Move libssl's internals into the bssl namespace.
This is horrible, but everything else I tried was worse. The goal with
this CL is to take the extern "C" out of ssl/internal.h and move most
symbols to namespace bssl, so we can start using C++ helpers and
destructors without worry.
Complications:
- Public API functions must be extern "C" and match their declaration in
ssl.h, which is unnamespaced. C++ really does not want you to
interleave namespaced and unnamespaced things. One can actually write
a namespaced extern "C" function, but this means, from C++'s
perspective, the function is namespaced. Trying to namespace the
public header would worked but ended up too deep a rabbithole.
- Our STACK_OF macros do not work right in namespaces.
- The typedefs for our exposed but opaque types are visible in the
header files and copied into consuming projects as forward
declarations. We ultimately want to give SSL a destructor, but
clobbering an unnamespaced ssl_st::~ssl_st seems bad manners.
- MSVC complains about ambiguous names if one typedefs SSL to bssl::SSL.
This CL opts for:
- ssl/*.cc must begin with #define BORINGSSL_INTERNAL_CXX_TYPES. This
informs the public headers to create forward declarations which are
compatible with our namespaces.
- For now, C++-defined type FOO ends up at bssl::FOO with a typedef
outside. Later I imagine we'll rename many of them.
- Internal functions get namespace bssl, so we stop worrying about
stomping the tls1_prf symbol. Exported C functions are stuck as they
are. Rather than try anything weird, bite the bullet and reorder files
which have a mix of public and private functions. I expect that over
time, the public functions will become fairly small as we move logic
to more idiomatic C++.
Files without any public C functions can just be written normally.
- To avoid MSVC troubles, some bssl types are renamed to CPlusPlusStyle
in advance of them being made idiomatic C++.
Bug: 132
Change-Id: Ic931895e117c38b14ff8d6e5a273e868796c7581
Reviewed-on: https://boringssl-review.googlesource.com/18124
Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 4a1a726..e60bb88 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -3983,8 +3983,26 @@
* This structures are exposed for historical reasons, but access to them is
* deprecated. */
+/* TODO(davidben): Opaquify most or all of |SSL_CTX| and |SSL_SESSION| so these
+ * forward declarations are not needed. */
+#if defined(BORINGSSL_INTERNAL_CXX_TYPES)
+extern "C++" {
+namespace bssl {
+struct CERT;
+struct SSLProtocolMethod;
+struct SSLX509Method;
+}
+using SSL_CERT_CONFIG = bssl::CERT;
+using SSL_PROTOCOL_METHOD = bssl::SSLProtocolMethod;
+using SSL_X509_METHOD = bssl::SSLX509Method;
+}
+#else
+typedef struct ssl_cert_config_st SSL_CERT_CONFIG;
typedef struct ssl_protocol_method_st SSL_PROTOCOL_METHOD;
typedef struct ssl_x509_method_st SSL_X509_METHOD;
+#endif
+
+DECLARE_STACK_OF(SSL_CUSTOM_EXTENSION)
struct ssl_cipher_st {
/* name is the OpenSSL name for the cipher. */
@@ -4169,8 +4187,6 @@
uint8_t *in_group_flags;
};
-DECLARE_STACK_OF(SSL_CUSTOM_EXTENSION)
-
/* ssl_ctx_st (aka |SSL_CTX|) contains configuration common to several SSL
* connections. */
struct ssl_ctx_st {
@@ -4282,7 +4298,7 @@
uint32_t mode;
uint32_t max_cert_list;
- struct cert_st /* CERT */ *cert;
+ SSL_CERT_CONFIG *cert;
/* callback that allows applications to peek at protocol messages */
void (*msg_callback)(int write_p, int version, int content_type,