David Benjamin 86e95b852e Move libssl's internals into the bssl namespace. This is horrible, but everything else I tried was worse. The goal with this CL is to take the extern "C" out of ssl/internal.h and move most symbols to namespace bssl, so we can start using C++ helpers and destructors without worry. Complications: - Public API functions must be extern "C" and match their declaration in ssl.h, which is unnamespaced. C++ really does not want you to interleave namespaced and unnamespaced things. One can actually write a namespaced extern "C" function, but this means, from C++'s perspective, the function is namespaced. Trying to namespace the public header would worked but ended up too deep a rabbithole. - Our STACK_OF macros do not work right in namespaces. - The typedefs for our exposed but opaque types are visible in the header files and copied into consuming projects as forward declarations. We ultimately want to give SSL a destructor, but clobbering an unnamespaced ssl_st::~ssl_st seems bad manners. - MSVC complains about ambiguous names if one typedefs SSL to bssl::SSL. This CL opts for: - ssl/*.cc must begin with #define BORINGSSL_INTERNAL_CXX_TYPES. This informs the public headers to create forward declarations which are compatible with our namespaces. - For now, C++-defined type FOO ends up at bssl::FOO with a typedef outside. Later I imagine we'll rename many of them. - Internal functions get namespace bssl, so we stop worrying about stomping the tls1_prf symbol. Exported C functions are stuck as they are. Rather than try anything weird, bite the bullet and reorder files which have a mix of public and private functions. I expect that over time, the public functions will become fairly small as we move logic to more idiomatic C++. Files without any public C functions can just be written normally. - To avoid MSVC troubles, some bssl types are renamed to CPlusPlusStyle in advance of them being made idiomatic C++. Bug: 132 Change-Id: Ic931895e117c38b14ff8d6e5a273e868796c7581 Reviewed-on: https://boringssl-review.googlesource.com/18124 Reviewed-by: David Benjamin <davidben@google.com>		7 years ago
.github	Add a PULL_REQUEST_TEMPLATE.	8 years ago
crypto	Use __NR_getrandom rather than SYS_getrandom.	7 years ago
decrepit	Move des/ to crypto/fipsmodule/	7 years ago
fipstools	Have run_cavp.go create “resp” directories as needed.	7 years ago
fuzz	Refresh TLS fuzzer corpora.	7 years ago
include/openssl	Move libssl's internals into the bssl namespace.	7 years ago
infra/config	Restore ios64_compile to the CQ.	7 years ago
ssl	Move libssl's internals into the bssl namespace.	7 years ago
third_party	Fix build with VS 2017.	7 years ago
tool	Implement ContentType TLS 1.3 variant.	7 years ago
util	Use -chip_check_exe_only to work around SDE VDSO issues.	7 years ago
.clang-format	Import `newhope' (post-quantum key exchange).	8 years ago
.gitignore	Add sde-linux64 to .gitignore.	7 years ago
API-CONVENTIONS.md	Fix API-CONVENTIONS.md typos.	7 years ago
BUILDING.md	Set static armcaps based on __ARM_FEATURE_CRYPTO.	7 years ago
CMakeLists.txt	Build with -fno-exceptions standalone.	7 years ago
CONTRIBUTING.md	Add a CONTRIBUTING.md file.	8 years ago
FUZZING.md	Fix typo in FUZZING.md.	7 years ago
INCORPORATING.md	Update links to Bazel's site.	8 years ago
LICENSE	Add some bug references to the LICENSE file.	8 years ago
PORTING.md	Restore SSL_CTX_set_ecdh_auto compatibility hook.	7 years ago
README.md	Add an API-CONVENTIONS.md document.	8 years ago
STYLE.md	Add text about build logic to the style guide.	7 years ago
codereview.settings	No-op change to trigger the new Bazel bot.	8 years ago
sources.cmake	Implement scrypt from RFC 7914.	7 years ago

README.md

BoringSSL

BoringSSL is a fork of OpenSSL that is designed to meet Google’s needs.

Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don’t recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.

Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.

BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google’s product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.

Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it’s not part of the NDK) and a number of other apps/programs.

There are other files in this directory which might be helpful:

PORTING.md: how to port OpenSSL-using code to BoringSSL.
BUILDING.md: how to build BoringSSL
INCORPORATING.md: how to incorporate BoringSSL into a project.
API-CONVENTIONS.md: general API conventions for BoringSSL consumers and developers.
STYLE.md: rules and guidelines for coding style.
include/openssl: public headers with API documentation in comments. Also available online.
FUZZING.md: information about fuzzing BoringSSL.
CONTRIBUTING.md: how to contribute to BoringSSL.