Support symbol prefixes
- In base.h, if BORINGSSL_PREFIX is defined, include
boringssl_prefix_symbols.h
- In all .S files, if BORINGSSL_PREFIX is defined, include
boringssl_prefix_symbols_asm.h
- In base.h, BSSL_NAMESPACE_BEGIN and BSSL_NAMESPACE_END are
defined with appropriate values depending on whether
BORINGSSL_PREFIX is defined; these macros are used in place
of 'namespace bssl {' and '}'
- Add util/make_prefix_headers.go, which takes a list of symbols
and auto-generates the header files mentioned above
- In CMakeLists.txt, if BORINGSSL_PREFIX and BORINGSSL_PREFIX_SYMBOLS
are defined, run util/make_prefix_headers.go to generate header
files
- In various CMakeLists.txt files, add "global_target" that all
targets depend on to give us a place to hook logic that must run
before all other targets (in particular, the header file generation
logic)
- Document this in BUILDING.md, including the fact that it is
the caller's responsibility to provide the symbol list and keep it
up to date
- Note that this scheme has not been tested on Windows, and likely
does not work on it; Windows support will need to be added in a
future commit
Change-Id: If66a7157f46b5b66230ef91e15826b910cf979a2
Reviewed-on: https://boringssl-review.googlesource.com/31364
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/BUILDING.md b/BUILDING.md
index 19dbe01..9bf9cb2 100644
--- a/BUILDING.md
+++ b/BUILDING.md
@@ -110,6 +110,28 @@
Passing multiple architectures for a multiple-architecture build is not
supported.
+### Building with Prefixed Symbols
+
+BoringSSL's build system has experimental support for adding a custom prefix to
+all symbols. This can be useful when linking multiple versions of BoringSSL in
+the same project to avoid symbol conflicts.
+
+In order to build with prefixed symbols, the `BORINGSSL_PREFIX` CMake variable
+should specify the prefix to add to all symbols, and the
+`BORINGSSL_PREFIX_SYMBOLS` CMake variable should specify the path to a file
+which contains a list of symbols which should be prefixed (one per line;
+comments are supported with `#`). In other words, `cmake ..
+-DBORINGSSL_PREFIX=MY_CUSTOM_PREFIX
+-DBORINGSSL_PREFIX_SYMBOLS=/path/to/symbols.txt` will configure the build to add
+the prefix `MY_CUSTOM_PREFIX` to all of the symbols listed in
+`/path/to/symbols.txt`.
+
+It is currently the caller's responsibility to create and maintain the list of
+symbols to be prefixed.
+
+This mechanism is under development and may change over time. Please contact the
+BoringSSL maintainers if making use of it.
+
## Known Limitations on Windows
* Versions of CMake since 3.0.2 have a bug in its Ninja generator that causes
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 21c7f01..fab1b3b 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -20,6 +20,11 @@
enable_language(C)
enable_language(CXX)
+# This is a dummy target which all other targets depend on (manually - see other
+# CMakeLists.txt files). This gives us a hook to add any targets which need to
+# run before all other targets.
+add_custom_target(global_target)
+
if(ANDROID)
# Android-NDK CMake files reconfigure the path and so Go and Perl won't be
# found. However, ninja will still find them in $PATH if we just name them.
@@ -41,10 +46,37 @@
if(USE_CUSTOM_LIBCXX)
set(BORINGSSL_ALLOW_CXX_RUNTIME 1)
endif()
+
if(BORINGSSL_ALLOW_CXX_RUNTIME)
add_definitions(-DBORINGSSL_ALLOW_CXX_RUNTIME)
endif()
+if(BORINGSSL_PREFIX AND BORINGSSL_PREFIX_SYMBOLS)
+ add_definitions(-DBORINGSSL_PREFIX=${BORINGSSL_PREFIX})
+
+ # Use "symbol_prefix_include" to store generated header files
+ include_directories(${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include)
+ add_custom_command(
+ OUTPUT symbol_prefix_include/boringssl_prefix_symbols.h
+ symbol_prefix_include/boringssl_prefix_symbols_asm.h
+ symbol_prefix_include/boringssl_prefix_symbols_nasm.inc
+ COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include
+ COMMAND ${GO_EXECUTABLE} run ${CMAKE_CURRENT_SOURCE_DIR}/util/make_prefix_headers.go -out ${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include ${BORINGSSL_PREFIX_SYMBOLS}
+ DEPENDS util/make_prefix_headers.go
+ ${CMAKE_BINARY_DIR}/${BORINGSSL_PREFIX_SYMBOLS})
+
+ # add_dependencies needs a target, not a file, so we add an intermediate
+ # target.
+ add_custom_target(
+ boringssl_prefix_symbols
+ DEPENDS symbol_prefix_include/boringssl_prefix_symbols.h
+ symbol_prefix_include/boringssl_prefix_symbols_asm.h
+ symbol_prefix_include/boringssl_prefix_symbols_nasm.inc)
+ add_dependencies(global_target boringssl_prefix_symbols)
+elseif(BORINGSSL_PREFIX OR BORINGSSL_PREFIX_SYMBOLS)
+ message(FATAL_ERROR "Must specify both or neither of BORINGSSL_PREFIX and BORINGSSL_PREFIX_SYMBOLS")
+endif()
+
if(CMAKE_CXX_COMPILER_ID MATCHES "Clang")
set(CLANG 1)
endif()
diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt
index ea24add..ee7f8b6 100644
--- a/crypto/CMakeLists.txt
+++ b/crypto/CMakeLists.txt
@@ -401,6 +401,8 @@
${CRYPTO_FIPS_OBJECTS}
)
+add_dependencies(crypto global_target)
+
if(FIPS_DELOCATE)
add_dependencies(crypto bcm_o_target)
endif()
@@ -476,6 +478,8 @@
$<TARGET_OBJECTS:test_support>
)
+add_dependencies(crypto_test global_target)
+
target_link_libraries(crypto_test crypto boringssl_gtest)
if(WIN32)
target_link_libraries(crypto_test ws2_32)
diff --git a/crypto/err/internal.h b/crypto/err/internal.h
index 3f2397c..179f756 100644
--- a/crypto/err/internal.h
+++ b/crypto/err/internal.h
@@ -46,11 +46,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(ERR_SAVE_STATE, ERR_SAVE_STATE_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
#endif
diff --git a/crypto/fipsmodule/CMakeLists.txt b/crypto/fipsmodule/CMakeLists.txt
index babda94..1242aa2 100644
--- a/crypto/fipsmodule/CMakeLists.txt
+++ b/crypto/fipsmodule/CMakeLists.txt
@@ -136,6 +136,8 @@
bcm.c
)
+ add_dependencies(bcm_c_generated_asm global_target)
+
set_target_properties(bcm_c_generated_asm PROPERTIES COMPILE_OPTIONS "-S")
set_target_properties(bcm_c_generated_asm PROPERTIES POSITION_INDEPENDENT_CODE ON)
@@ -164,6 +166,8 @@
bcm-delocated.S
)
+ add_dependencies(bcm_hashunset global_target)
+
set_target_properties(bcm_hashunset PROPERTIES POSITION_INDEPENDENT_CODE ON)
set_target_properties(bcm_hashunset PROPERTIES LINKER_LANGUAGE C)
@@ -187,6 +191,8 @@
is_fips.c
)
+ add_dependencies(fipsmodule global_target)
+
set_target_properties(fipsmodule PROPERTIES LINKER_LANGUAGE C)
else()
add_library(
@@ -199,4 +205,6 @@
${BCM_ASM_SOURCES}
)
+
+ add_dependencies(fipsmodule global_target)
endif()
diff --git a/crypto/internal.h b/crypto/internal.h
index c4e2e51..0e8ae3a 100644
--- a/crypto/internal.h
+++ b/crypto/internal.h
@@ -488,7 +488,7 @@
#if defined(__cplusplus)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
namespace internal {
@@ -516,7 +516,7 @@
using MutexReadLock =
internal::MutexLockBase<CRYPTO_MUTEX_lock_read, CRYPTO_MUTEX_unlock_read>;
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern "C++"
#endif // defined(__cplusplus)
diff --git a/crypto/perlasm/x86_64-xlate.pl b/crypto/perlasm/x86_64-xlate.pl
index e2ea0d2..f6a57e0 100755
--- a/crypto/perlasm/x86_64-xlate.pl
+++ b/crypto/perlasm/x86_64-xlate.pl
@@ -1129,6 +1129,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
___
} elsif ($masm) {
print <<___;
@@ -1136,6 +1140,9 @@
___
}
print STDOUT "#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)\n" if ($gas);
+print STDOUT "#if defined(BORINGSSL_PREFIX)\n" if ($gas);
+print STDOUT "#include <boringssl_prefix_symbols_asm.h>\n" if ($gas);
+print STDOUT "#endif\n" if ($gas);
while(defined(my $line=<>)) {
diff --git a/crypto/test/CMakeLists.txt b/crypto/test/CMakeLists.txt
index 90707dd..3e02c3c 100644
--- a/crypto/test/CMakeLists.txt
+++ b/crypto/test/CMakeLists.txt
@@ -9,6 +9,8 @@
wycheproof_util.cc
)
+add_dependencies(test_support global_target)
+
add_library(
boringssl_gtest_main
@@ -16,3 +18,5 @@
gtest_main.cc
)
+
+add_dependencies(boringssl_gtest_main global_target)
diff --git a/crypto/test/gtest_main.h b/crypto/test/gtest_main.h
index d21af10..927ab17 100644
--- a/crypto/test/gtest_main.h
+++ b/crypto/test/gtest_main.h
@@ -30,7 +30,7 @@
#endif
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
class ErrorTestEventListener : public testing::EmptyTestEventListener {
public:
@@ -73,7 +73,7 @@
new ErrorTestEventListener);
}
-} // namespace bssl
+BSSL_NAMESPACE_END
#endif // OPENSSL_HEADER_CRYPTO_TEST_GTEST_MAIN_H
diff --git a/decrepit/CMakeLists.txt b/decrepit/CMakeLists.txt
index e028f18..1cb5e11 100644
--- a/decrepit/CMakeLists.txt
+++ b/decrepit/CMakeLists.txt
@@ -22,6 +22,8 @@
xts/xts.c
)
+add_dependencies(decrepit global_target)
+
target_link_libraries(decrepit crypto ssl)
add_executable(
@@ -34,6 +36,8 @@
$<TARGET_OBJECTS:test_support>
)
+add_dependencies(decrepit_test global_target)
+
target_link_libraries(decrepit_test crypto decrepit boringssl_gtest)
if(WIN32)
target_link_libraries(decrepit_test ws2_32)
diff --git a/fipstools/CMakeLists.txt b/fipstools/CMakeLists.txt
index f0f7b2c..779fcd1 100644
--- a/fipstools/CMakeLists.txt
+++ b/fipstools/CMakeLists.txt
@@ -29,6 +29,8 @@
$<TARGET_OBJECTS:test_support>
)
+ add_dependencies(cavp global_target)
+
add_executable(
test_fips
@@ -36,6 +38,8 @@
$<TARGET_OBJECTS:test_support>
)
+ add_dependencies(test_fips global_target)
+
target_link_libraries(cavp crypto)
target_link_libraries(test_fips crypto)
endif()
diff --git a/fuzz/CMakeLists.txt b/fuzz/CMakeLists.txt
index f60dc00..03d0326 100644
--- a/fuzz/CMakeLists.txt
+++ b/fuzz/CMakeLists.txt
@@ -4,6 +4,7 @@
macro(fuzzer name)
add_executable(${name} ${name}.cc)
+ add_dependencies(${name} global_target)
target_link_libraries(${name} crypto ${ARGN})
set_target_properties(${name} PROPERTIES LINK_FLAGS "-fsanitize=fuzzer")
endmacro()
diff --git a/include/openssl/aead.h b/include/openssl/aead.h
index af31554..f19344e 100644
--- a/include/openssl/aead.h
+++ b/include/openssl/aead.h
@@ -425,7 +425,7 @@
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
using ScopedEVP_AEAD_CTX =
internal::StackAllocated<EVP_AEAD_CTX, void, EVP_AEAD_CTX_zero,
@@ -433,7 +433,7 @@
BORINGSSL_MAKE_DELETER(EVP_AEAD_CTX, EVP_AEAD_CTX_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
#endif
diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h
index f7b6b86..46e5f53 100644
--- a/include/openssl/asn1.h
+++ b/include/openssl/asn1.h
@@ -875,13 +875,13 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(ASN1_OBJECT, ASN1_OBJECT_free)
BORINGSSL_MAKE_DELETER(ASN1_STRING, ASN1_STRING_free)
BORINGSSL_MAKE_DELETER(ASN1_TYPE, ASN1_TYPE_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} /* extern C++ */
diff --git a/include/openssl/base.h b/include/openssl/base.h
index aa1be1f..f86968b 100644
--- a/include/openssl/base.h
+++ b/include/openssl/base.h
@@ -71,6 +71,10 @@
#include <openssl/is_boringssl.h>
#include <openssl/opensslconf.h>
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols.h>
+#endif
+
#if defined(__cplusplus)
extern "C" {
#endif
@@ -366,6 +370,19 @@
#endif
#if !defined(BORINGSSL_NO_CXX)
+
+#if defined(BORINGSSL_PREFIX)
+#define BSSL_NAMESPACE_BEGIN \
+ namespace bssl { \
+ inline namespace BORINGSSL_PREFIX {
+#define BSSL_NAMESPACE_END \
+ } \
+ }
+#else
+#define BSSL_NAMESPACE_BEGIN namespace bssl {
+#define BSSL_NAMESPACE_END }
+#endif
+
extern "C++" {
#include <memory>
@@ -387,7 +404,7 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
namespace internal {
@@ -464,7 +481,7 @@
return UpRef(ptr.get()); \
}
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/bio.h b/include/openssl/bio.h
index dcf8ab7..2e056a1 100644
--- a/include/openssl/bio.h
+++ b/include/openssl/bio.h
@@ -894,12 +894,12 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(BIO, BIO_free)
BORINGSSL_MAKE_UP_REF(BIO, BIO_up_ref)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/bn.h b/include/openssl/bn.h
index 82195ed..251c717 100644
--- a/include/openssl/bn.h
+++ b/include/openssl/bn.h
@@ -987,7 +987,7 @@
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(BIGNUM, BN_free)
BORINGSSL_MAKE_DELETER(BN_CTX, BN_CTX_free)
@@ -1005,7 +1005,7 @@
BN_CTXScope &operator=(BN_CTXScope &) = delete;
};
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
#endif
diff --git a/include/openssl/buf.h b/include/openssl/buf.h
index 3f961b8..10a555f 100644
--- a/include/openssl/buf.h
+++ b/include/openssl/buf.h
@@ -124,11 +124,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(BUF_MEM, BUF_MEM_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/bytestring.h b/include/openssl/bytestring.h
index 3057604..1400f2e 100644
--- a/include/openssl/bytestring.h
+++ b/include/openssl/bytestring.h
@@ -491,11 +491,11 @@
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
using ScopedCBB = internal::StackAllocated<CBB, void, CBB_zero, CBB_cleanup>;
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
#endif
diff --git a/include/openssl/cipher.h b/include/openssl/cipher.h
index b8d4e52..5963413 100644
--- a/include/openssl/cipher.h
+++ b/include/openssl/cipher.h
@@ -571,7 +571,7 @@
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(EVP_CIPHER_CTX, EVP_CIPHER_CTX_free)
@@ -579,7 +579,7 @@
internal::StackAllocated<EVP_CIPHER_CTX, int, EVP_CIPHER_CTX_init,
EVP_CIPHER_CTX_cleanup>;
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
#endif
diff --git a/include/openssl/cmac.h b/include/openssl/cmac.h
index 5e9f3d0..3e8cf92 100644
--- a/include/openssl/cmac.h
+++ b/include/openssl/cmac.h
@@ -78,11 +78,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(CMAC_CTX, CMAC_CTX_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/conf.h b/include/openssl/conf.h
index 4ffce37..07e34ee 100644
--- a/include/openssl/conf.h
+++ b/include/openssl/conf.h
@@ -162,11 +162,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(CONF, NCONF_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/curve25519.h b/include/openssl/curve25519.h
index 332215b..a455389 100644
--- a/include/openssl/curve25519.h
+++ b/include/openssl/curve25519.h
@@ -188,11 +188,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(SPAKE2_CTX, SPAKE2_CTX_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/dh.h b/include/openssl/dh.h
index ae24c25..7188790 100644
--- a/include/openssl/dh.h
+++ b/include/openssl/dh.h
@@ -278,11 +278,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(DH, DH_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/digest.h b/include/openssl/digest.h
index 4a2b710..1a1ca29 100644
--- a/include/openssl/digest.h
+++ b/include/openssl/digest.h
@@ -295,7 +295,7 @@
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(EVP_MD_CTX, EVP_MD_CTX_free)
@@ -303,7 +303,7 @@
internal::StackAllocated<EVP_MD_CTX, int, EVP_MD_CTX_init,
EVP_MD_CTX_cleanup>;
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
#endif
diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h
index a5fa767..70cde7b 100644
--- a/include/openssl/dsa.h
+++ b/include/openssl/dsa.h
@@ -417,12 +417,12 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(DSA, DSA_free)
BORINGSSL_MAKE_DELETER(DSA_SIG, DSA_SIG_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index dbb72ab..41a9c34 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -357,12 +357,12 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(EC_POINT, EC_POINT_free)
BORINGSSL_MAKE_DELETER(EC_GROUP, EC_GROUP_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/ec_key.h b/include/openssl/ec_key.h
index 6944049..7e9e4e8 100644
--- a/include/openssl/ec_key.h
+++ b/include/openssl/ec_key.h
@@ -336,11 +336,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(EC_KEY, EC_KEY_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/ecdsa.h b/include/openssl/ecdsa.h
index ff326ab..d4d353e 100644
--- a/include/openssl/ecdsa.h
+++ b/include/openssl/ecdsa.h
@@ -179,11 +179,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(ECDSA_SIG, ECDSA_SIG_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/engine.h b/include/openssl/engine.h
index 595e53c..9d45952 100644
--- a/include/openssl/engine.h
+++ b/include/openssl/engine.h
@@ -94,11 +94,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(ENGINE, ENGINE_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 9b00a07..45e1b6d 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -870,13 +870,13 @@
} // extern C
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(EVP_PKEY, EVP_PKEY_free)
BORINGSSL_MAKE_UP_REF(EVP_PKEY, EVP_PKEY_up_ref)
BORINGSSL_MAKE_DELETER(EVP_PKEY_CTX, EVP_PKEY_CTX_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/hmac.h b/include/openssl/hmac.h
index 977dea6..b5d1e42 100644
--- a/include/openssl/hmac.h
+++ b/include/openssl/hmac.h
@@ -169,14 +169,14 @@
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(HMAC_CTX, HMAC_CTX_free)
using ScopedHMAC_CTX =
internal::StackAllocated<HMAC_CTX, void, HMAC_CTX_init, HMAC_CTX_cleanup>;
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
#endif
diff --git a/include/openssl/mem.h b/include/openssl/mem.h
index 7d7087e..9f9c00d 100644
--- a/include/openssl/mem.h
+++ b/include/openssl/mem.h
@@ -142,12 +142,12 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(char, OPENSSL_free)
BORINGSSL_MAKE_DELETER(uint8_t, OPENSSL_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/pkcs7.h b/include/openssl/pkcs7.h
index 52b649c..cb6155f 100644
--- a/include/openssl/pkcs7.h
+++ b/include/openssl/pkcs7.h
@@ -199,11 +199,11 @@
} // extern C
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(PKCS7, PKCS7_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
#endif
diff --git a/include/openssl/pkcs8.h b/include/openssl/pkcs8.h
index 9a66dd0..ee48f19 100644
--- a/include/openssl/pkcs8.h
+++ b/include/openssl/pkcs8.h
@@ -215,12 +215,12 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(PKCS12, PKCS12_free)
BORINGSSL_MAKE_DELETER(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/pool.h b/include/openssl/pool.h
index 1259f4a..0e4bdd5 100644
--- a/include/openssl/pool.h
+++ b/include/openssl/pool.h
@@ -87,13 +87,13 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(CRYPTO_BUFFER_POOL, CRYPTO_BUFFER_POOL_free)
BORINGSSL_MAKE_DELETER(CRYPTO_BUFFER, CRYPTO_BUFFER_free)
BORINGSSL_MAKE_UP_REF(CRYPTO_BUFFER, CRYPTO_BUFFER_up_ref)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h
index 47e2d34..8098c48 100644
--- a/include/openssl/rsa.h
+++ b/include/openssl/rsa.h
@@ -723,11 +723,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(RSA, RSA_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/span.h b/include/openssl/span.h
index 5ed96b7..298a722 100644
--- a/include/openssl/span.h
+++ b/include/openssl/span.h
@@ -25,7 +25,7 @@
#include <cstdlib>
#include <type_traits>
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
template <typename T>
class Span;
@@ -190,7 +190,7 @@
return MakeConstSpan(c.data(), c.size());
}
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 5546f4e..0d5a444 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -4383,6 +4383,10 @@
#define SSL_CTRL_SET_TMP_RSA doesnt_exist
#define SSL_CTRL_SET_TMP_RSA_CB doesnt_exist
+// |BORINGSSL_PREFIX| already makes each of these symbols into macros, so there
+// is no need to define conflicting macros.
+#if !defined(BORINGSSL_PREFIX)
+
#define DTLSv1_get_timeout DTLSv1_get_timeout
#define DTLSv1_handle_timeout DTLSv1_handle_timeout
#define SSL_CTX_add0_chain_cert SSL_CTX_add0_chain_cert
@@ -4452,6 +4456,8 @@
#define SSL_set_tmp_rsa SSL_set_tmp_rsa
#define SSL_total_renegotiations SSL_total_renegotiations
+#endif // !defined(BORINGSSL_PREFIX)
+
#if defined(__cplusplus)
} // extern C
@@ -4460,7 +4466,7 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(SSL, SSL_free)
BORINGSSL_MAKE_DELETER(SSL_CTX, SSL_CTX_free)
@@ -4572,7 +4578,7 @@
OPENSSL_EXPORT bool SSL_serialize_handback(const SSL *ssl, CBB *out);
OPENSSL_EXPORT bool SSL_apply_handback(SSL *ssl, Span<const uint8_t> handback);
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/include/openssl/stack.h b/include/openssl/stack.h
index a1cca59..15b6adf 100644
--- a/include/openssl/stack.h
+++ b/include/openssl/stack.h
@@ -219,17 +219,17 @@
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
namespace internal {
template <typename T>
struct StackTraits {};
}
-}
+BSSL_NAMESPACE_END
}
#define BORINGSSL_DEFINE_STACK_TRAITS(name, type, is_const) \
extern "C++" { \
- namespace bssl { \
+ BSSL_NAMESPACE_BEGIN \
namespace internal { \
template <> \
struct StackTraits<STACK_OF(name)> { \
@@ -238,7 +238,7 @@
static constexpr bool kIsConst = is_const; \
}; \
} \
- } \
+ BSSL_NAMESPACE_END \
}
#else
@@ -393,7 +393,7 @@
#include <type_traits>
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
namespace internal {
@@ -474,7 +474,7 @@
return true;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
// Define begin() and end() for stack types so C++ range for loops work.
template <typename Stack>
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index eeab5ec..72f7314 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -1129,7 +1129,7 @@
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(NETSCAPE_SPKI, NETSCAPE_SPKI_free)
BORINGSSL_MAKE_DELETER(RSA_PSS_PARAMS, RSA_PSS_PARAMS_free)
@@ -1158,7 +1158,7 @@
internal::StackAllocated<X509_STORE_CTX, void, X509_STORE_CTX_zero,
X509_STORE_CTX_cleanup>;
-} // namespace bssl
+BSSL_NAMESPACE_END
} /* extern C++ */
#endif /* !BORINGSSL_NO_CXX */
diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h
index 1af439d..53e20a0 100644
--- a/include/openssl/x509v3.h
+++ b/include/openssl/x509v3.h
@@ -751,7 +751,7 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(ACCESS_DESCRIPTION, ACCESS_DESCRIPTION_free)
BORINGSSL_MAKE_DELETER(AUTHORITY_KEYID, AUTHORITY_KEYID_free)
@@ -760,7 +760,7 @@
BORINGSSL_MAKE_DELETER(GENERAL_NAME, GENERAL_NAME_free)
BORINGSSL_MAKE_DELETER(POLICYINFO, POLICYINFO_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} /* extern C++ */
#endif
diff --git a/ssl/CMakeLists.txt b/ssl/CMakeLists.txt
index 6881089..d6c1294 100644
--- a/ssl/CMakeLists.txt
+++ b/ssl/CMakeLists.txt
@@ -41,6 +41,8 @@
tls13_server.cc
)
+add_dependencies(ssl global_target)
+
target_link_libraries(ssl crypto)
add_executable(
@@ -53,6 +55,8 @@
$<TARGET_OBJECTS:test_support>
)
+add_dependencies(ssl_test global_target)
+
target_link_libraries(ssl_test ssl crypto boringssl_gtest)
if(WIN32)
target_link_libraries(ssl_test ws2_32)
diff --git a/ssl/d1_both.cc b/ssl/d1_both.cc
index f22a498..3f7739e 100644
--- a/ssl/d1_both.cc
+++ b/ssl/d1_both.cc
@@ -127,7 +127,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// TODO(davidben): 28 comes from the size of IP + UDP header. Is this reasonable
// for these values? Notably, why is kMinMTU a function of the transport
@@ -848,4 +848,4 @@
return kMinMTU;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/ssl/d1_lib.cc b/ssl/d1_lib.cc
index d73e538..0e0b211 100644
--- a/ssl/d1_lib.cc
+++ b/ssl/d1_lib.cc
@@ -68,7 +68,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// DTLS1_MTU_TIMEOUTS is the maximum number of timeouts to expire
// before starting to decrease the MTU.
@@ -187,7 +187,7 @@
return true;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/ssl/d1_pkt.cc b/ssl/d1_pkt.cc
index a694c5f..be595b0 100644
--- a/ssl/d1_pkt.cc
+++ b/ssl/d1_pkt.cc
@@ -126,7 +126,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
ssl_open_record_t dtls1_open_app_data(SSL *ssl, Span<uint8_t> *out,
size_t *out_consumed, uint8_t *out_alert,
@@ -271,4 +271,4 @@
return 1;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/ssl/dtls_record.cc b/ssl/dtls_record.cc
index d348601..3950ae2 100644
--- a/ssl/dtls_record.cc
+++ b/ssl/dtls_record.cc
@@ -121,7 +121,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// to_u64_be treats |in| as a 8-byte big-endian integer and returns the value as
// a |uint64_t|.
@@ -350,4 +350,4 @@
return 1;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/ssl/handoff.cc b/ssl/handoff.cc
index 68cac5b..a47b7c1 100644
--- a/ssl/handoff.cc
+++ b/ssl/handoff.cc
@@ -19,7 +19,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
constexpr int kHandoffVersion = 0;
constexpr int kHandbackVersion = 0;
@@ -359,4 +359,4 @@
return CBS_len(&seq) == 0;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/ssl/handshake.cc b/ssl/handshake.cc
index 8e5c62c..963038f 100644
--- a/ssl/handshake.cc
+++ b/ssl/handshake.cc
@@ -122,7 +122,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
SSL_HANDSHAKE::SSL_HANDSHAKE(SSL *ssl_arg)
: ssl(ssl_arg),
@@ -667,4 +667,4 @@
}
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/ssl/handshake_client.cc b/ssl/handshake_client.cc
index ae6670f..ae96bcf 100644
--- a/ssl/handshake_client.cc
+++ b/ssl/handshake_client.cc
@@ -172,7 +172,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
enum ssl_client_hs_state_t {
state_start_connect = 0,
@@ -1820,4 +1820,4 @@
return "TLS client unknown";
}
-}
+BSSL_NAMESPACE_END
diff --git a/ssl/handshake_server.cc b/ssl/handshake_server.cc
index f0ed0d8..c546088 100644
--- a/ssl/handshake_server.cc
+++ b/ssl/handshake_server.cc
@@ -170,7 +170,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
bool ssl_client_cipher_list_contains_cipher(
const SSL_CLIENT_HELLO *client_hello, uint16_t id) {
@@ -1626,4 +1626,4 @@
return "TLS server unknown";
}
-}
+BSSL_NAMESPACE_END
diff --git a/ssl/internal.h b/ssl/internal.h
index 2877896..98ce6e0 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -173,7 +173,7 @@
#endif
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
struct SSL_CONFIG;
struct SSL_HANDSHAKE;
@@ -414,7 +414,7 @@
// Cipher suites.
-} // namespace bssl
+BSSL_NAMESPACE_END
struct ssl_cipher_st {
// name is the OpenSSL name for the cipher.
@@ -432,7 +432,7 @@
uint32_t algorithm_prf;
};
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// Bits for |algorithm_mkey| (key exchange algorithm).
#define SSL_kRSA 0x00000001u
@@ -2015,13 +2015,13 @@
uint16_t alg_id = 0;
};
-} // namespace bssl
+BSSL_NAMESPACE_END
DECLARE_LHASH_OF(SSL_SESSION)
DEFINE_NAMED_STACK_OF(CertCompressionAlg, bssl::CertCompressionAlg);
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// An ssl_shutdown_t describes the shutdown state of one end of the connection,
// whether it is alive or has been shutdown via close_notify or fatal alert.
@@ -2749,7 +2749,7 @@
// current state of the error queue.
void ssl_set_read_error(SSL *ssl);
-} // namespace bssl
+BSSL_NAMESPACE_END
// Opaque C types.
diff --git a/ssl/s3_both.cc b/ssl/s3_both.cc
index 98896a3..c1d4b65 100644
--- a/ssl/s3_both.cc
+++ b/ssl/s3_both.cc
@@ -130,7 +130,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
static bool add_record_to_flight(SSL *ssl, uint8_t type,
Span<const uint8_t> in) {
@@ -636,4 +636,4 @@
}
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/ssl/s3_lib.cc b/ssl/s3_lib.cc
index 0b24f94..0e0770c 100644
--- a/ssl/s3_lib.cc
+++ b/ssl/s3_lib.cc
@@ -162,7 +162,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
SSL3_STATE::SSL3_STATE()
: skip_early_data(false),
@@ -215,4 +215,4 @@
ssl->s3 = NULL;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/ssl/s3_pkt.cc b/ssl/s3_pkt.cc
index 50e709b..1ccbf9f 100644
--- a/ssl/s3_pkt.cc
+++ b/ssl/s3_pkt.cc
@@ -122,7 +122,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
static int do_ssl3_write(SSL *ssl, int type, const uint8_t *in, unsigned len);
@@ -425,4 +425,4 @@
return 1;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/ssl/span_test.cc b/ssl/span_test.cc
index 0aa7f3d..7db3d70 100644
--- a/ssl/span_test.cc
+++ b/ssl/span_test.cc
@@ -19,7 +19,7 @@
#include <openssl/ssl.h>
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
namespace {
static void TestCtor(Span<int> s, const int *ptr, size_t size) {
@@ -87,4 +87,4 @@
}
} // namespace
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/ssl/ssl_aead_ctx.cc b/ssl/ssl_aead_ctx.cc
index 322b1b5..6a25780 100644
--- a/ssl/ssl_aead_ctx.cc
+++ b/ssl/ssl_aead_ctx.cc
@@ -31,7 +31,7 @@
#define FUZZER_MODE false
#endif
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
SSLAEADContext::SSLAEADContext(uint16_t version_arg, bool is_dtls_arg,
const SSL_CIPHER *cipher_arg)
@@ -433,4 +433,4 @@
EVP_AEAD_CTX_get_iv(ctx_.get(), out_iv, out_iv_len);
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/ssl/ssl_asn1.cc b/ssl/ssl_asn1.cc
index 5dfacb2..caccef4 100644
--- a/ssl/ssl_asn1.cc
+++ b/ssl/ssl_asn1.cc
@@ -104,7 +104,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// An SSL_SESSION is serialized as the following ASN.1 structure:
//
@@ -751,7 +751,7 @@
return SSL_SESSION_to_bytes_full(in, cbb, 0);
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/ssl/ssl_buffer.cc b/ssl/ssl_buffer.cc
index 72647a4..b94f081 100644
--- a/ssl/ssl_buffer.cc
+++ b/ssl/ssl_buffer.cc
@@ -27,7 +27,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// BIO uses int instead of size_t. No lengths will exceed uint16_t, so this will
// not overflow.
@@ -284,4 +284,4 @@
}
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/ssl/ssl_cert.cc b/ssl/ssl_cert.cc
index 4842974..3f3a1c5 100644
--- a/ssl/ssl_cert.cc
+++ b/ssl/ssl_cert.cc
@@ -133,7 +133,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
CERT::CERT(const SSL_X509_METHOD *x509_method_arg)
: x509_method(x509_method_arg) {}
@@ -750,7 +750,7 @@
return hs->local_pubkey != NULL;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/ssl/ssl_cipher.cc b/ssl/ssl_cipher.cc
index 5899500..1e5320c 100644
--- a/ssl/ssl_cipher.cc
+++ b/ssl/ssl_cipher.cc
@@ -154,7 +154,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// kCiphers is an array of all supported ciphers, sorted by id.
static constexpr SSL_CIPHER kCiphers[] = {
@@ -1306,7 +1306,7 @@
return ret;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/ssl/ssl_key_share.cc b/ssl/ssl_key_share.cc
index c7f6f88..866da67 100644
--- a/ssl/ssl_key_share.cc
+++ b/ssl/ssl_key_share.cc
@@ -31,7 +31,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
namespace {
@@ -292,7 +292,7 @@
return 0;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc
index 120c276..13b9cac 100644
--- a/ssl/ssl_lib.cc
+++ b/ssl/ssl_lib.cc
@@ -162,7 +162,7 @@
#endif
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// |SSL_R_UNKNOWN_PROTOCOL| is no longer emitted, but continue to define it
// to avoid downstream churn.
@@ -506,7 +506,7 @@
ssl->config->handoff = on;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/ssl/ssl_privkey.cc b/ssl/ssl_privkey.cc
index fecac39..b2f8177 100644
--- a/ssl/ssl_privkey.cc
+++ b/ssl/ssl_privkey.cc
@@ -69,7 +69,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
int ssl_is_key_type_supported(int key_type) {
return key_type == EVP_PKEY_RSA || key_type == EVP_PKEY_EC ||
@@ -287,7 +287,7 @@
return true;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/ssl/ssl_session.cc b/ssl/ssl_session.cc
index 1b0b68a..927dd1b 100644
--- a/ssl/ssl_session.cc
+++ b/ssl/ssl_session.cc
@@ -151,7 +151,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// The address of this is a magic value, a pointer to which is returned by
// SSL_magic_pending_session_ptr(). It allows a session callback to indicate
@@ -838,7 +838,7 @@
}
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc
index 2f78032..bb47b70 100644
--- a/ssl/ssl_test.cc
+++ b/ssl/ssl_test.cc
@@ -53,7 +53,7 @@
#endif
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
namespace {
@@ -4443,4 +4443,4 @@
}
} // namespace
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/ssl/ssl_transcript.cc b/ssl/ssl_transcript.cc
index 24b86bf..8bb513d 100644
--- a/ssl/ssl_transcript.cc
+++ b/ssl/ssl_transcript.cc
@@ -141,7 +141,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
SSLTranscript::SSLTranscript() {}
@@ -261,4 +261,4 @@
return true;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/ssl/ssl_versions.cc b/ssl/ssl_versions.cc
index 212c3ac..911fb7e 100644
--- a/ssl/ssl_versions.cc
+++ b/ssl/ssl_versions.cc
@@ -23,7 +23,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
bool ssl_protocol_version_from_wire(uint16_t *out, uint16_t version) {
switch (version) {
@@ -360,7 +360,7 @@
return version == TLS1_3_DRAFT28_VERSION || version == TLS1_3_VERSION;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/ssl/ssl_x509.cc b/ssl/ssl_x509.cc
index ef09589..9fa800f 100644
--- a/ssl/ssl_x509.cc
+++ b/ssl/ssl_x509.cc
@@ -155,7 +155,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// check_ssl_x509_method asserts that |ssl| has the X509-based method
// installed. Calling an X509-based method on an |ssl| with a different method
@@ -506,7 +506,7 @@
ssl_crypto_x509_ssl_ctx_flush_cached_client_CA,
};
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/ssl/t1_enc.cc b/ssl/t1_enc.cc
index 93170b9..c6b2844 100644
--- a/ssl/t1_enc.cc
+++ b/ssl/t1_enc.cc
@@ -153,7 +153,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
bool tls1_prf(const EVP_MD *digest, Span<uint8_t> out,
Span<const uint8_t> secret, Span<const char> label,
@@ -277,7 +277,7 @@
return SSL3_MASTER_SECRET_SIZE;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/ssl/t1_lib.cc b/ssl/t1_lib.cc
index 32ea2d4..3f4818f 100644
--- a/ssl/t1_lib.cc
+++ b/ssl/t1_lib.cc
@@ -129,7 +129,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
static bool ssl_check_clienthello_tlsext(SSL_HANDSHAKE *hs);
@@ -3836,7 +3836,7 @@
return true;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/ssl/test/CMakeLists.txt b/ssl/test/CMakeLists.txt
index 425b43b..d86464c 100644
--- a/ssl/test/CMakeLists.txt
+++ b/ssl/test/CMakeLists.txt
@@ -14,6 +14,8 @@
$<TARGET_OBJECTS:test_support>
)
+add_dependencies(bssl_shim global_target)
+
target_link_libraries(bssl_shim ssl crypto)
if(UNIX AND NOT APPLE AND NOT ANDROID)
@@ -31,6 +33,8 @@
$<TARGET_OBJECTS:test_support>
)
+ add_dependencies(handshaker global_target)
+
target_link_libraries(handshaker ssl crypto)
else()
# Declare a dummy target for run_tests to depend on.
diff --git a/ssl/tls13_both.cc b/ssl/tls13_both.cc
index faaa88d..a02d35d 100644
--- a/ssl/tls13_both.cc
+++ b/ssl/tls13_both.cc
@@ -30,7 +30,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// kMaxKeyUpdates is the number of consecutive KeyUpdates that will be
// processed. Without this limit an attacker could force unbounded processing
@@ -665,4 +665,4 @@
return false;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/ssl/tls13_client.cc b/ssl/tls13_client.cc
index 7de70b0..26f5fb9 100644
--- a/ssl/tls13_client.cc
+++ b/ssl/tls13_client.cc
@@ -31,7 +31,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
enum client_hs_state_t {
state_read_hello_retry_request = 0,
@@ -929,4 +929,4 @@
return true;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/ssl/tls13_enc.cc b/ssl/tls13_enc.cc
index 84bc5d2..e451838 100644
--- a/ssl/tls13_enc.cc
+++ b/ssl/tls13_enc.cc
@@ -30,7 +30,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
static int init_key_schedule(SSL_HANDSHAKE *hs, uint16_t version,
const SSL_CIPHER *cipher) {
@@ -487,4 +487,4 @@
return 1;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/ssl/tls13_server.cc b/ssl/tls13_server.cc
index bf3e2cf..b1940d8 100644
--- a/ssl/tls13_server.cc
+++ b/ssl/tls13_server.cc
@@ -36,7 +36,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
enum server_hs_state_t {
state_select_parameters = 0,
@@ -1028,4 +1028,4 @@
return "TLS 1.3 server unknown";
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/ssl/tls_method.cc b/ssl/tls_method.cc
index 2af5171..116f027 100644
--- a/ssl/tls_method.cc
+++ b/ssl/tls_method.cc
@@ -65,7 +65,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
static void ssl3_on_handshake_complete(SSL *ssl) {
// The handshake should have released its final message.
@@ -182,7 +182,7 @@
ssl_noop_x509_ssl_ctx_flush_cached_client_CA,
};
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/ssl/tls_record.cc b/ssl/tls_record.cc
index a2e4a20..452b0cf 100644
--- a/ssl/tls_record.cc
+++ b/ssl/tls_record.cc
@@ -119,7 +119,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// kMaxEmptyRecords is the number of consecutive, empty records that will be
// processed. Without this limit an attacker could send empty records at a
@@ -674,7 +674,7 @@
in.data(), in.size());
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/third_party/fiat/CMakeLists.txt b/third_party/fiat/CMakeLists.txt
deleted file mode 100644
index fcc77d5..0000000
--- a/third_party/fiat/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- fiat
-
- OBJECT
-
- curve25519.c
-)
diff --git a/tool/CMakeLists.txt b/tool/CMakeLists.txt
index 87efb09..7f34017 100644
--- a/tool/CMakeLists.txt
+++ b/tool/CMakeLists.txt
@@ -20,6 +20,8 @@
transport_common.cc
)
+add_dependencies(bssl global_target)
+
if(APPLE OR WIN32 OR ANDROID)
target_link_libraries(bssl ssl crypto)
else()
diff --git a/util/make_prefix_headers.go b/util/make_prefix_headers.go
new file mode 100644
index 0000000..a5e5441
--- /dev/null
+++ b/util/make_prefix_headers.go
@@ -0,0 +1,216 @@
+// Copyright (c) 2018, Google Inc.
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+// This program takes a file containing newline-separated symbols, and generates
+// boringssl_prefix_symbols.h, boringssl_prefix_symbols_asm.h, and
+// boringssl_prefix_symbols_nasm.inc. These header files can be used to build
+// BoringSSL with a prefix for all symbols in order to avoid symbol name
+// conflicts when linking a project with multiple copies of BoringSSL; see
+// BUILDING.md for more details.
+
+// TODO(joshlf): For platforms which support it, use '#pragma redefine_extname'
+// instead of a custom macro. This avoids the need for a custom macro, but also
+// ensures that our renaming won't conflict with symbols defined and used by our
+// consumers (the "HMAC" problem). An example of this approach can be seen in
+// IllumOS' fork of OpenSSL:
+// https://github.com/joyent/illumos-extra/blob/master/openssl1x/sunw_prefix.h
+
+package main
+
+import (
+ "bufio"
+ "flag"
+ "fmt"
+ "os"
+ "path/filepath"
+ "strings"
+)
+
+var out = flag.String("out", ".", "Path to a directory where the outputs will be written")
+
+// Read newline-separated symbols from a file, ignoring any comments started
+// with '#'.
+func readSymbols(path string) ([]string, error) {
+ f, err := os.Open(path)
+ if err != nil {
+ return nil, err
+ }
+ defer f.Close()
+ scanner := bufio.NewScanner(f)
+ var ret []string
+ for scanner.Scan() {
+ line := scanner.Text()
+ if idx := strings.IndexByte(line, '#'); idx >= 0 {
+ line = line[:idx]
+ }
+ line = strings.TrimSpace(line)
+ if len(line) == 0 {
+ continue
+ }
+ ret = append(ret, line)
+ }
+ if err := scanner.Err(); err != nil {
+ return nil, err
+ }
+ return ret, nil
+}
+
+func writeCHeader(symbols []string, path string) error {
+ f, err := os.Create(path)
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+
+ if _, err := f.WriteString(`// Copyright (c) 2018, Google Inc.
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+// BORINGSSL_ADD_PREFIX pastes two identifiers into one. It performs one
+// iteration of macro expansion on its arguments before pasting.
+#define BORINGSSL_ADD_PREFIX(a, b) BORINGSSL_ADD_PREFIX_INNER(a, b)
+#define BORINGSSL_ADD_PREFIX_INNER(a, b) a ## _ ## b
+
+`); err != nil {
+ return err
+ }
+
+ for _, symbol := range symbols {
+ if _, err := fmt.Fprintf(f, "#define %s BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, %s)\n", symbol, symbol); err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+func writeASMHeader(symbols []string, path string) error {
+ f, err := os.Create(path)
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+
+ if _, err := f.WriteString(`// Copyright (c) 2018, Google Inc.
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+#if !defined(__APPLE__)
+#include <boringssl_prefix_symbols.h>
+#else
+// On iOS and macOS, we need to treat assembly symbols differently from other
+// symbols. The linker expects symbols to be prefixed with an underscore.
+// Perlasm thus generates symbol with this underscore applied. Our macros must,
+// in turn, incorporate it.
+#define BORINGSSL_ADD_PREFIX_MAC_ASM(a, b) BORINGSSL_ADD_PREFIX_INNER_MAC_ASM(a, b)
+#define BORINGSSL_ADD_PREFIX_INNER_MAC_ASM(a, b) _ ## a ## _ ## b
+
+`); err != nil {
+ return err
+ }
+
+ for _, symbol := range symbols {
+ if _, err := fmt.Fprintf(f, "#define _%s BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, %s)\n", symbol, symbol); err != nil {
+ return err
+ }
+ }
+
+ _, err = fmt.Fprintf(f, "#endif\n")
+ return nil
+}
+
+func writeNASMHeader(symbols []string, path string) error {
+ f, err := os.Create(path)
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+
+ // NASM uses a different syntax from the C preprocessor.
+ if _, err := f.WriteString(`; Copyright (c) 2018, Google Inc.
+;
+; Permission to use, copy, modify, and/or distribute this software for any
+; purpose with or without fee is hereby granted, provided that the above
+; copyright notice and this permission notice appear in all copies.
+;
+; THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+; WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+; MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+; SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+; WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+; OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+; CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+`); err != nil {
+ return err
+ }
+
+ for _, symbol := range symbols {
+ if _, err := fmt.Fprintf(f, "%%define %s BORINGSSL_PREFIX %%+ %s\n", symbol, symbol); err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+func main() {
+ flag.Parse()
+ if flag.NArg() != 1 {
+ fmt.Fprintf(os.Stderr, "Usage: %s [-out OUT] SYMBOLS\n", os.Args[0])
+ os.Exit(1)
+ }
+
+ symbols, err := readSymbols(flag.Arg(0))
+ if err != nil {
+ fmt.Fprintf(os.Stderr, "Error reading symbols: %s\n", err)
+ os.Exit(1)
+ }
+
+ if err := writeCHeader(symbols, filepath.Join(*out, "boringssl_prefix_symbols.h")); err != nil {
+ fmt.Fprintf(os.Stderr, "Error writing boringssl_prefix_symbols.h: %s\n", err)
+ os.Exit(1)
+ }
+
+ if err := writeASMHeader(symbols, filepath.Join(*out, "boringssl_prefix_symbols_asm.h")); err != nil {
+ fmt.Fprintf(os.Stderr, "Error writing boringssl_prefix_symbols_asm.h: %s\n", err)
+ os.Exit(1)
+ }
+
+ if err := writeNASMHeader(symbols, filepath.Join(*out, "boringssl_prefix_symbols_nasm.inc")); err != nil {
+ fmt.Fprintf(os.Stderr, "Error writing boringssl_prefix_symbols_nasm.inc: %s\n", err)
+ os.Exit(1)
+ }
+
+}
