boringssl

History

David Benjamin 6fff386492 Support standard RFC cipher suite names alongside OpenSSL ones. Both Conscrypt and Netty have a lot of logic to map between the two kinds of names. WebRTC needed an SSL_CIPHER_get_rfc_name for something. Just have both in the library. Also deprecate SSL_CIPHER_get_rfc_name in favor of SSL_CIPHER_standard_name, which matches upstream if built with enable-ssl-trace. And, unlike SSL_CIPHER_get_rfc_name, this does not require dealing with the malloc. (Strangely this decreases bssl's binary size, even though we're carrying more strings around. It seems the old SSL_CIPHER_get_rfc_name was somewhat large in comparison. Regardless, a consumer that disliked 30 short strings probably also disliked the OpenSSL names. That would be better solved by opaquifying SSL_CIPHER and adding a less stringy API for configuring cipher lists. That's something we can explore later if needed.) I also made the command-line tool print out the standard names since they're more standard. May as well push folks towards those going forward. Change-Id: Ieeb3d63e67ef4da87458e68d130166a4c1090596 Reviewed-on: https://boringssl-review.googlesource.com/17324 Reviewed-by: Robert Sloan <varomodt@google.com> Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>		7 years ago
..
test	Update fuzzer mode suppressions.	7 years ago
CMakeLists.txt	Convert bio_test to GTest.	7 years ago
bio_ssl.c	Move the SSL BIO into ssl/ from decrepit/.	7 years ago
custom_extensions.c	Support enabling early data on SSL	7 years ago
d1_both.c	Trim x509.h includes.	7 years ago
d1_lib.c	Don't use long for timestamps.	7 years ago
d1_pkt.c	Adding support for sending early data on the client.	7 years ago
d1_srtp.c	Fix ssl_ctx_make_profiles error handling.	8 years ago
dtls_method.c	Adding support for receiving early data on the server.	7 years ago
dtls_record.c	Don't use the buffer BIO in DTLS.	7 years ago
handshake_client.c	Stash the computed version range in SSL_HANDSHAKE.	7 years ago
handshake_server.c	Stash the computed version range in SSL_HANDSHAKE.	7 years ago
internal.h	Stash the computed version range in SSL_HANDSHAKE.	7 years ago
s3_both.c	Unwind V2ClientHello counters.	7 years ago
s3_lib.c	Really remove DHE ciphersuites from TLS.	7 years ago
s3_pkt.c	Adding support for sending early data on the client.	7 years ago
ssl_aead_ctx.c	Enforce incrementing counter for TLS 1.2 AES-GCM.	7 years ago
ssl_asn1.c	Remove the last remnants of key_exchange_info.	7 years ago
ssl_buffer.c	Just allocate what's needed for SSL write buffers.	7 years ago
ssl_cert.c	Really remove DHE ciphersuites from TLS.	7 years ago
ssl_cipher.c	Support standard RFC cipher suite names alongside OpenSSL ones.	7 years ago
ssl_ecdh.c	Fix some malloc failure handling.	7 years ago
ssl_file.c	Remove \|X509\| things from SSL_SESSION.	7 years ago
ssl_lib.c	Simplify SSL_get0_next_proto_negotiated.	7 years ago
ssl_privkey.c	Simplify ssl_private_key_* state machine points.	7 years ago
ssl_privkey_cc.cc	Rename ssl_rsa.c to ssl_privkey.c.	7 years ago
ssl_session.c	Adding support for sending early data on the client.	7 years ago
ssl_stat.c	Simplify ssl_private_key_* state machine points.	7 years ago
ssl_test.cc	Support standard RFC cipher suite names alongside OpenSSL ones.	7 years ago
ssl_transcript.c	Moving transcript and PRF functions to SSL_TRANSCRIPT.	7 years ago
ssl_x509.c	Move ssl_verify_alarm_type into ssl_x509.c.	7 years ago
t1_enc.c	Enforce incrementing counter for TLS 1.2 AES-GCM.	7 years ago
t1_lib.c	Stash the computed version range in SSL_HANDSHAKE.	7 years ago
tls13_both.c	Simplify ssl_private_key_* state machine points.	7 years ago
tls13_client.c	Simplify ssl_private_key_* state machine points.	7 years ago
tls13_enc.c	Enforce incrementing counter for TLS 1.2 AES-GCM.	7 years ago
tls13_server.c	Simplify ssl_private_key_* state machine points.	7 years ago
tls_method.c	Adding support for receiving early data on the server.	7 years ago
tls_record.c	Enforce max_early_data_size on the server.	7 years ago