Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(260)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: README.chromium

Issue 9254031: Upgrade chrome's OpenSSL to same version Android ships with. (Closed) Base URL: http://src.chromium.org/svn/trunk/deps/third_party/openssl/
Patch Set: '' Created 8 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | config/android/openssl/opensslconf.h » ('j') | openssl.gyp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: README.chromium
===================================================================
--- README.chromium (revision 105093)
+++ README.chromium (working copy)
@@ -1,6 +1,6 @@
Name: openssl
URL: http://openssl.org/source/
-Version: 0.9.8o
+Version: 1.0.0f
License: BSDish
License File: openssl/LICENSE
@@ -10,14 +10,27 @@
It's an unmodified, upstream source except for the patches listed below.
-Patches are applied in this order:
+********************************************************************************
+The following patches are taken from Android Open Source Project.
-missing_stddef.patch
-Add stddef.h to header files which use size_t, otherwise apps that include
-those headers get compiler errors.
+progs.patch:
+Fixup sources under the apps/ directory that are not built under the android environment.
+
+small_records.patch:
+
+Reduce OpenSSL memory consumption.
+SSL records may be as large as 16K, but are typically < 2K. In
+addition, a historic bug in Windows allowed records to be as large
+32K. OpenSSL statically allocates read and write buffers (34K and
+18K respectively) used for processing records.
+With this patch, OpenSSL statically allocates 4K + 4K buffers, with
+the option of dynamically growing buffers to 34K + 4K, which is a
+saving of 44K per connection for the typical case.
+
+
handshake_cutthrough.patch
Enables SSL3+ clients to send application data immediately following the
@@ -26,30 +39,65 @@
full-handshakes.
-next_proto_neg.patch
+jsse.patch
-Adds next-protocol-negotation support:
- http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00
+Support for JSSE implementation based on OpenSSL.
-EXPERIMENTAL: this patches uses extension and handshake numbers that are not
-assigned by IANA.
-This patch implements server and client side support. Additionally, it includes
-code that assumes the structure of the 'opaque' protocol strings in the draft.
+npn.patch
+Transport Layer Security (TLS) Next Protocol Negotiation Extension
-snap_start.patch
-Adds server-side support for Snap Start. This allows for 0-RTT handshakes in
-the case that the application protocol involves the client side speaking first.
+sha1_armv4_large.patch
-http://tools.ietf.org/html/draft-agl-tls-snapstart-00
+This patch eliminates memory stores to addresses below SP.
-EXPERIMENTAL: this patches uses an extension number that is not assigned by
-IANA.
+openssl_no_dtls1.patch
+Add missing #ifndef OPENSSL_NO_DTLS1
+
+
+********************************************************************************
+The following patches are needed to compile this openssl on Chromium and pass
+the related net unit tests.
+
+
+STORE_ATTR_INFO_compare_declaration_conflict.patch
+
+The declaration of function STORE_ATTR_INFO_compare in latest openssl is
+changed in latest openssl library, but some machines may not install the
+latest openssl library. This patch makes sure we always use the declaration
+in current src directory instead of system-wide openssl include path.
joth 2012/01/20 11:01:08 ouch. this sounds like the tip of a much deeper po
Johnny(Jianning) Ding 2012/01/23 14:20:57 Done.
+
+
+empty_OPENSSL_cpuid_setup.patch
+
+Use a empty implementation for function OPENSSL_cpuid_setup to resolve link
+error. We should figure out how to geenrate platform specific implementation
+of OPENSSL_cpuid_setup by leveraging crypto/*cpuid.pl.
+
+
+x509_hash_name_algorithm_change.patch
+
+There are many symbolic links under /etc/ssl/cert created by using hash of
+the pem certificates in order for OpenSSL to find those certificate.
+Openssl has a tool to help you create hash symbolic links. (See tools/c_rehash)
+However the new openssl changed the has algorithm, Unless you compile/install
joth 2012/01/20 11:01:08 nit: has->hash
Johnny(Jianning) Ding 2012/01/23 14:20:57 Done.
+the latest openssl library and re-create all related symbolic links, the new
+openssl can not find some certificates because the links of those certificates
+were created by using old hash algorithm, which causes some tests failed.
+This patch gives a way to find a certificate according to its hash by using both
+new algorithm and old algorithm.
+
Android platform support
Copy config/android/openssl/opensslconf.h from Android's
external/openssl/include/openssl/opensslconf.h
+
joth 2012/01/20 11:01:08 this section is duplicated.
Johnny(Jianning) Ding 2012/01/23 14:20:57 Done.
+
+Android platform support
+
+Copy config/android/openssl/opensslconf.h from Android's
+external/openssl/include/openssl/opensslconf.h
« no previous file with comments | « no previous file | config/android/openssl/opensslconf.h » ('j') | openssl.gyp » ('J')

Powered by Google App Engine
This is Rietveld 408576698