Go to file
Filippo Valsorda 73308b6606 Avoid SCT/OCSP extensions in SH on {Omit|Empty}Extensions
They were causing a "panic: ServerHello unexpectedly contained extensions"
if the client unconditionally signals support for OCSP or SCTs.

Change-Id: Ia60639431daf78679b269dfe337c1af171fd7d8b
Reviewed-on: https://boringssl-review.googlesource.com/c/34644
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
2019-01-29 00:51:31 +00:00
.github Add a PULL_REQUEST_TEMPLATE. 2016-03-08 15:23:52 +00:00
crypto Test and fix an ABI issue with small parameters. 2019-01-28 21:09:40 +00:00
decrepit Set NIDs for Blowfish and CAST. 2019-01-03 22:41:25 +00:00
fipstools Add a CFI tester to CHECK_ABI. 2019-01-03 22:01:55 +00:00
fuzz Refresh fuzzer corpus. 2019-01-08 17:55:08 +00:00
include/openssl Add a very roundabout EC keygen API. 2019-01-25 23:08:12 +00:00
infra/config No longer set CQ-Verified label on CQ success/failure. 2018-11-19 16:59:05 +00:00
ssl Avoid SCT/OCSP extensions in SH on {Omit|Empty}Extensions 2019-01-29 00:51:31 +00:00
third_party Fix signed left-shifts in curve25519.c. 2019-01-22 23:27:34 +00:00
tool Delete the variants/draft code. 2019-01-08 17:38:41 +00:00
util Move aes_nohw, bsaes, and vpaes prototypes to aes/internal.h. 2019-01-09 03:35:55 +00:00
.clang-format Import `newhope' (post-quantum key exchange). 2016-04-26 22:53:59 +00:00
.gitignore Update SDE and add the Windows version. 2019-01-03 21:01:33 +00:00
API-CONVENTIONS.md Clarify "reference" and fix typo. 2018-09-05 19:06:48 +00:00
BREAKING-CHANGES.md Add some notes on how to handle breaking changes. 2018-04-28 00:04:41 +00:00
BUILDING.md Add a CFI tester to CHECK_ABI. 2019-01-03 22:01:55 +00:00
CMakeLists.txt Add a RelWithAsserts build configuration. 2019-01-23 17:21:56 +00:00
codereview.settings Comment change in codereview.settings 2018-07-26 00:23:04 +00:00
CONTRIBUTING.md Add a CONTRIBUTING.md file. 2016-02-10 21:38:19 +00:00
FUZZING.md Switch to Clang 6.0's fuzzer support. 2018-08-27 17:18:56 +00:00
go.mod Set up Go modules. 2018-09-17 21:04:17 +00:00
INCORPORATING.md Update URL for GN quick start guide. 2018-08-16 20:18:41 +00:00
LICENSE Note licenses for support code in the top-level LICENSE file. 2018-03-27 17:03:47 +00:00
PORTING.md Remove reference to SSL3 in PORTING.md. 2018-06-29 17:46:32 +00:00
README.md Add some notes on how to handle breaking changes. 2018-04-28 00:04:41 +00:00
sources.cmake Add new curve/hash ECDSA combinations from Wycheproof. 2018-08-10 18:26:06 +00:00
STYLE.md Fix some style guide samples. 2017-08-31 14:24:45 +00:00

BoringSSL

BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.

Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.

Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.

BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.

Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.

There are other files in this directory which might be helpful: