Google Git
Sign in
boringssl / boringssl / d206a11d483bd27065df25aa725289a0a7e740de
commitd206a11d483bd27065df25aa725289a0a7e740de[log] [tgz]
authorDavid Benjamin <davidben@google.com>Fri Jun 19 14:54:52 2020 -0400
committerCQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>Fri Jun 19 22:13:52 2020 +0000
tree671bed15571e223b71d8f25696a9b8b2913d7157
parentbeaf594f8b3969219d531e6ba77a08387befc929 [diff]
Remove X509_CINF_get_issuer and X509_CINF_get_extensions.

The X509_CINF_* macros were removed before OpenSSL 1.0.2 was released
but after we forked. X509_CINF_set_modified and X509_CINF_get_signature
have some users to clean up, but these two are unused.

(OpenSSL 1.1.x's new X.509 API effectively no longer exposes X509_CINF
at all. If we could align, that would simplify switching to retaining
the full encoding rather than just TBSCertificate. But I think we'll
need to add some functions to replace a few use cases they missed.)

Update-Note: Two unused macros were removed. If there were uses, the
X509-level accessors can be used instead.

Change-Id: I9b5c7c08196885ee0bccc2658b1ad177bf3100e7
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/41807
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
1 file changed
tree: 671bed15571e223b71d8f25696a9b8b2913d7157
  1. .github/
  2. crypto/
  3. decrepit/
  4. fuzz/
  5. include/
  6. ssl/
  7. third_party/
  8. tool/
  9. util/
  10. .clang-format
  11. .gitignore
  12. API-CONVENTIONS.md
  13. BREAKING-CHANGES.md
  14. BUILDING.md
  15. CMakeLists.txt
  16. codereview.settings
  17. CONTRIBUTING.md
  18. FUZZING.md
  19. go.mod
  20. INCORPORATING.md
  21. LICENSE
  22. PORTING.md
  23. README.md
  24. SANDBOXING.md
  25. sources.cmake
  26. STYLE.md
README.md

BoringSSL

BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.

Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.

Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.

BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.

Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.

Project links:

There are other files in this directory which might be helpful: