external/boringssl: Sync to 5e578c9dba73460c3eb17f771c77fc8e36f7812e.
This includes the following changes:
https://boringssl.googlesource.com/boringssl/+log/58e449904e248f34bdfc2be7a609c58bcb0257b7..5e578c9dba73460c3eb17f771c77fc8e36f7812e
Test: BoringSSL CTS Presubmits
Change-Id: Ic1541b034545fa58a284ca35134b3719303455c7
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 9b7ff79..3898ac8 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -9,6 +9,8 @@
set(CMAKE_GENERATOR_CC cl)
endif()
+include(sources.cmake)
+
enable_language(C)
enable_language(CXX)
@@ -34,13 +36,13 @@
set(C_CXX_FLAGS "-Wall -Werror -Wformat=2 -Wsign-compare -Wmissing-field-initializers -Wwrite-strings -ggdb -fvisibility=hidden -fno-common")
if(CMAKE_CXX_COMPILER_ID MATCHES "Clang")
set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wnewline-eof")
+ else()
+ # GCC (at least 4.8.4) has a bug where it'll find unreachable free() calls
+ # and declare that the code is trying to free a stack pointer.
+ set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wno-free-nonheap-object")
endif()
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${C_CXX_FLAGS} -Wmissing-prototypes -Wold-style-definition -Wstrict-prototypes")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++11 ${C_CXX_FLAGS} -Wmissing-declarations")
- # Clang's integerated assembler does not support debug symbols.
- if(NOT CMAKE_CXX_COMPILER_ID MATCHES "Clang")
- set(CMAKE_ASM_FLAGS "${CMAKE_ASM_FLAGS} -Wa,-g")
- endif()
elseif(MSVC)
set(MSVC_DISABLED_WARNINGS_LIST
"C4061" # enumerator 'identifier' in switch of enum 'enumeration' is not
@@ -87,9 +89,11 @@
"C4706" # assignment within conditional expression
"C4710" # 'function': function not inlined
"C4711" # function 'function' selected for inline expansion
+ "C4774" # format string is not a string literal
"C4800" # 'int' : forcing value to bool 'true' or 'false'
# (performance warning)
"C4820" # 'bytes' bytes padding added after construct 'member_name'
+ "C4987" # nonstandard extension used: 'throw (...)'
"C5026" # move constructor was implicitly defined as deleted
"C5027" # move assignment operator was implicitly defined as deleted
)
@@ -143,8 +147,8 @@
set(RUNNER_ARGS ${RUNNER_ARGS} "-fuzzer" "-shim-config" "fuzzer_mode.json")
endif()
- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=address -fsanitize-coverage=edge,indirect-calls,8bit-counters")
- set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=address -fsanitize-coverage=edge,indirect-calls,8bit-counters")
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=address -fsanitize-coverage=edge,indirect-calls,trace-pc-guard")
+ set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=address -fsanitize-coverage=edge,indirect-calls,trace-pc-guard")
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_C_FLAGS} -fsanitize=address")
link_directories(.)
endif()
@@ -189,6 +193,13 @@
if(FIPS)
add_definitions(-DBORINGSSL_FIPS)
+ if(FIPS_BREAK_TEST)
+ add_definitions("-DBORINGSSL_FIPS_BREAK_${FIPS_BREAK_TEST}=1")
+ endif()
+ # Delocate does not work for ASan and MSan builds.
+ if(NOT ASAN AND NOT MSAN)
+ set(FIPS_DELOCATE "1")
+ endif()
endif()
# CMake's iOS support uses Apple's multiple-architecture toolchain. It takes an
@@ -265,14 +276,31 @@
# themselves as dependencies next to the target definition.
add_custom_target(all_tests)
+add_custom_command(
+ OUTPUT crypto_test_data.cc
+ COMMAND ${GO_EXECUTABLE} run util/embed_test_data.go ${CRYPTO_TEST_DATA} >
+ ${CMAKE_CURRENT_BINARY_DIR}/crypto_test_data.cc
+ DEPENDS util/embed_test_data.go ${CRYPTO_TEST_DATA}
+ WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR})
+
+add_library(crypto_test_data OBJECT crypto_test_data.cc)
+
add_subdirectory(crypto)
add_subdirectory(ssl)
add_subdirectory(ssl/test)
-add_subdirectory(fipsoracle)
+add_subdirectory(fipstools)
add_subdirectory(tool)
add_subdirectory(decrepit)
if(FUZZ)
+ if(LIBFUZZER_FROM_DEPS)
+ file(GLOB LIBFUZZER_SOURCES "util/bot/libFuzzer/*.cpp")
+ add_library(Fuzzer STATIC ${LIBFUZZER_SOURCES})
+ # libFuzzer does not pass our aggressive warnings. It also must be built
+ # without -fsanitize-coverage options or clang crashes.
+ set_target_properties(Fuzzer PROPERTIES COMPILE_FLAGS "-Wno-shadow -Wno-format-nonliteral -fsanitize-coverage=0")
+ endif()
+
add_subdirectory(fuzz)
endif()