Add |CRYPTO_is_confidential_build|. In the past we have needed the ability to deploy security fixes to our frontend systems without leaking them in source code or in published binaries. This change adds a function that provides some infrastructure for supporting this in BoringSSL while meeting our internal build needs. We do not currently have any specific patch that requires this—this is purely preparation. Change-Id: I5c64839e86db4e5ea7419a38106d8f88b8e5987e Reviewed-on: https://boringssl-review.googlesource.com/7849 Reviewed-by: David Benjamin <davidben@google.com>

commit: b83c680d03b302a88fefcddbdce1b753c4c54ca6 [log] [tgz]
author: Adam Langley <agl@google.com> Tue May 03 09:16:21 2016 -0700
committer: David Benjamin <davidben@google.com> Tue May 03 16:24:50 2016 +0000
tree: e0fd6010cc37a10c4ddefe289c58fe3828f932b9
parent: 8368050fa9371840d76ea53ed38c3e5a1cb5e3bc [diff] [blame]
diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
index b52bcf8..3fd299f 100644
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h

@@ -43,6 +43,13 @@
  * should be called before entering a sandbox. */
 OPENSSL_EXPORT void CRYPTO_library_init(void);
 
+/* CRYPTO_is_confidential_build returns one if the linked version of BoringSSL
+ * has been built with the BORINGSSL_CONFIDENTIAL define and zero otherwise.
+ *
+ * This is used by some consumers to identify whether they are using an
+ * internal version of BoringSSL. */
+OPENSSL_EXPORT int CRYPTO_is_confidential_build(void);
+
 
 /* Deprecated functions. */
commit	b83c680d03b302a88fefcddbdce1b753c4c54ca6	[log] [tgz]
author	Adam Langley <agl@google.com>	Tue May 03 09:16:21 2016 -0700
committer	David Benjamin <davidben@google.com>	Tue May 03 16:24:50 2016 +0000
tree	e0fd6010cc37a10c4ddefe289c58fe3828f932b9
parent	8368050fa9371840d76ea53ed38c3e5a1cb5e3bc [diff] [blame]