Google Git
Sign in
boringssl / boringssl.git / d18c9f2395f9140d1a8a439fe1cc7ebb9728c060
commitd18c9f2395f9140d1a8a439fe1cc7ebb9728c060[log] [tgz]
authorDavid Benjamin <davidben@google.com>Fri Oct 10 16:13:27 2025 -0400
committerBoringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>Tue Oct 21 12:06:50 2025 -0700
tree3749fb83cc95cdb56b2832d63702bac769f7899b
parent4f36cc932045abfb52997dc024a6d29d2dd5a635 [diff]
Remove some easy OPENSSL_EXPORTs

In principle, nothing in private headers should be OPENSSL_EXPORT. But
we've been a bit sloppy with unit tests (in hindsight, that maybe would
have been better done by static linking), and also sloppy in some FIPS
test binaries, so quite a lot of the BCM functions are OPENSSL_EXPORT.

These are the easy ones to undo. I've left the postquantum stuff alone
for now.

Change-Id: I13d954338a88c3534ffe27f1da7d0181847662bd
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/82987
Reviewed-by: Lily Chen <chlily@google.com>
Commit-Queue: Lily Chen <chlily@google.com>
Auto-Submit: David Benjamin <davidben@google.com>
1 file changed
tree: 3749fb83cc95cdb56b2832d63702bac769f7899b
  1. .bcr/
  2. .github/
  3. cmake/
  4. crypto/
  5. decrepit/
  6. docs/
  7. fuzz/
  8. gen/
  9. include/
  10. infra/
  11. pki/
  12. rust/
  13. ssl/
  14. third_party/
  15. tool/
  16. util/
  17. .bazelignore
  18. .bazelrc
  19. .bazelversion
  20. .clang-format
  21. .gitignore
  22. API-CONVENTIONS.md
  23. AUTHORS
  24. BREAKING-CHANGES.md
  25. BUILD.bazel
  26. build.json
  27. BUILDING.md
  28. CMakeLists.txt
  29. codereview.settings
  30. CONTRIBUTING.md
  31. FUZZING.md
  32. go.mod
  33. go.sum
  34. INCORPORATING.md
  35. LICENSE
  36. MODULE.bazel
  37. MODULE.bazel.lock
  38. PORTING.md
  39. PRESUBMIT.py
  40. PrivacyInfo.xcprivacy
  41. README.md
  42. SANDBOXING.md
  43. STYLE.md
README.md

BoringSSL

BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.

Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.

Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.

BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.

Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.

Project links:

To file a security issue, use the Chromium process and mention in the report this is for BoringSSL. You can ignore the parts of the process that are specific to Chromium/Chrome.

There are other files in this directory which might be helpful: