commit | 2bde9365fac1da341d7bfa504f032aa3e50a8653 | [log] [tgz] |
---|---|---|
author | David Benjamin <davidben@google.com> | Fri Oct 01 14:28:29 2021 -0400 |
committer | Adam Langley <agl@google.com> | Fri Oct 01 22:10:27 2021 +0000 |
tree | 2963888a2e489906671688cdd6369f903999f30a | |
parent | 87f316d7748268eb56f2dc147bd593254ae93198 [diff] |
Switch x509_test.cc to modify the existing X509_VERIFY_PARAM. There are two ways to configure an X509_STORE_CTX after X509_STORE_CTX_init. One can either modify the already initialized X509_VERIFY_PARAM or replace it. Modifying the existing one is more common. Replacing it actually misses some defaults. (See issue #441 for details.) In preparation for actually being able to test changes to the default, switch tests to that model. In doing so, no longer need to explicitly configure the depth and can test that default. (Though we should write tests for the depth at some point.) Bug: 439, 441 Change-Id: I254a82585d70d44eb94920f604891ebfbff4af4c Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/49745 Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com>
BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.
Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.
Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.
BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.
Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.
Project links:
There are other files in this directory which might be helpful: