kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
5,192 Commits 12 Branches 0 Tags 38 MiB
C 43.1%
C++ 23.5%
Go 13.6%
Raku 10.8%
Perl 4%
Other 4.9%
ed188fd8ef
Go to file
David Benjamin ed188fd8ef Enforce supported_versions in the second ServerHello. 
We forgot to do this in our original implementation on general ecosystem
grounds. It's also mandated starting draft-26.

Just to avoid unnecessary turbulence, since draft-23 is doomed to die
anyway, condition this on our draft-28 implementation. (We don't support
24 through 27.)

We'd actually checked this already on the Go side, but the spec wants a
different alert.

Change-Id: I0014cda03d7129df0b48de077e45f8ae9fd16976
Reviewed-on: https://boringssl-review.googlesource.com/28124
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Steven Valdez <svaldez@google.com>
2018-05-07 19:05:20 +00:00
.github
crypto Enforce supported_versions in the second ServerHello. 2018-05-07 19:05:20 +00:00
decrepit fix compilation error for non-english windows (like cjk) 2018-03-15 17:52:23 +00:00
fipstools Merge NIAP and FIPS test suites. 2018-02-20 19:41:45 +00:00
fuzz Defer writing the shim settings. 2018-05-01 19:49:46 +00:00
include/openssl Enforce supported_versions in the second ServerHello. 2018-05-07 19:05:20 +00:00
infra/config Revert "Add other Windows configurations to the CQ." 2018-05-07 18:29:32 +00:00
ssl Enforce supported_versions in the second ServerHello. 2018-05-07 19:05:20 +00:00
third_party Rename third_party/wycheproof to satisfy a bureaucrat. 2018-05-07 18:33:50 +00:00
tool Fix bssl handling of buffered read data. 2018-05-07 19:05:00 +00:00
util Add an accessor for session->certs. 2018-04-27 17:14:38 +00:00
.clang-format
.gitignore [ndk] Change ndk deps in src and relocate to third_party/boringssl 2018-01-22 21:08:28 +00:00
API-CONVENTIONS.md Fix API-CONVENTIONS.md typos. 2017-01-04 01:46:32 +00:00
BREAKING-CHANGES.md Add some notes on how to handle breaking changes. 2018-04-28 00:04:41 +00:00
BUILDING.md Add -DOPENSSL_SMALL to CMake. 2018-03-23 21:07:48 +00:00
CMakeLists.txt Add -DOPENSSL_SMALL to CMake. 2018-03-23 21:07:48 +00:00
codereview.settings No-op change to trigger the new Bazel bot. 2016-07-07 12:07:04 -07:00
CONTRIBUTING.md
FUZZING.md Fix typo in FUZZING.md. 2017-07-06 18:25:07 +00:00
INCORPORATING.md Update links to Bazel's site. 2016-10-31 18:16:58 +00:00
LICENSE Note licenses for support code in the top-level LICENSE file. 2018-03-27 17:03:47 +00:00
PORTING.md Add cpu-aarch64-fuchsia.c 2018-02-13 20:12:47 +00:00
README.md Add some notes on how to handle breaking changes. 2018-04-28 00:04:41 +00:00
sources.cmake Rename third_party/wycheproof to satisfy a bureaucrat. 2018-05-07 18:33:50 +00:00
STYLE.md Fix some style guide samples. 2017-08-31 14:24:45 +00:00

README.md

BoringSSL

BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.

Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.

Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.

BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.

Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.

There are other files in this directory which might be helpful: