Reflect OPENSSL_NO_SOCK and OPENSSL_NO_POSIX_IO into headers
Like OPENSSL_NO_FILESYSTEM, keep us honest: if the symbol is missing,
don't declare it in the headers. This ensures folks aren't relying on
dead code elimination and then later break when they build in a context
where it doesn't happen.
Bug: 629
Change-Id: I3e56c3879e970aa8d0d6e0e5f1ad046d0f420ef0
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/61730
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/include/openssl/bio.h b/include/openssl/bio.h
index 707a4b1..17d47fc 100644
--- a/include/openssl/bio.h
+++ b/include/openssl/bio.h
@@ -431,12 +431,14 @@
// |BIO_reset| attempts to seek the file pointer to the start of file using
// |lseek|.
+#if !defined(OPENSSL_NO_POSIX_IO)
// BIO_s_fd returns a |BIO_METHOD| for file descriptor fds.
OPENSSL_EXPORT const BIO_METHOD *BIO_s_fd(void);
// BIO_new_fd creates a new file descriptor BIO wrapping |fd|. If |close_flag|
// is non-zero, then |fd| will be closed when the BIO is.
OPENSSL_EXPORT BIO *BIO_new_fd(int fd, int close_flag);
+#endif
// BIO_set_fd sets the file descriptor of |bio| to |fd|. If |close_flag| is
// non-zero then |fd| will be closed when |bio| is. It returns one on success
@@ -540,12 +542,14 @@
// TODO(davidben): Add separate APIs and fix the internals to use |SOCKET|s
// around rather than rely on int casts.
+#if !defined(OPENSSL_NO_SOCK)
OPENSSL_EXPORT const BIO_METHOD *BIO_s_socket(void);
// BIO_new_socket allocates and initialises a fresh BIO which will read and
// write to the socket |fd|. If |close_flag| is |BIO_CLOSE| then closing the
// BIO will close |fd|. It returns the fresh |BIO| or NULL on error.
OPENSSL_EXPORT BIO *BIO_new_socket(int fd, int close_flag);
+#endif // !OPENSSL_NO_SOCK
// Connect BIOs.
@@ -553,6 +557,7 @@
// A connection BIO creates a network connection and transfers data over the
// resulting socket.
+#if !defined(OPENSSL_NO_SOCK)
OPENSSL_EXPORT const BIO_METHOD *BIO_s_connect(void);
// BIO_new_connect returns a BIO that connects to the given hostname and port.
@@ -580,12 +585,17 @@
OPENSSL_EXPORT int BIO_set_conn_int_port(BIO *bio, const int *port);
// BIO_set_nbio sets whether |bio| will use non-blocking I/O operations. It
-// returns one on success and zero otherwise.
+// returns one on success and zero otherwise. This only works for connect BIOs
+// and must be called before |bio| is connected to take effect.
+//
+// For socket and fd BIOs, callers must configure blocking vs. non-blocking I/O
+// using the underlying platform APIs.
OPENSSL_EXPORT int BIO_set_nbio(BIO *bio, int on);
// BIO_do_connect connects |bio| if it has not been connected yet. It returns
// one on success and <= 0 otherwise.
OPENSSL_EXPORT int BIO_do_connect(BIO *bio);
+#endif // !OPENSSL_NO_SOCK
// Datagram BIOs.
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 6f35e6b..995d05e 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -303,6 +303,7 @@
// socket |BIO|.
OPENSSL_EXPORT int SSL_get_wfd(const SSL *ssl);
+#if !defined(OPENSSL_NO_SOCK)
// SSL_set_fd configures |ssl| to read from and write to |fd|. It returns one
// on success and zero on allocation error. The caller retains ownership of
// |fd|.
@@ -321,6 +322,7 @@
//
// On Windows, |fd| is cast to a |SOCKET| and used with Winsock APIs.
OPENSSL_EXPORT int SSL_set_wfd(SSL *ssl, int fd);
+#endif // !OPENSSL_NO_SOCK
// SSL_do_handshake continues the current handshake. If there is none or the
// handshake has completed or False Started, it returns one. Otherwise, it
diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc
index 26ffd50..5a2ac2a 100644
--- a/ssl/ssl_lib.cc
+++ b/ssl/ssl_lib.cc
@@ -1595,6 +1595,7 @@
return ret;
}
+#if !defined(OPENSSL_NO_SOCK)
int SSL_set_fd(SSL *ssl, int fd) {
BIO *bio = BIO_new(BIO_s_socket());
if (bio == NULL) {
@@ -1644,6 +1645,7 @@
}
return 1;
}
+#endif // !OPENSSL_NO_SOCK
static size_t copy_finished(void *out, size_t out_len, const uint8_t *in,
size_t in_len) {
