[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 00/11] libssh: enable building with BoringSSL
[Thread Prev] | [Thread Next]
- Subject: [PATCH 00/11] libssh: enable building with BoringSSL
- From: Jon Simons <jon@xxxxxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Sat, 9 Sep 2017 20:12:43 -0700
- To: libssh@xxxxxxxxxx
- Cc: Jon Simons <jon@xxxxxxxxxxxxx>
Here is a patch series that enables to compile and link libssh
with a local BoringSSL.
Would there be any objection to carrying this supporting code
in upstream master? I think that enabling this build even in
an unofficial or unsupported fashion would be useful to have
for some users.
I went with an approach of copying the OpenSSL 1.1.0 shim but
repurposed specifically for BoringSSL. I would be happy to
rework things based on feedback, please just let me know.
Jon Simons (11):
INSTALL: add instructions to build with BoringSSL
build: start hooking up WITH_BORINGSSL
build: omit libcrypto-compat.{c,h} when OPENSSL_IS_BORINGSSL
pki_crypto: annotate BoringSSL incompatibilities
libcrypto: annotate BoringSSL incompatibilities
pki_crypto: get compiling with BoringSSL
libcrypto: get compiling with BoringSSL
pki_crypto: use DSA_generate_parameters_ex for BoringSSL
pkd: don't test crusty ciphers with BoringSSL
kex: disable blowfish, DES ciphers for BoringSSL
tests: skip blowfish, DES in torture_algorithms for BoringSSL
CMakeLists.txt | 1 +
DefineOptions.cmake | 1 +
INSTALL | 11 ++
cmake/Modules/DefineCompilerFlags.cmake | 6 +-
src/CMakeLists.txt | 10 +-
src/kex.c | 12 +-
src/libcrypto-boringssl-compat.c | 257 ++++++++++++++++++++++++++++++++
src/libcrypto-boringssl-compat.h | 38 +++++
src/libcrypto-compat.c | 4 +
src/libcrypto-compat.h | 4 +
src/libcrypto.c | 14 +-
src/pki_crypto.c | 28 ++++
tests/client/torture_algorithms.c | 8 +
tests/pkd/pkd_hello.c | 51 +++++--
14 files changed, 426 insertions(+), 19 deletions(-)
create mode 100644 src/libcrypto-boringssl-compat.c
create mode 100644 src/libcrypto-boringssl-compat.h
--
2.14.1