Go to file

David Benjamin 86e95b852e Move libssl's internals into the bssl namespace. This is horrible, but everything else I tried was worse. The goal with this CL is to take the extern "C" out of ssl/internal.h and move most symbols to namespace bssl, so we can start using C++ helpers and destructors without worry. Complications: - Public API functions must be extern "C" and match their declaration in ssl.h, which is unnamespaced. C++ really does not want you to interleave namespaced and unnamespaced things. One can actually write a namespaced extern "C" function, but this means, from C++'s perspective, the function is namespaced. Trying to namespace the public header would worked but ended up too deep a rabbithole. - Our STACK_OF macros do not work right in namespaces. - The typedefs for our exposed but opaque types are visible in the header files and copied into consuming projects as forward declarations. We ultimately want to give SSL a destructor, but clobbering an unnamespaced ssl_st::~ssl_st seems bad manners. - MSVC complains about ambiguous names if one typedefs SSL to bssl::SSL. This CL opts for: - ssl/*.cc must begin with #define BORINGSSL_INTERNAL_CXX_TYPES. This informs the public headers to create forward declarations which are compatible with our namespaces. - For now, C++-defined type FOO ends up at bssl::FOO with a typedef outside. Later I imagine we'll rename many of them. - Internal functions get namespace bssl, so we stop worrying about stomping the tls1_prf symbol. Exported C functions are stuck as they are. Rather than try anything weird, bite the bullet and reorder files which have a mix of public and private functions. I expect that over time, the public functions will become fairly small as we move logic to more idiomatic C++. Files without any public C functions can just be written normally. - To avoid MSVC troubles, some bssl types are renamed to CPlusPlusStyle in advance of them being made idiomatic C++. Bug: 132 Change-Id: Ic931895e117c38b14ff8d6e5a273e868796c7581 Reviewed-on: https://boringssl-review.googlesource.com/18124 Reviewed-by: David Benjamin <davidben@google.com>		2017-07-19 19:10:59 +00:00
.github	Add a PULL_REQUEST_TEMPLATE.	2016-03-08 15:23:52 +00:00
crypto	Use __NR_getrandom rather than SYS_getrandom.	2017-07-18 16:28:41 +00:00
decrepit	Move des/ to crypto/fipsmodule/	2017-05-02 19:21:02 +00:00
fipstools	Have run_cavp.go create “resp” directories as needed.	2017-06-08 19:13:01 +00:00
fuzz	Refresh TLS fuzzer corpora.	2017-07-14 20:21:33 +00:00
include/openssl	Move libssl's internals into the bssl namespace.	2017-07-19 19:10:59 +00:00
infra/config	Restore ios64_compile to the CQ.	2017-05-11 16:49:08 +00:00
ssl	Move libssl's internals into the bssl namespace.	2017-07-19 19:10:59 +00:00
third_party	Fix build with VS 2017.	2017-06-07 18:56:06 +00:00
tool	Implement ContentType TLS 1.3 variant.	2017-07-14 19:48:00 +00:00
util	Use -chip_check_exe_only to work around SDE VDSO issues.	2017-07-17 20:23:50 +00:00
.clang-format	Import `newhope' (post-quantum key exchange).	2016-04-26 22:53:59 +00:00
.gitignore	Add sde-linux64 to .gitignore.	2017-05-12 14:53:07 +00:00
API-CONVENTIONS.md	Fix API-CONVENTIONS.md typos.	2017-01-04 01:46:32 +00:00
BUILDING.md	Set static armcaps based on __ARM_FEATURE_CRYPTO.	2017-06-09 00:29:10 +00:00
CMakeLists.txt	Build with -fno-exceptions standalone.	2017-07-18 18:23:24 +00:00
codereview.settings	No-op change to trigger the new Bazel bot.	2016-07-07 12:07:04 -07:00
CONTRIBUTING.md
FUZZING.md	Fix typo in FUZZING.md.	2017-07-06 18:25:07 +00:00
INCORPORATING.md	Update links to Bazel's site.	2016-10-31 18:16:58 +00:00
LICENSE
PORTING.md	Restore SSL_CTX_set_ecdh_auto compatibility hook.	2017-03-14 14:54:45 +00:00
README.md	Add an API-CONVENTIONS.md document.	2016-08-04 23:27:49 +00:00
sources.cmake	Implement scrypt from RFC 7914.	2017-06-12 20:32:21 +00:00
STYLE.md	Add text about build logic to the style guide.	2017-07-06 01:38:28 +00:00

README.md

BoringSSL

BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.

Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.

Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.

BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.

Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.

There are other files in this directory which might be helpful:

PORTING.md: how to port OpenSSL-using code to BoringSSL.
BUILDING.md: how to build BoringSSL
INCORPORATING.md: how to incorporate BoringSSL into a project.
API-CONVENTIONS.md: general API conventions for BoringSSL consumers and developers.
STYLE.md: rules and guidelines for coding style.
include/openssl: public headers with API documentation in comments. Also available online.
FUZZING.md: information about fuzzing BoringSSL.
CONTRIBUTING.md: how to contribute to BoringSSL.