| commit | ca054f69afb7f77a9083d68bc71304dde220689f | [log] [tgz] |
|---|---|---|
| author | Piotr Sikora <piotrsikora@google.com> | Thu Mar 23 14:42:26 2017 -0700 |
| committer | Piotr Sikora <piotrsikora@google.com> | Fri Mar 24 08:07:40 2017 +0000 |
| tree | 1dd9eb11c03e9322659c7fa2a731fa368724221e | |
| parent | 250ab832d977943f418f6b24b1f6d599cc30a9df [diff] |
Bazel: update BoringSSL to 73812e0 / 16efcb2 (master-with-bazel). This update includes the following changes: 73812e06 Fix SSLv3 version check in BoGo. edb72995 Fix typo in the |ssl_ticket_aead_success| documentation 3c8652d0 tool: fix typo in -root-certs description 438229a8 Correct a typo in ASN.1 type name. 48e1d180 Restore SSL_CTX_set_ecdh_auto compatibility hook. 2070f8ad Apply bugs to second, TLS 1.3 ClientHello. 707af294 Support asynchronous ticket decryption with TLS 1.3. 4c341d02 Support asynchronous ticket decryption with TLS 1.0–1.2. be49706c Rename initial_ctx to session_ctx. 93103177 Remove 'file:' feature in v3_pci.c's CONF hooks. 91222b8d Fix configuring the empty cipher list. 6ad20dc9 Move error-on-empty-cipherlist into ssl_create_cipher_list(). 130d529b Adding version to AEAD. d04ca953 Add |SSL[_CTX]_set_chain_and_key|. c77ea04c Enable RSA AVX2 code. 35ac5b75 Export server-side ticket_age skew. fe36672b Allow users of the |CRYPTO_BUFFER|-based methods to verify certs after the handshake. 0cade989 Make the no-op verify function push an error. b6473199 Avoid the error case in |bn_mul_mont|. 54689ed9 Move ssl_verify_alarm_type into ssl_x509.c. ab1d28e3 Trim x509.h includes. 8ebeabf0 Add SSL_CTX_get_ciphers. f29c4293 Remove support for old-style SSL_PRIVATE_KEY_METHOD types. f4654610 Add SSL_get0_peer_certificates. 924a352d Remove experimental TLS 1.3 short record header extension. 9ea9f9ce Updating fuzzer corpus d6c22ee9 Add |SSL_get0_server_requested_CAs|. 919d8cf9 Sync util/bot with Chromium. 84cd4938 Don't pass |overhead_len| when testing “open” speed. a58baaf9 Forbid the server certificate from changing on renego. ad8f5e1d Don't use long for timestamps. 7dd4e429 Convert x25519_test to GTest. 11c82895 Remove support for blocking DTLS timeout handling. 7e429991 Convert evp_extra_test into GTest. 39425b0f Add |TLS_with_buffers_method|. d5c565a9 Name ssl_x509.c functions consistently. 94a62e61 Hang ssl_auto_chain_if_needed off |X509_METHOD|. 2a3b3439 Move X509-related verification code into ssl_x509.c. 415c010d Make all X509-related functions check the X509_METHOD. 0bdef092 Check CA names during the handshake. 34b4c829 Hold CA names as |CRYPTO_BUFFER|s. 2ff7933f Add test for |SSL_get_client_CA_list|. 0d3c9633 Build with -fsanitize-address-use-after-scope if -DASAN=1 591f251b Remove direct calls to BN_mod_exp. ba9557d0 Benchmark open & seal separately for AES-GCM-SIV. 218f51bc Fix Android bots. 898be92b Support P-224 certificates as a server. be2ee342 Update AES-GCM-SIV to match revision four of the draft. 5ae41652 Allow multiple IDN xn-- indicators adec7726 Remove SSL_CIPHER_has_MD5_HMAC. de5c325e Fix SSL_write doc comment Change-Id: I8115c94305b03bb2dac9065513f20e905c206708 Signed-off-by: Piotr Sikora <piotrsikora@google.com> Reviewed-on: https://nginx-review.googlesource.com/2860 Reviewed-by: Lizan Zhou <zlizan@google.com>
To build nginx binary with Bazel:
$ bazel build :nginx
To build Debian package:
$ bazel build :nginx-google.deb
This repository is currently maintained by Google developers.
Any code changes should be submitted to upstream NGINX.
Copyright (C) 2002-2017 Igor Sysoev Copyright (C) 2011-2017 Nginx, Inc. Copyright (C) 2015-2017 Google Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
This is not an official Google product.