|author||Bob Beck <firstname.lastname@example.org>||Tue Mar 28 14:23:03 2023 -0600|
|committer||Boringssl LUCI CQ <email@example.com>||Fri Apr 21 15:46:49 2023 +0000|
Add mechanism for deprecated declarations. This allows us to mark functions as deprecated declarations with OPENSSL_DEPRECATED. We also add an OPENSSL_BEGIN_ALLOW_DEPRECATED and an OPENSSL_END_ALLOW_DEPRECATED for testing use to test deprecated functions. The purpose of this is to allow us to mark things people should not be using as deprecated, and force some inconvenience on the user of such things to notice them (as opposed to a only a warning to not use it that they may not see or read without something tripping them up.) The intent is to still allow use, with some effort, before removing the function, or moving it to libdecrepit. We initially mark X509V3_EXT_add and X509V3_EXT_add_alias as deprecated. Update-Note: We are starting to mark some functions in boringssl as deprecated declarations which will cause the compiler to emit warnings if they are used. The intention is both to prevent accidental use in new code, and to to call attention to call sites in existing code so that the documentation for the deprecated function can be revisted and appropriate action taken. Bug: 584 Change-Id: Ia9ff386f0d22588e8a5999eda1a48b8c28dca2de Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/58405 Reviewed-by: Adam Langley <firstname.lastname@example.org> Commit-Queue: Bob Beck <email@example.com>
BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.
Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.
Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.
BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.
Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.
There are other files in this directory which might be helpful: