlesource.com/10340 Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
8 лет назад
Add <opensslfeatures.h> to ease migration from OpenSSL. The <opensslfeatures.h> header provides #defines which are normally declared by OpenSSL when features are disabled. This way applications are able to detect which features were removed from BoringSSL and use it as drop-in replacement for OpenSSL. Inspired by LibreSSL, which provides similar header. Change-Id: If4352743fd938267e2640fb09ca851464b9240b9 Signed-off-by: Piotr Sikora <piotr@cloudflare.com> Reviewed-on: https://boringssl-review.googlesource.com/1191 Reviewed-by: Adam Langley <agl@google.com>
10 лет назад
Define more OPENSSL_NO_xxx flags in opensslfeatures.h. Change-Id: I464159dd03a2ea9a5e01452888fda86a5af51024 Reviewed-on: https://boringssl-review.googlesource.com/3924 Reviewed-by: Adam Langley <agl@google.com>
9 лет назад
Switch OPENSSL_VERSION_NUMBER to 1.1.0. Although we are derived from 1.0.2, we mimic 1.1.0 in some ways around our FOO_up_ref functions and opaque libssl types. This causes some difficulties when porting third-party code as any OPENSSL_VERSION_NUMBER checks for 1.1.0 APIs we have will be wrong. Moreover, adding accessors without changing OPENSSL_VERSION_NUMBER can break external projects. It is common to implement a compatibility version of an accessor under #ifdef as a static function. This then conflicts with our headers if we, unlike OpenSSL 1.0.2, have this function. This change switches OPENSSL_VERSION_NUMBER to 1.1.0 and atomically adds enough accessors for software with 1.1.0 support already. The hope is this will unblock hiding SSL_CTX and SSL_SESSION, which will be especially useful with C++-ficiation. The cost is we will hit some growing pains as more 1.1.0 consumers enter the ecosystem and we converge on the right set of APIs to import from upstream. It does not remove any 1.0.2 APIs, so we will not require that all projects support 1.1.0. The exception is APIs which changed in 1.1.0 but did not change the function signature. Those are breaking changes. Specifically: - SSL_CTX_sess_set_get_cb is now const-correct. - X509_get0_signature is now const-correct. For C++ consumers only, this change temporarily includes an overload hack for SSL_CTX_sess_set_get_cb that keeps the old callback working. This is a workaround for Node not yet supporting OpenSSL 1.1.0. The version number is set at (the as yet unreleased) 1.1.0g to denote that this change includes https://github.com/openssl/openssl/pull/4384. Bug: 91 Change-Id: I5eeb27448a6db4c25c244afac37f9604d9608a76 Reviewed-on: https://boringssl-review.googlesource.com/10340 Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
8 лет назад
Add <opensslfeatures.h> to ease migration from OpenSSL. The <opensslfeatures.h> header provides #defines which are normally declared by OpenSSL when features are disabled. This way applications are able to detect which features were removed from BoringSSL and use it as drop-in replacement for OpenSSL. Inspired by LibreSSL, which provides similar header. Change-Id: If4352743fd938267e2640fb09ca851464b9240b9 Signed-off-by: Piotr Sikora <piotr@cloudflare.com> Reviewed-on: https://boringssl-review.googlesource.com/1191 Reviewed-by: Adam Langley <agl@google.com>
10 лет назад
Define more OPENSSL_NO_xxx flags in opensslfeatures.h. Change-Id: I464159dd03a2ea9a5e01452888fda86a5af51024 Reviewed-on: https://boringssl-review.googlesource.com/3924 Reviewed-by: Adam Langley <agl@google.com>
9 лет назад
Add <opensslfeatures.h> to ease migration from OpenSSL. The <opensslfeatures.h> header provides #defines which are normally declared by OpenSSL when features are disabled. This way applications are able to detect which features were removed from BoringSSL and use it as drop-in replacement for OpenSSL. Inspired by LibreSSL, which provides similar header. Change-Id: If4352743fd938267e2640fb09ca851464b9240b9 Signed-off-by: Piotr Sikora <piotr@cloudflare.com> Reviewed-on: https://boringssl-review.googlesource.com/1191 Reviewed-by: Adam Langley <agl@google.com>
10 лет назад
Remove remaining remnants of RIPEMD-160 support. Change-Id: I59d06bcb9245ba93d3c3b63afbc24d6cef7c5af4 Reviewed-on: https://boringssl-review.googlesource.com/3925 Reviewed-by: Adam Langley <agl@google.com>
9 лет назад
Add <opensslfeatures.h> to ease migration from OpenSSL. The <opensslfeatures.h> header provides #defines which are normally declared by OpenSSL when features are disabled. This way applications are able to detect which features were removed from BoringSSL and use it as drop-in replacement for OpenSSL. Inspired by LibreSSL, which provides similar header. Change-Id: If4352743fd938267e2640fb09ca851464b9240b9 Signed-off-by: Piotr Sikora <piotr@cloudflare.com> Reviewed-on: https://boringssl-review.googlesource.com/1191 Reviewed-by: Adam Langley <agl@google.com>
10 лет назад
Disable SSLv3 by default. As a precursor to removing the code entirely later, disable the protocol by default. Callers must use SSL_CTX_set_min_version to enable it. This change also makes SSLv3_method *not* enable SSL 3.0. Normally version-specific methods set the minimum and maximum version to their version. SSLv3_method leaves the minimum at the default, so we will treat it as all versions disabled. To help debugging, the error code is switched from WRONG_SSL_VERSION to a new NO_SUPPORTED_VERSIONS_ENABLED. This also defines OPENSSL_NO_SSL3 and OPENSSL_NO_SSL3_METHOD to kick in any no-ssl3 build paths in consumers which should provide a convenient hook for any upstreaming changes that may be needed. (OPENSSL_NO_SSL3 existed in older versions of OpenSSL, so in principle one may encounter an OpenSSL with the same settings.) Change-Id: I96a8f2f568eb77b2537b3a774b2f7108bd67dd0c Reviewed-on: https://boringssl-review.googlesource.com/14031 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Add <opensslfeatures.h> to ease migration from OpenSSL. The <opensslfeatures.h> header provides #defines which are normally declared by OpenSSL when features are disabled. This way applications are able to detect which features were removed from BoringSSL and use it as drop-in replacement for OpenSSL. Inspired by LibreSSL, which provides similar header. Change-Id: If4352743fd938267e2640fb09ca851464b9240b9 Signed-off-by: Piotr Sikora <piotr@cloudflare.com> Reviewed-on: https://boringssl-review.googlesource.com/1191 Reviewed-by: Adam Langley <agl@google.com>
10 лет назад
Run comment conversion script on include/ ssl is all that's left. Will do that once that's at a quiet point. Change-Id: Ia183aed5671e3b2de333def138d7f2c9296fb517 Reviewed-on: https://boringssl-review.googlesource.com/19564 Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667 
  1. /* Copyright (c) 2014, Google Inc.

