Google Git
Sign in
boringssl / boringssl / 23776d03bdc8e5e15ac82b993d64fa24aae87db4
commit23776d03bdc8e5e15ac82b993d64fa24aae87db4[log] [tgz]
authorDavid Benjamin <davidben@google.com>Fri Dec 09 11:33:17 2022 -0500
committerBoringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>Tue Jan 31 19:39:27 2023 +0000
treeb71a81853757f2525eb17f21c1a15df0eeac8b13
parentf31654786c0e9c54c227b1e966faadc615780ef5 [diff]
Simplify the external Bazel build.

Now that all assembly files are conditionalized, we no longer need to
detect platforms at the build level. This is convenient because
detecting platforms in Bazel is a bit of a mess.

In particular, this reduces how much we depend on @platforms being
correct. gRPC's build appears to still be using some legacy modes which
seem cause it to, on cross-compiles, report the host's platforms rather
than the target. See https://github.com/grpc/grpc/pull/31938

gRPC should eventually fix this, but it is apparently challenging due
to complexities in migrating from Bazel's legacy system the new
"platforms" mechanism. Instead, try to sidestep this problem by not
relying on the build to do this.

Now, we primarily rely on os:windows being accurate, and cross-compiling
to/from Windows is uncommon. We do also need os:linux to be accurate
when Linux is the target OS, but if Linux is the host and gRPC mislabels
the target as os:linux, this is fine as long as the target is not
FreeBSD, Apple, or another platform that cares about _XOPEN_SOURCE. (In
particular, Android is ambivalent.)

I've also renamed a few things based on what they were actually
selecting. posix_copts was really copts for toolchains with GCC-style
flags. Unfortunately, it's not clear how to condition on the compiler,
rather than the platform in Bazel, so we'll do the wrong thing on
non-MSVC Windows toolchains, but that was true before.

Bug: 542
Change-Id: I7330d8961145ae5714d4cad01259044230d96bcd
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/56465
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
2 files changed
tree: b71a81853757f2525eb17f21c1a15df0eeac8b13
  1. .github/
  2. cmake/
  3. crypto/
  4. decrepit/
  5. fuzz/
  6. include/
  7. rust/
  8. ssl/
  9. third_party/
  10. tool/
  11. util/
  12. .clang-format
  13. .gitignore
  14. API-CONVENTIONS.md
  15. BREAKING-CHANGES.md
  16. BUILDING.md
  17. CMakeLists.txt
  18. codereview.settings
  19. CONTRIBUTING.md
  20. FUZZING.md
  21. go.mod
  22. go.sum
  23. INCORPORATING.md
  24. LICENSE
  25. OpenSSLConfig.cmake
  26. PORTING.md
  27. README.md
  28. SANDBOXING.md
  29. sources.cmake
  30. STYLE.md
README.md

BoringSSL

BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.

Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.

Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.

BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.

Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.

Project links:

There are other files in this directory which might be helpful: