Commit Graph

136 Commits

Author SHA1 Message Date
David Benjamin
818031ec17 Build with -Wimplicit-fallthrough in Clang.
This will catch failures standalone before they reach consumers.

Change-Id: I1957df92e02ef7b4c609cd85420535c94ae3a04c
Reviewed-on: https://boringssl-review.googlesource.com/18005
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-07-17 19:26:32 +00:00
David Benjamin
6fb16cc93d Fix linux_fuzz bot.
Change-Id: Iefe4790094e2b2c6f9ef0833c00ab37707b7b19a
Reviewed-on: https://boringssl-review.googlesource.com/17805
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
2017-07-14 15:39:31 +00:00
David Benjamin
4a8d1f3519 Make missing prototypes warning work in clang/C++.
in GCC, -Wmissing-prototypes is only in C and the C++ spelling is
-Wmissing-declarations.
https://gcc.gnu.org/onlinedocs/gcc-7.1.0/gcc/Warning-Options.html#Warning-Options

In clang, -Wmissing-prototypes is in both C/C++ and
-Wmissing-declarations means you forgot to name a typedef or something?
https://clang.llvm.org/docs/DiagnosticsReference.html#wmissing-prototypes
https://clang.llvm.org/docs/DiagnosticsReference.html#wmissing-declarations

Pass clang slightly different flags to account for this mess.

Change-Id: I574ff7ecf32ba5908355639de83e8a102dab5f04
Reviewed-on: https://boringssl-review.googlesource.com/17784
Reviewed-by: Steven Valdez <svaldez@google.com>
2017-07-14 13:45:26 +00:00
David Benjamin
9b6ff440ef Use _STL_EXTRA_DISABLED_WARNINGS in VS2017.
Although Microsoft does not support building with /Wall, starting
VS2017, they provide a way to suppress warnings only in STL code. This
lets us keep some warnings active on our code while disabling them in
the STL.
https://blogs.msdn.microsoft.com/vcblog/2017/02/06/stl-fixes-in-vs-2017-rtm/

We currently still support VS2015, so we can't switch most of our
suppressions to this, but anything which applies only to VS2017 and up
will work.

Change-Id: I5f6d621dd1dbc060e09bded776d1714785a63147
Reviewed-on: https://boringssl-review.googlesource.com/17245
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-06-16 19:37:40 +00:00
David Benjamin
8ba6a1496b Fix build with VS 2017.
Lots more warnings to disable...

Change-Id: Ic240dd74d9abab8fe6d696c15267138b857d0dc1
Reviewed-on: https://boringssl-review.googlesource.com/16745
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-06-07 18:56:06 +00:00
Adam Langley
f64a6eeaf0 Switch to new delocate tool.
Most importantly, this version of delocate works for ppc64le. It should
also work for x86-64, but will need significant testing to make sure
that it covers all the cases that the previous delocate.go covered.

It's less stringtastic than the old code, however the parser isn't as
nice as I would have liked. I thought that the reason we put up with
AT&T syntax with Intel is so that assembly syntax could be somewhat
consistent across platforms. At least for ppc64le, that does not appear
to be the case.

Change-Id: Ic7e3c6acc3803d19f2c3ff5620c5e39703d74212
Reviewed-on: https://boringssl-review.googlesource.com/16464
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-30 18:00:16 +00:00
David Benjamin
3ecd0a5fca Convert aes_test to GTest.
This introduces machinery to start embedding the test data files into
the crypto_test binary. Figuring out every CI's test data story is more
trouble than is worth it. The GTest FileTest runner is considerably
different from the old one:

- It returns void and expects failures to use the GTest EXPECT_* and
  ASSERT_* macros, rather than ExpectBytesEqual. This is more monkey
  work to convert, but ultimately less work to add new tests. I think
  it's also valuable for our FileTest and normal test patterns to align
  as much as possible. The line number is emitted via SCOPED_TRACE.

- I've intentionally omitted the Error attribute handling, since that
  doesn't work very well with the new callback. This means evp_test.cc
  will take a little more work to convert, but this is again to keep our
  two test patterns aligned.

- The callback takes a std::function rather than a C-style void pointer.
  This means we can go nuts with lambdas. It also places the path first
  so clang-format doesn't go nuts.

BUG=129

Change-Id: I0d1920a342b00e64043e3ea05f5f5af57bfe77b3
Reviewed-on: https://boringssl-review.googlesource.com/16507
Reviewed-by: Adam Langley <agl@google.com>
2017-05-23 22:33:25 +00:00
Martin Kreichgauer
118355c6f0 fipstools: Add a sample binary that exercises methods from the FIPS module.
Also allow breaking ECDSA/RSA pair-wise consistency tests and ECDSA
self-test.

Change-Id: I1c7723f6082568ebf93158cfaa184cbdeb7480a0
Reviewed-on: https://boringssl-review.googlesource.com/16305
Reviewed-by: Adam Langley <agl@google.com>
2017-05-18 00:00:33 +00:00
Steven Valdez
43e5a26b53 Fixing assembly coverage reporting.
Due to issues with CMake enable_language, we have to delay setting
CMAKE_ASM_FLAGS until after enable_language(ASM) has been called.

We also need to remove the '.file' macro from x86gas.pl to prevent the
filenames from being overridden from those provided by the build
system.

Change-Id: I436f57ec45e4751714af49e1211a0d7810e4e56a
Reviewed-on: https://boringssl-review.googlesource.com/16127
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-11 16:55:29 +00:00
David Benjamin
1e5cb820de Add an option to build libFuzzer from DEPS.
The bots will need to get libFuzzer externally. As usual, borrow
Chromium's copy.

Change-Id: I5ed879bbc76188838adcf9d51855e76c481ace5b
Reviewed-on: https://boringssl-review.googlesource.com/16146
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
2017-05-10 22:12:32 +00:00
David Benjamin
08ab59b8d7 Switch from 8bit-counters to trace-pc-guard.
Otherwise clang complains about:

  clang: error: argument '-fsanitize-coverage=8bit-counters' is
  deprecated, use '-fsanitize-coverage=trace-pc-guard' instead
  [-Werror,-Wdeprecated]

Change-Id: Icb2a8f874734040df6a2d39a62f8e946b366bfca
Reviewed-on: https://boringssl-review.googlesource.com/16128
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-10 17:04:38 +00:00
Adam Langley
5c38c05b26 Move bn/ into crypto/fipsmodule/
Change-Id: I68aa4a740ee1c7f2a308a6536f408929f15b694c
Reviewed-on: https://boringssl-review.googlesource.com/15647
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-01 22:51:25 +00:00
Adam Langley
58e449904e Move crypto/fipsoracle/ to the top-level.
This works better with util/generate_build_files.py.

Change-Id: Icb55dc74e0a004aca3e09978640455b66f0473ff
Reviewed-on: https://boringssl-review.googlesource.com/15648
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-04-28 23:55:42 +00:00
David Benjamin
aff72a3805 Add the start of standalone iOS build support.
The built-in CMake support seems to basically work, though it believes
you want to build a fat binary which doesn't work with how we build
perlasm. (We'd need to stop conditioning on CMAKE_SYSTEM_PROCESSOR at
all, wrap all the generated assembly files in ifdefs, and convince the
build to emit more than one. Probably not worth bothering for now.)

We still, of course, need to actually test the assembly on iOS before
this can be shipped anywhere.

BUG=48

Change-Id: I6ae71d98d706be03142b82f7844d1c9b02a2b832
Reviewed-on: https://boringssl-review.googlesource.com/14645
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-04-07 17:13:44 +00:00
Adam Langley
fd49993c3b First part of the FIPS module.
Change-Id: Ic3a91ccd2c8cdc364740f256fdb8a7ff66177947
Reviewed-on: https://boringssl-review.googlesource.com/14506
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
2017-04-07 00:05:34 +00:00
David Benjamin
0d3c96337a Build with -fsanitize-address-use-after-scope if -DASAN=1
This would have caught
https://boringssl-review.googlesource.com/c/12400/ and similar classes
of errors with using CBB. A follow-up change will update the builders
to use -DASAN=1 for ASan.

Change-Id: I37817cb1d6bfd5c82ff0b0afaecc8bbbf506bb92
Reviewed-on: https://boringssl-review.googlesource.com/14025
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
2017-02-28 20:07:09 +00:00
David Benjamin
dc90e39291 Clear the last GTest warning suppression.
TEST_P didn't work without fixing the suppression, so I went ahead and
fixed it across the entire project.

BUG=129

Change-Id: I5fe417f720040b627acfb3ed2063afdc85dfa908
Reviewed-on: https://boringssl-review.googlesource.com/13824
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-02-16 19:03:32 +00:00
David Benjamin
c0263ab4c8 Don't leave ARCH unset for mips.
CMake's language is a little dumb about string interpolation. Set it to
"generic", which is the value OPENSSL_NO_ASM uses.

Change-Id: Id98a0309e24465f10bcd7dab4a2000d1038edac0
Reviewed-on: https://boringssl-review.googlesource.com/13261
Reviewed-by: Kenny Root <kroot@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
2017-01-24 22:27:11 +00:00
David Benjamin
966284337d Do a cursory conversion of a few tests to GTest.
For now, this is the laziest conversion possible. The intent is to just
get the build setup ready so that we can get everything working in our
consumers. The intended end state is:

- The standalone build produces three test targets, one per library:
  {crypto,ssl,decrepit}_tests.

- Each FOO_test is made up of:
    FOO/**/*_test.cc
    crypto/test/gtest_main.cc
    test_support

- generate_build_files.py emits variables crypto_test_sources and
  ssl_test_sources. These variables are populated with FindCFiles,
  looking for *_test.cc.

- The consuming file assembles those variables into the two test targets
  (plus decrepit) from there. This avoids having generate_build_files.py
  emit actual build rules.

- Our standalone builders, Chromium, and Android just run the top-level
  test targets using whatever GTest-based reporting story they have.

In transition, we start by converting one of two tests in each library
to populate the three test targets. Those are added to all_tests.json
and all_tests.go hacked to handle them transparently. This keeps our
standalone builder working.

generate_build_files.py, to start with, populates the new source lists
manually and subtracts them out of the old machinery. We emit both for
the time being. When this change rolls in, we'll write all the build
glue needed to build the GTest-based tests and add it to consumers'
continuous builders.

Next, we'll subsume a file-based test and get the consumers working with
that. (I.e. make sure the GTest targets can depend on a data file.)

Once that's all done, we'll be sure all this will work. At that point,
we start subsuming the remaining tests into the GTest targets and,
asynchronously, rewriting tests to use GTest properly rather than
cursory conversion here.

When all non-GTest tests are gone, the old generate_build_files.py hooks
will be removed, consumers updated to not depend on them, and standalone
builders converted to not rely on all_tests.go, which can then be
removed. (Unless bits end up being needed as a malloc test driver. I'm
thinking we'll want to do something with --gtest_filter.)

As part of this CL, I've bumped the CMake requirements (for
target_include_directories) and added a few suppressions for warnings
that GTest doesn't pass.

BUG=129

Change-Id: I881b26b07a8739cc0b52dbb51a30956908e1b71a
Reviewed-on: https://boringssl-review.googlesource.com/13232
Reviewed-by: Adam Langley <agl@google.com>
2017-01-21 00:17:05 +00:00
David Benjamin
d035ab3bba Add a GCOV option to CMakeLists.txt.
Get us a little closer to productionizing the coverage generation, which
will require taking all the logic out of the coverage script.

Change-Id: If410cc198a888ee87a84b1c2d532322682d3c44e
Reviewed-on: https://boringssl-review.googlesource.com/13043
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-01-03 13:17:57 +00:00
Adam Langley
1bcd10c557 Add CMake support for ASAN and MSAN.
This only works with Clang, and MSAN seems to have a false-positive for
me in libstdc++, but it can be helpful to test with these

Change-Id: I068edabcda69c9239ee4f0247f5d8f873dea77bb
Reviewed-on: https://boringssl-review.googlesource.com/12940
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2016-12-16 19:27:49 +00:00
Doug Kwan
5f04b6bc3a Add ppc64le vector implementation of SHA-1.
This change contains a C implementation of SHA-1 for POWER using
AltiVec. It is almost as fast as the scalar-only assembly implementation
for POWER/POWERPC family in OpenSSL but it is easier to maintain and it
allows error checking with tools like ASAN.

This is tested only for ppc64le. It may nor may not work for other
platforms in the POWER/POWERPC familiy.

Before:

SHA-1 @ 16 bytes: ~30 MB/s
SHA-1 @ 8K: ~140 MB/s

After:

SHA-1 @ 16 bytes: ~70 MB/s
SHA-1 @ 8K: ~480 MB/s

Change-Id: I790352e86d9c0cc4e1e57d11c5a0aa5b0780ca6b
Reviewed-on: https://boringssl-review.googlesource.com/12203
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2016-11-17 18:38:14 +00:00
Aurelien Regat-Barrel
1e21e994ec More flexible detection of arm processors to fix cmake errors on armv6l and armv7l devices
Change-Id: Iee7653f620c56136df75908830f06a1d5c597609
Reviewed-on: https://boringssl-review.googlesource.com/12240
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2016-11-15 18:17:41 +00:00
David Benjamin
ffb1107c91 Add a helper function for parsing extensions blocks.
TLS 1.3 adds a number of places with extensions blocks that don't easily
fit into our ClientHello/EncryptedExtensions callbacks. Between
HelloRetryRequest, ServerHello, draft 18 going nuts with Certificate,
and NewSessionTicket when we do 0-RTT, this passes the "abstract things
that are repeated three times" sniff test.

For now, it rejects unknown extensions, but it will probably grow an
allow_unknown parameter for NewSessionTicket.

This involves disabling some MSVC warnings, but they're invalid as of
C99 which we otherwise require. See
https://connect.microsoft.com/VisualStudio/feedback/details/1230248/remove-c99-related-warnings-or-make-them-off-by-default

Change-Id: Iea8bf8ab216270c081dd63e79aaad9ec73b3b550
Reviewed-on: https://boringssl-review.googlesource.com/12233
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2016-11-15 06:58:52 +00:00
Kenneth Geisshirt
54955fe711 Allow building on MIPS.
Change-Id: I596e77fa5a7b97b405f52c44e9e36a8226196997
Reviewed-on: https://boringssl-review.googlesource.com/11900
Reviewed-by: Adam Langley <agl@google.com>
2016-11-09 16:59:22 +00:00
David Benjamin
ec978dd812 Add corpora for fuzzers with fuzzer mode disabled.
Fuzzer mode explores the handshake, but at the cost of losing coverage
on the record layer. Add a separate build flag and client/server
corpora for this mode.

Note this requires tweaks in consumers' fuzzer build definitions.

BUG=111

Change-Id: I1026dc7301645e165a761068a1daad6eedc9271e
Reviewed-on: https://boringssl-review.googlesource.com/12108
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
2016-11-09 16:53:37 +00:00
David Benjamin
ac9a7f6384 Fix the run_tests target in fuzzer mode.
We run with a few more arguments, we may as well pass them in.

Change-Id: Icd7196fc50983f77d500b96e0cc4f9bc583671bf
Reviewed-on: https://boringssl-review.googlesource.com/11603
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2016-10-14 16:01:47 +00:00
Alessandro Ghedini
b6f6927cac Fix CMake negation and make error fatal
Not sure if version-dependant, but with CMake 3.6 "!" doesn't work.

Change-Id: I5f91234b27e340142b479b602d4102134ad55ccb
Reviewed-on: https://boringssl-review.googlesource.com/11381
Reviewed-by: Adam Langley <agl@google.com>
2016-09-28 23:46:36 +00:00
Adam Langley
d5c72c8bc8 Fix run_tests target.
The COMMANDs will “not necessarily composed into a stateful shell or
batch script” so the change directory needs to be linked with the
command that needs it. This fixes “make run_tests”.

Change-Id: I364530fe1331aba7fa9899616916f610981c2c95
Reviewed-on: https://boringssl-review.googlesource.com/11263
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2016-09-26 22:13:03 +00:00
David Benjamin
41b8ff24ce Don't pass -Wa,-g on clang.
clang's integrated assembler does not appear to support debug symbols
yet. (And somehow CMake has another statefulness bug that causes this to
only manifest on a second run, so the try bots aren't noticing.)

Also don't clobber the existing CMAKE_ASM_FLAGS value.

Change-Id: Ia04345f0dc2f9833ac13912d761cfab3479c10cd
Reviewed-on: https://boringssl-review.googlesource.com/11083
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
2016-09-16 20:41:09 +00:00
David Benjamin
7208822d5e Build debug symbols for assembly.
We build with them for C files, so include it for the assembly files
too.

Change-Id: I1c595e18314b245330a6f047d0a97a031d55b115
Reviewed-on: https://boringssl-review.googlesource.com/9150
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2016-09-12 19:53:52 +00:00
David Benjamin
9b7d836b05 Be -Wnewline-eof clean.
Change-Id: I85216184f9277ce0c0caae31e379b638683e28c5
Reviewed-on: https://boringssl-review.googlesource.com/10703
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
2016-08-29 19:15:19 +00:00
Adam Langley
0186787c49 Add top-level BUILD file (in util/).
When we have *-with-bazel branches this BUILD file will be copied to the
top-level for consumers that want to use Bazel.

From empirical testing, x86-64 on Linux is spelt “k8” and x86-64 on
macOS is spelt “darwin”. I've not tried to enable assembly for any other
cases yet.

Change-Id: Ic6cb739565f145db20756fb57c0d087227fd9e18
Reviewed-on: https://boringssl-review.googlesource.com/8571
Reviewed-by: Adam Langley <agl@google.com>
2016-07-06 23:03:01 +00:00
David Benjamin
37e01b393c Spell C++11 as C++11, not C++0x.
We already require GCC 4.8+, so -std=c++11 should work fine.

Change-Id: I07d46d7dcccb695b5df97a702f0d5007fdff3385
Reviewed-on: https://boringssl-review.googlesource.com/8245
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
2016-06-13 19:20:40 +00:00
David Benjamin
2e8ba2d25d Use one C99-style for loop.
Switch one for loop to the new spelling as a canary. All our compilers seem to
support it fine, except GCC needs to be told to build with -std=c99. (And, upon
doing so, it'll require _XOPEN_SOURCE=700 for pthread_rwlock_t.)

We'll let this sit for a bit until it's gotten into downstreams without issue
and then open the floodgates.

BUG=47

Change-Id: I1c69d4b2df8206e0b55f30aa59b5874d82fca893
Reviewed-on: https://boringssl-review.googlesource.com/8235
Reviewed-by: Adam Langley <agl@google.com>
2016-06-09 21:27:54 +00:00
nmittler
f0322b2abc Use non-deprecated methods on windows.
Use of strdup, close, lseek, read, and write prevent linking
statically againt libcmt.lib.

Change-Id: I04f7876ec0f03f29f000bbcc6b2ccdec844452d2
Reviewed-on: https://boringssl-review.googlesource.com/8010
Reviewed-by: David Benjamin <davidben@google.com>
2016-05-19 20:30:50 +00:00
Tamas Berghammer
5693e42ae4 Fix discovery rule for perl and go for Android
We don't use find_package/find_program on android to find go/perl
because the android toolchain reconfigure the $PATH. The pervious
way of solving this was to let ninja look for go/perl on the $PATH
but this approach prevented us from specifying explicit go/perl
executables what is needed for hermetic build using prebuilts. This
CL changes the Android specific discovery rule to only set
GO_EXECUTABLE and PERL_EXECUTABLE if they are not specified on the
command line or inside the toolchain file.

Change-Id: Ib6ef69707749073f2b79244ebb301502b2a5a34a
Reviewed-on: https://boringssl-review.googlesource.com/8000
Reviewed-by: David Benjamin <davidben@google.com>
2016-05-19 14:46:02 +00:00
David Benjamin
7acd6bc07a Start assuming MSVC 2015.
BUG=43

Change-Id: I46ad1ca62b8921a03fae51f5d7bbe1c68fc0b170
Reviewed-on: https://boringssl-review.googlesource.com/7821
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
2016-05-02 19:46:25 +00:00
Brian Smith
dc6c1b8381 Fix build when using Visual Studio 2015 Update 1.
Many of the compatibility issues are described at
https://msdn.microsoft.com/en-us/library/mt612856.aspx. The macros
that suppressed warnings on a per-function basis no longer work in
Update 1, so replace them with #pragmas. Update 1 warns when |size_t|
arguments to |printf| are casted, so stop doing that casting.
Unfortunately, this requires an ugly hack to continue working in
MSVC 2013 as MSVC 2013 doesn't support "%zu". Finally, Update 1 has new
warnings, some of which need to be suppressed.

---

Updated by davidben to give up on suppressing warnings in crypto/x509 and
crypto/x509v3 as those directories aren't changed much from upstream. In each
of these cases, upstream opted just blindly initialize the variable, so do the
same. Also switch C4265 to level 4, per Microsoft's recommendation and work
around a bug in limits.h that happens to get fixed by Google include order
style.

(limits.h is sensitive to whether corecrt.h, pulled in by stddef.h and some
other headers, is included before it. The reason it affected just one file is
we often put the file's header first, which means base.h is pulling in
stddef.h. Relying on this is ugly, but it's no worse than what everything else
is doing and this doesn't seem worth making something as tame as limits.h so
messy to use.)

Change-Id: I02d1f935356899f424d3525d03eca401bfa3e6cd
Reviewed-on: https://boringssl-review.googlesource.com/7480
Reviewed-by: David Benjamin <davidben@google.com>
2016-03-25 21:39:52 +00:00
Piotr Sikora
35673b945d Build with -Wmissing-prototypes -Wmissing-declarations.
Change-Id: Ieba81f114483095f3657e87f669c7562ff75b58c
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Reviewed-on: https://boringssl-review.googlesource.com/7516
Reviewed-by: David Benjamin <davidben@google.com>
2016-03-20 17:05:03 +00:00
Adam Langley
de29f36cf4 Add 8bit-counters option for fuzzing.
This enables coverage counters[1] when fuzzing.

[1] http://clang.llvm.org/docs/SanitizerCoverage.html#coverage-counters

Change-Id: I33fca02d0406b75ac1f7598f41fe4c2ce43538d1
Reviewed-on: https://boringssl-review.googlesource.com/7274
Reviewed-by: David Benjamin <davidben@google.com>
2016-03-03 18:04:58 +00:00
David Benjamin
f2b8363578 Fix the tests for the fuzzer mode.
It's useful to make sure our fuzzer mode works. Not all tests pass, but most
do. (Notably the negative tests for everything we've disabled don't work.) We
can also use then use runner to record fuzzer-mode transcripts with the ciphers
correctly nulled.

Change-Id: Ie41230d654970ce6cf612c0a9d3adf01005522c6
Reviewed-on: https://boringssl-review.googlesource.com/7288
Reviewed-by: Adam Langley <agl@google.com>
2016-03-03 01:36:55 +00:00
David Benjamin
bc5b2a2e22 Add a deterministic PRNG for fuzzing.
If running the stack through a fuzzer, we would like execution to be
completely deterministic. This is gated on a
BORINGSSL_UNSAFE_FUZZER_MODE #ifdef.

For now, this just uses the zero ChaCha20 key and a global counter. As
needed, we can extend this to a thread-local counter and a separate
ChaCha20 stream and counter per input length.

Change-Id: Ic6c9d8a25e70d68e5dc6804e2c234faf48e51395
Reviewed-on: https://boringssl-review.googlesource.com/7286
Reviewed-by: Adam Langley <agl@google.com>
2016-03-03 01:36:19 +00:00
David Benjamin
6b34d54945 Prefer MSVC over GCC if both are in %PATH%.
Notably, putting Strawberry Perl in %PATH% will usually end up putting a copy
of gcc in %PATH%, which trips up people trying to build on Windows.

This is arguably misusing the variable (normally set by the generator), but it
should work.

Change-Id: I13a011eb33688ae928a56cce266edd2759a3cb32
Reviewed-on: https://boringssl-review.googlesource.com/7070
Reviewed-by: Adam Langley <agl@google.com>
2016-02-08 18:12:36 +00:00
Brian Smith
a646258c14 Enable stronger format string checking |-Wformat=2|.
Also, factor out flags based to both the C and C++ compiler into a
single variable.

Change-Id: I432de0cc516e95a0d48146fae2dda8b7b3b38d4b
Reviewed-on: https://boringssl-review.googlesource.com/6922
Reviewed-by: David Benjamin <davidben@google.com>
2016-01-21 21:00:31 +00:00
Adam Langley
3ac4b3a391 Remove NO_ASM define that I accidently included in the previous commit.
Change-Id: I0000e51930cd1e286173f96f79dbb18d33cd294a
Reviewed-on: https://boringssl-review.googlesource.com/6811
Reviewed-by: Adam Langley <agl@google.com>
2015-12-22 16:34:33 +00:00
Adam Langley
e6c540290d Don't build X25519 asm code when NO_ASM is set.
Change-Id: I6c7188648d81ab11a43b5491a850fb1d74e40986
Reviewed-on: https://boringssl-review.googlesource.com/6810
Reviewed-by: Adam Langley <agl@google.com>
2015-12-22 16:32:53 +00:00
Adam Langley
7104cc96b7 Update and fix fuzzing instructions.
It's easier to put libFuzzer.a into the source directory than to install
it globally.

Change-Id: I4dc7b56f81c7aa0371475c68d23368b025186505
Reviewed-on: https://boringssl-review.googlesource.com/6461
Reviewed-by: Adam Langley <agl@google.com>
2015-11-10 23:37:36 +00:00
Adam Langley
9a4beb8ad8 Add four, basic fuzz tests.
This change adds fuzzing tests for:
  ∙ Certificate parsing
  ∙ Private key parsing
  ∙ ClientHello parsing
  ∙ Server first flow (ServerHello, Certificate, etc) parsing.

Change-Id: I5f53282263eaaff69b1a03c819cca73750433653
Reviewed-on: https://boringssl-review.googlesource.com/6460
Reviewed-by: Adam Langley <agl@google.com>
2015-11-10 19:14:01 +00:00
Adam Langley
d9e817309a Fix several warnings that arise in Android.
Android is now using Ninja so it doesn't spew so much to the terminal
and thus any warnings in BoringSSL (which builds really early in the
process) and much more obvious.

Thus this change fixes a few warnings that appear in the Android build.

Change-Id: Id255ace90fece772a1c3a718c877559ce920b960
Reviewed-on: https://boringssl-review.googlesource.com/6400
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-10-30 21:11:48 +00:00
Adam Langley
d84b5aec7e Don't build with OPENSSL_SMALL.
This was submitted to check that it worked on all the builders but, in
normal usage, we should build without OPENSSL_SMALL so that everything
is compiled.

Change-Id: I31ac899862e3b31c55bf265a7ec5ff0cc9770b48
2015-10-27 18:34:44 -07:00
Adam Langley
96c2a28171 Fix all sign/unsigned warnings with Clang and GCC.
Change-Id: If2a83698236f7b0dcd46701ccd257a85463d6ce5
Reviewed-on: https://boringssl-review.googlesource.com/4992
Reviewed-by: Adam Langley <agl@google.com>
2015-10-27 22:48:00 +00:00
Adam Langley
2e3c978d14 Add OPENSSL_SMALL.
Intel's P-256 code has very large tables and things like Chromium just
don't need that extra size. However, servers generally do so this change
adds an OPENSSL_SMALL define that currently just drops the 64-bit P-224
but will gate Intel's P-256 in the future too.

Change-Id: I2e55c6e06327fafabef9b96d875069d95c0eea81
Reviewed-on: https://boringssl-review.googlesource.com/6362
Reviewed-by: Adam Langley <alangley@gmail.com>
2015-10-27 16:40:20 +00:00
David Benjamin
301afaf223 Add a run_tests target to run all tests.
It's very annoying having to remember the right incant every time I want
to switch around between my build, build-release, build-asan, etc.,
output directories.

Unfortunately, this target is pretty unfriendly without CMake 3.2+ (and
Ninja 1.5+). This combination gives a USES_TERMINAL flag to
add_custom_target which uses Ninja's "console" pool, otherwise the
output buffering gets in the way. Ubuntu LTS is still on an older CMake,
so do a version check in the meantime.

CMake also has its own test mechanism (CTest), but this doesn't use it.
It seems to prefer knowing what all the tests are and then tries to do
its own output management and parallelizing and such. We already have
our own runners. all_tests.go could actually be converted tidily, but
generate_build_files.py also needs to read it, and runner.go has very
specific needs.

Naming the target ninja -C build test would be nice, but CTest squats
that name and CMake grumps when you use a reserved name, so I've gone
with run_tests.

Change-Id: Ibd20ebd50febe1b4e91bb19921f3bbbd9fbcf66c
Reviewed-on: https://boringssl-review.googlesource.com/6270
Reviewed-by: Adam Langley <alangley@gmail.com>
2015-10-26 20:33:44 +00:00
Brian Smith
e5ae760a96 Silence MSVC warning C4210.
The warning is:

    C4210: nonstandard extension used : function given file scope.

It is caused by function declarations that aren't at the top level in a
file.

Change-Id: Ib1c2ae64e15e66eb0a7255a29c0e560fbf55c2b2
Reviewed-on: https://boringssl-review.googlesource.com/6210
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-10-13 18:20:29 +00:00
Joel Klinghed
1550a84784 Allow compilation for armv6
Use when giving -DANDROID_ABI="armeabi-v6 with VFP" to android-cmake

Change-Id: Ifb053bcf4788e34fb54e20c27d4e519416ca9a11
Reviewed-on: https://boringssl-review.googlesource.com/4945
Reviewed-by: Adam Langley <agl@google.com>
2015-06-02 18:16:13 +00:00
Adam Langley
6f2e733bab Add infrastructure for reference counts.
OpenSSL has traditionally done reference counting with |int|s and the
|CRYPTO_add| function. Unless a special callback is installed (rare),
this is implemented by doing the reference count operations under a
lock.

This change adds infrastructure for handling reference counts and uses
atomic operations when C11 support is available.

Change-Id: Ia023ce432319efd00f77a7340da27d16ee4b63c3
Reviewed-on: https://boringssl-review.googlesource.com/4771
Reviewed-by: Adam Langley <agl@google.com>
2015-05-20 19:14:59 +00:00
Adam Langley
843ab66e17 Add support for building with the Android NDK.
Previously I've been using the Linaro toolchains and just building
static binaries. However, the Linaro toolchains have a broken
pthread_rwlock_wrlock—it does nothing and then unlocking corrupts the
lock.

Building with the Android NDK avoids this.

These build instructions depend on
https://github.com/taka-no-me/android-cmake which people will need to
clone into util/ if they want to use the Android NDK.

Change-Id: Ic64919f9399af2a57e8df4fb4b3400865ddb2427
Reviewed-on: https://boringssl-review.googlesource.com/4600
Reviewed-by: Adam Langley <agl@google.com>
2015-05-05 00:31:46 +00:00
David Benjamin
27b08e9ecf Fix OPENSSL_NO_ASM build and promote to a cmake build flag.
Just changing preprocessor definitions doesn't exclude the assembly files.

BUG=484327

Change-Id: I98453d291a6afb8dc8beb179f931c74301a7f434
Reviewed-on: https://boringssl-review.googlesource.com/4610
Reviewed-by: Adam Langley <agl@google.com>
2015-05-05 00:20:35 +00:00
Brian Smith
a039d70270 Enable MSVC warning C4701, use of potentially uninitialized variable.
C4701 is "potentially uninitialized local variable 'buf' used". It
sometimes results in false positives, which can now be suppressed
using the macro OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS.

Change-Id: I15068b5a48e1c704702e7752982b9ead855e7633
Reviewed-on: https://boringssl-review.googlesource.com/3160
Reviewed-by: Adam Langley <agl@google.com>
2015-04-13 20:32:26 +00:00
David Benjamin
2f18c1babb Prune away (almost) all of asn1_mac.h
Amazingly, asn1_GetSequence isn't completely unused? Keep that around for now
and ditch everything else. This lets us enable C4311 in MSVC which is actually
a pretty reasonable warning.

Change-Id: I43bb9206b1745e8a68224f3a435713d2a74e04ea
Reviewed-on: https://boringssl-review.googlesource.com/4256
Reviewed-by: Adam Langley <agl@google.com>
2015-04-08 20:42:57 +00:00
David Benjamin
ef4962f5a3 Shush warning in alignment code.
MSVC doesn't like unary - on unsigned numbers. Also switch ssl3_read_n's
version to uintptr_t to match the write half. This gets us closer to clearing
through C4311 violations. (The remaining one is in asn1_add_error which can go
after verifying that most of asn1_mac.h is safe to drop.)

Change-Id: Idb33dda8863bf1a3408b14d5513a667338311b6b
Reviewed-on: https://boringssl-review.googlesource.com/4255
Reviewed-by: Adam Langley <agl@google.com>
2015-04-07 00:40:50 +00:00
Adam Langley
c004dfc3d1 Add decrepit, initially containing CAST and Blowfish.
decrepit will contain algorithms that we really wish didn't exist any
longer. It won't be built by default in Chromium etc, but the code
will exist for crummy code that still needs it.

Change-Id: Ic307f5f0a69efe9e0a5fd54052f49d219e90dcdd
2015-04-06 16:58:45 -07:00
David Benjamin
0e434b9470 Define NOMINMAX across the entire project.
This fixes the standalone build on Windows and matches Chromium.

Change-Id: I194f53e0a610c5ae9cef53c826b22f7bded5f357
Reviewed-on: https://boringssl-review.googlesource.com/4201
Reviewed-by: Adam Langley <agl@google.com>
2015-04-02 18:38:56 +00:00
David Benjamin
d27eda00a4 Generate error data at build time.
This avoids cluttering up the diff and making merge conflicts a pain.  It does,
however, mean we need to generate err_data.c ahead of time in Chromium and
likely other downstream builds. It also adds a build dependency on Go.

Change-Id: I6e0513ed9f50cfb030f7a523ea28519590977104
Reviewed-on: https://boringssl-review.googlesource.com/3790
Reviewed-by: Adam Langley <agl@google.com>
2015-03-06 18:59:25 +00:00
David Benjamin
b826c0d670 Bump the -Wshadow cutoff to 4.8 rather than 4.6.
Per https://gcc.gnu.org/gcc-4.8/changes.html, -Wshadow was made less
trigger-happy starting 4.8.

Change-Id: I023919dea3497e2dd27679a6f0c4a114c0b30337
Reviewed-on: https://boringssl-review.googlesource.com/3730
Reviewed-by: Adam Langley <agl@google.com>
2015-02-28 15:15:01 +00:00
David Benjamin
3ce3c369cb Find perl using the CMake's standard FindPerl module.
This gives a standard PERL_EXECUTABLE configuration knob which is useful for
specifying a perl to use without having it in PATH.

Change-Id: I4b196b77e0b4666081a3f291fee3654c47925844
Reviewed-on: https://boringssl-review.googlesource.com/3570
Reviewed-by: Adam Langley <agl@google.com>
2015-02-23 19:59:48 +00:00
David Benjamin
3673be7cb6 Fix standalone build on Win64.
Win64 fires significantly more warnings than Win32. Also some recent
changes made it grumpy.

(We might want to reconsider enabling all of MSVC's warnings. Given the sorts
of warnings some of these are, I'm not sure MSVC's version of -Wall -Werror is
actually tenable. Plus, diverging from the Chromium build, especially before
the bots are ready, is going to break pretty readily.)

Change-Id: If3b8feccf910ceab4a233b0731e7624d7da46f87
Reviewed-on: https://boringssl-review.googlesource.com/3420
Reviewed-by: Adam Langley <agl@google.com>
2015-02-11 23:13:52 +00:00
Brian Smith
efed2210e8 Enable more warnings & treat warnings as errors on Windows.
Change-Id: I2bf0144aaa8b670ff00b8e8dfe36bd4d237b9a8a
Reviewed-on: https://boringssl-review.googlesource.com/3140
Reviewed-by: Adam Langley <agl@google.com>
2015-01-31 00:18:55 +00:00
Brian Smith
a87de9b39b Define WIN32_LEAN_AND_MEAN in the build system, not in the code.
This avoids a conflict with the Chromium build system, which
defines WIN32_LEAN_AND_MEAN with a different value.

BUG=crbug.com/453196

Change-Id: Ia15ec7c20325c1961af4f32e5208266e5f846f35
Reviewed-on: https://boringssl-review.googlesource.com/3150
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-01-29 18:48:57 +00:00
Adam Langley
4a0f0c4910 Change CMakeLists.txt to two-space indent.
find -name CMakeLists.txt -type f | xargs sed -e 's/\t/  /g' -i

Change-Id: I01636b1849c00ba918f48828252492d99b0403ac
2015-01-28 16:37:10 -08:00
Brian Smith
2e38008558 Define _HAS_EXCEPTIONS=0 to avoid MSVC C4530 warning.
Avoid "warning C4530: C++ exception handler used, but unwind semantics
are not enabled. Specify /EHsc" when compiling MSVC's <xlocale> by
disabling the exception code in MSVC's STL using _HAS_EXCEPTIONS=0.

Change-Id: I75aeb445d58cc9fb44467a6044386ae6b519cca8
Reviewed-on: https://boringssl-review.googlesource.com/3111
Reviewed-by: Adam Langley <agl@google.com>
2015-01-29 00:35:19 +00:00
David Benjamin
507c1eec51 Honor the standard BUILD_SHARED_LIBS cmake variable.
The variable switches the default type for add_library from STATIC to SHARED.
We can condition additional stuff on that for convenience. (tabtest still
doesn't build.)

BoringSSL as any kind of stable system shared library is still very much
unsupported, but this is probably handy for making sure we don't forget all
those pesky OPENSSL_EXPORTs.

Change-Id: I66ab80bcddbf3724e03e85384141fdf4f4acbc2e
Reviewed-on: https://boringssl-review.googlesource.com/3092
Reviewed-by: Adam Langley <agl@google.com>
2015-01-28 20:40:10 +00:00
David Benjamin
9a9a193388 Build with -fvisibility=hidden.
This matches the Chromium build, in both static and components builds. (Also
happens to sort out an undocumented requirement of the standalone shared
library build.)

Change-Id: Ib47fc4c2143115fe6faf9b83079576075efd72bb
Reviewed-on: https://boringssl-review.googlesource.com/3091
Reviewed-by: Adam Langley <agl@google.com>
2015-01-28 20:09:20 +00:00
Brian Smith
1d75c8be73 Improve compatibility with CMake 3.0 and later
CMake 3.0 changed the identifier for Apple-supplied Clang to
AppleClang.

CMake 3.1 changed the behavior of variable expansion in quoted
strings and complains with warning CMP0054 twice without these
changes.

BUG=crbug.com/451610

Change-Id: I0f1514ec302cf5f1b5cfc2c5a1c71c9e20d5e855
Reviewed-on: https://boringssl-review.googlesource.com/3011
Reviewed-by: Adam Langley <agl@google.com>
2015-01-28 01:13:46 +00:00
Adam Langley
07100c6e69 Only use -Wshadow with GCC > 4.6.0.
Prior to 4.6.0, -Wshadow would cause GCC to warn when variables shadowed
global functions. Since libc defines a number of functions with common
names, this is a problem. Also, without this change, we'll keep breaking
on older versions of GCC because we won't be testing with them.

OpenBSD, specifically is reported to have a problem:
https://boringssl-review.googlesource.com/#/c/2900/

(Note the test should really be >= 4.6.0, but CMake doesn't have a
VERSION_GREATEROREQUAL.)

Change-Id: I1aedda01ab629e138c8781e4319bfaaed0b236b0
Reviewed-on: https://boringssl-review.googlesource.com/2952
Reviewed-by: Adam Langley <agl@google.com>
2015-01-21 00:27:26 +00:00
Adam Langley
3e6526575a aarch64 support.
This is an initial cut at aarch64 support. I have only qemu to test it
however—hopefully hardware will be coming soon.

This also affects 32-bit ARM in that aarch64 chips can run 32-bit code
and we would like to be able to take advantage of the crypto operations
even in 32-bit mode. AES and GHASH should Just Work in this case: the
-armx.pl files can be built for either 32- or 64-bit mode based on the
flavour argument given to the Perl script.

SHA-1 and SHA-256 don't work like this however because they've never
support for multiple implementations, thus BoringSSL built for 32-bit
won't use the SHA instructions on an aarch64 chip.

No dedicated ChaCha20 or Poly1305 support yet.

Change-Id: Ib275bc4894a365c8ec7c42f4e91af6dba3bd686c
Reviewed-on: https://boringssl-review.googlesource.com/2801
Reviewed-by: Adam Langley <agl@google.com>
2015-01-14 23:38:11 +00:00
Adam Langley
f9a40b2ce5 Remove -std=c89 from compiler command line.
We aren't targeting pure C89 any longer and it also upsets GCC on
AArch64 because asm() isn't part of C89.

Change-Id: I0ba299160e2f0c40d9a99ea8df13b4bb33c08163
Reviewed-on: https://boringssl-review.googlesource.com/2800
Reviewed-by: Adam Langley <agl@google.com>
2015-01-12 23:45:34 +00:00
Adam Langley
af7e74ba9f Remove variable shadowing.
Bruce Dawson pointed out that the shadowing of |ret| in |s3_srvr.c|
looked dodgy. It was actually deliberate (we don't want to reset the
default value of the function's |ret| variable with a successful return
from the callback) but it does look dodgy.

This change adds -Wshadow to ban variable shadowing and fixes all
current instances.

Change-Id: I1268f88b9f26245c7d16d6ead5bb9014ea471c01
Reviewed-on: https://boringssl-review.googlesource.com/2520
Reviewed-by: Adam Langley <agl@google.com>
2014-12-09 21:32:49 +00:00
Nico Weber
deb5284138 Make build work on OS X with older cmake versions.
`uname -p` is still i386 on OS X for some reason, which causes cmake 2.8 to set
CMAKE_SYSTEM_PROCESSOR to i386, making the build think it's doing a 32-bit
build.  However, since the system is almost completely 64-bit these days, clang
defaults to producing 64-bit object files unless told otherwise. As a result,
the produced .o files are all 64-bit except for the .o files from assembly, and
then linking fails.

Fix this by forcing ARCH to 64-bit on OS X. This matches the default behavior
of cmake 3.0, where CMAKE_SYSTEM_PROCESSOR is x86_64.

Change-Id: I7a2abc4cef84dfbaf205852a9d7b647e83dd249f
Reviewed-on: https://boringssl-review.googlesource.com/2330
Reviewed-by: Adam Langley <agl@google.com>
Reviewed-by: Piotr Sikora <piotr@cloudflare.com>
2014-11-18 23:08:20 +00:00
David Benjamin
eee7306c72 Get bssl tool building on Windows.
This lets us run bssl speed at least. bssl client is currently compiled
out until we clean up our socket story on Windows and get it working.

Change-Id: Ib1dc0d0e0a6eed7544207e7bbe138503731fda67
Reviewed-on: https://boringssl-review.googlesource.com/2103
Reviewed-by: Adam Langley <agl@google.com>
2014-10-31 22:02:01 +00:00
Victor Vasiliev
5216a931b7 Increase minimum required cmake version
OBJECT library types are supported only in CMake 2.8.8 or higher, and
attempting to build BoringSSL on Ubuntu 12.04 results in CMake
displaying unhelpful error messages.

Change-Id: I2bc77a2c95d4f6ee41f8489ff679a2a0ba48c508
Reviewed-on: https://boringssl-review.googlesource.com/1530
Reviewed-by: Adam Langley <agl@google.com>
2014-08-18 17:23:37 +00:00
Lukas Tribus
d83f38c13a Recognise "i686" as an x86 CPU.
Building under Ubuntu x86 fails with "Unknown processor:i686".

This adds i686 to CMakeLists.txt, fixing the build.

Change-Id: Ic1c7ce452c019b8a2a875d64a707f640d86c7e31
2014-08-11 13:27:44 -07:00
Adam Langley
eb7d2ed1fe Add visibility rules.
This change marks public symbols as dynamically exported. This means
that it becomes viable to build a shared library of libcrypto and libssl
with -fvisibility=hidden.

On Windows, one not only needs to mark functions for export in a
component, but also for import when using them from a different
component. Because of this we have to build with
|BORINGSSL_IMPLEMENTATION| defined when building the code. Other
components, when including our headers, won't have that defined and then
the |OPENSSL_EXPORT| tag becomes an import tag instead. See the #defines
in base.h

In the asm code, symbols are now hidden by default and those that need
to be exported are wrapped by a C function.

In order to support Chromium, a couple of libssl functions were moved to
ssl.h from ssl_locl.h: ssl_get_new_session and ssl_update_cache.

Change-Id: Ib4b76e2f1983ee066e7806c24721e8626d08a261
Reviewed-on: https://boringssl-review.googlesource.com/1350
Reviewed-by: Adam Langley <agl@google.com>
2014-07-31 22:03:11 +00:00
Piotr Sikora
1d8adf18d2 Fix CPU architecture detection on BSDs.
CMake calls "uname" in order to detect the CPU architecture,
so $(CMAKE_SYSTEM_PROCESSOR) varies from platform to platform.

This changes adds support for "i386" and "amd64" values, which
are used by BSDs for the x86 family of CPUs.

Change-Id: I532ce787a9ac06220c92a6d8c78ad5a55d8c40bf
Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
Reviewed-on: https://boringssl-review.googlesource.com/1360
Reviewed-by: Adam Langley <agl@google.com>
2014-07-31 18:54:51 +00:00
Adam Langley
95c29f3cd1 Inital import.
Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta).

(This change contains substantial changes from the original and
effectively starts a new history.)
2014-06-20 13:17:32 -07:00