  2.  *

  3.  * Permission to use, copy, modify, and/or distribute this software for any

  4.  * purpose with or without fee is hereby granted, provided that the above

  5.  * copyright notice and this permission notice appear in all copies.

  6.  *

  7.  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

  8.  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

  9.  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY

  10.  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

  11.  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION

  12.  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN

  13.  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

  14. 

  15. /* This header is provided in order to make compiling against code that expects

  16.    OpenSSL easier. */

  17. 

  18. #ifndef OPENSSL_HEADER_OPENSSLCONF_H

  19. #define OPENSSL_HEADER_OPENSSLCONF_H

  20. 

  21. 

  22. #define OPENSSL_NO_ASYNC

  23. #define OPENSSL_NO_BF

  24. #define OPENSSL_NO_BLAKE2

  25. #define OPENSSL_NO_BUF_FREELISTS

  26. #define OPENSSL_NO_CAMELLIA

  27. #define OPENSSL_NO_CAPIENG

  28. #define OPENSSL_NO_CAST

  29. #define OPENSSL_NO_CMS

  30. #define OPENSSL_NO_COMP

  31. #define OPENSSL_NO_CT

  32. #define OPENSSL_NO_DANE

  33. #define OPENSSL_NO_DEPRECATED

  34. #define OPENSSL_NO_DGRAM

  35. #define OPENSSL_NO_DYNAMIC_ENGINE

  36. #define OPENSSL_NO_EC_NISTP_64_GCC_128

  37. #define OPENSSL_NO_EC2M

  38. #define OPENSSL_NO_EGD

  39. #define OPENSSL_NO_ENGINE

  40. #define OPENSSL_NO_GMP

  41. #define OPENSSL_NO_GOST

  42. #define OPENSSL_NO_HEARTBEATS

  43. #define OPENSSL_NO_HW

  44. #define OPENSSL_NO_IDEA

  45. #define OPENSSL_NO_JPAKE

  46. #define OPENSSL_NO_KRB5

  47. #define OPENSSL_NO_MD2

  48. #define OPENSSL_NO_MDC2

  49. #define OPENSSL_NO_OCB

  50. #define OPENSSL_NO_OCSP

  51. #define OPENSSL_NO_RC2

  52. #define OPENSSL_NO_RC5

  53. #define OPENSSL_NO_RFC3779

  54. #define OPENSSL_NO_RIPEMD

  55. #define OPENSSL_NO_RMD160

  56. #define OPENSSL_NO_SCTP

  57. #define OPENSSL_NO_SEED

  58. #define OPENSSL_NO_SRP

  59. #define OPENSSL_NO_SSL2

  60. #define OPENSSL_NO_SSL3

  61. #define OPENSSL_NO_SSL3_METHOD

  62. #define OPENSSL_NO_STATIC_ENGINE

  63. #define OPENSSL_NO_STORE

  64. #define OPENSSL_NO_WHIRLPOOL

  65. 

  66. 

  67. #endif  // OPENSSL_HEADER_OPENSSLCONF_H