Use relative links in markdown files
Our repository is sometimes copied into other repositories, at which
point all the absolute links don't work. README.md used "./whatever",
which seems to work most consistently, so copy that.
Change-Id: I63bbf01b8f3870112d1df571adaa6cc82f58e5eb
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/64347
Commit-Queue: David Benjamin <davidben@google.com>
Auto-Submit: David Benjamin <davidben@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
Reviewed-by: Hubert Chao <hchao@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
diff --git a/API-CONVENTIONS.md b/API-CONVENTIONS.md
index e322249..ec08e57 100644
--- a/API-CONVENTIONS.md
+++ b/API-CONVENTIONS.md
@@ -1,7 +1,7 @@
# BoringSSL API Conventions
This document describes conventions for BoringSSL APIs. The [style
-guide](/STYLE.md) also includes guidelines, but this document is targeted at
+guide](./STYLE.md) also includes guidelines, but this document is targeted at
both API consumers and developers.
diff --git a/BUILDING.md b/BUILDING.md
index eb0f800..e81b755 100644
--- a/BUILDING.md
+++ b/BUILDING.md
@@ -8,7 +8,7 @@
The standalone CMake build is primarily intended for developers. If embedding
BoringSSL into another project with a pre-existing build system, see
-[INCORPORATING.md](/INCORPORATING.md).
+[INCORPORATING.md](./INCORPORATING.md).
Unless otherwise noted, build tools must at most five years old, matching
[Abseil guidelines](https://abseil.io/about/compatibility). If in doubt, use the
diff --git a/INCORPORATING.md b/INCORPORATING.md
index 96c6435..afe61d9 100644
--- a/INCORPORATING.md
+++ b/INCORPORATING.md
@@ -1,7 +1,7 @@
# Incorporating BoringSSL into a project
**Note**: if your target project is not a Google project then first read the
-[main README](/README.md) about the purpose of BoringSSL.
+[main README](./README.md) about the purpose of BoringSSL.
If you are porting BoringSSL to a new platform see
["go/boringssl-on-new-platform"](https://goto.corp.google.com/boringssl-on-new-platform) (Google
@@ -68,7 +68,7 @@
checked into the incorporating project's source repository. This avoids
incorporating projects needing to support Perl and Go in their build systems.
-The script [`util/generate_build_files.py`](/util/generate_build_files.py)
+The script [`util/generate_build_files.py`](./util/generate_build_files.py)
expects to be run from the `third_party/boringssl` directory and to find the
BoringSSL source code in `src/`. You should pass it a single argument: the name
of the build system that you're using. If you don't use any of the supported
@@ -76,7 +76,7 @@
for it.
The script will pregenerate the intermediate files (see
-[BUILDING.md](/BUILDING.md) for details about which tools will need to be
+[BUILDING.md](./BUILDING.md) for details about which tools will need to be
installed) and output helper files for that build system. It doesn't generate a
complete build script, just file and test lists, which change often. For
example, see the
diff --git a/SANDBOXING.md b/SANDBOXING.md
index cb17720..0f3eb70 100644
--- a/SANDBOXING.md
+++ b/SANDBOXING.md
@@ -21,7 +21,7 @@
This document attempts to describe these baseline OS dependencies and long-lived
internal resources. These dependencies may change over time, but we aim to
-[work with sandboxed consumers](/BREAKING-CHANGES.md) when they do. However,
+[work with sandboxed consumers](./BREAKING-CHANGES.md) when they do. However,
each sandbox imposes different constraints, so, above all, sandboxed consumers
must have ample test coverage to detect issues as they arise.
diff --git a/crypto/fipsmodule/FIPS.md b/crypto/fipsmodule/FIPS.md
index 92eebab..794afee 100644
--- a/crypto/fipsmodule/FIPS.md
+++ b/crypto/fipsmodule/FIPS.md
@@ -8,11 +8,11 @@
BoringCrypto has undergone the following validations:
-1. 2017-06-15: certificate [#2964](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/2964), [security policy](/crypto/fipsmodule/policydocs/BoringCrypto-Security-Policy-20170615.docx) (in docx format).
-1. 2018-07-30: certificate [#3318](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/3318), [security policy](/crypto/fipsmodule/policydocs/BoringCrypto-Security-Policy-20180730.docx) (in docx format).
-1. 2019-08-08: certificate [#3678](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/3678), [security policy](/crypto/fipsmodule/policydocs/BoringCrypto-Security-Policy-20190808.docx) (in docx format).
-1. 2019-10-20: certificate [#3753](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/3753), [security policy](/crypto/fipsmodule/policydocs/BoringCrypto-Android-Security-Policy-20191020.docx) (in docx format).
-1. 2021-01-28: certificate [#4156](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/4156), [security policy](/crypto/fipsmodule/policydocs/BoringCrypto-Android-Security-Policy-20210319.docx) (in docx format).
+1. 2017-06-15: certificate [#2964](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/2964), [security policy](./policydocs/BoringCrypto-Security-Policy-20170615.docx) (in docx format).
+1. 2018-07-30: certificate [#3318](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/3318), [security policy](./policydocs/BoringCrypto-Security-Policy-20180730.docx) (in docx format).
+1. 2019-08-08: certificate [#3678](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/3678), [security policy](./policydocs/BoringCrypto-Security-Policy-20190808.docx) (in docx format).
+1. 2019-10-20: certificate [#3753](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/3753), [security policy](./policydocs/BoringCrypto-Android-Security-Policy-20191020.docx) (in docx format).
+1. 2021-01-28: certificate [#4156](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/4156), [security policy](./policydocs/BoringCrypto-Android-Security-Policy-20210319.docx) (in docx format).
1. 2021-04-29: certificate [#4407](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4407).
## Running ACVP tests
@@ -89,7 +89,7 @@
Offsets to these functions cannot be known until the final link because only the linker sees the object files containing them. Thus calls to these functions are rewritten into an IP-relative jump to a redirector function. The redirector functions contain a single jump instruction to the real function and are placed outside of the module and are thus not hashed (see diagram).
-
+
In this diagram, the integrity check hashes from `module_start` to `module_end`. Since this does not cover the jump to `memcpy`, it's fine that the linker will poke the final offset into that instruction.
@@ -121,7 +121,7 @@
Initially the known-good value will be incorrect. Another script (`inject_hash.go`) calculates the correct value from the assembled object and injects it back into the object.
-
+
### Comparison with OpenSSL's method
@@ -141,4 +141,4 @@
1. OpenSSL has all out-calls from the module indirecting via the PLT, which is equivalent to the redirector functions described above.
-
+
