openssl: add `CURL_BORINGSSL_VERSION` to identify BoringSSL

BoringSSL doesn't keep a version number, and doesn't self-identify itself
via any other revision number via its own headers. We can identify
BoringSSL revisions by their commit hash. This hash is typically known by
the builder. This patch adds a way to pass this hash to libcurl, so that
it can display in the curl version string:

For example:

`CFLAGS=-DCURL_BORINGSSL_VERSION="c239ffd0"`

```
curl 7.84.0 (x86_64-w64-mingw32) libcurl/7.84.0 BoringSSL/c239ffd0 (Schannel) zlib/1.2.12 [...]
Release-Date: 2022-06-27
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 [...]
Features: alt-svc AsynchDNS brotli gsasl HSTS HTTP2 HTTP3 HTTPS-proxy IDN IPv6 Kerberos [...]
```

The setting is optional, and if not passed, BoringSSL will appear without
a version number, like before this patch.

Closes #9113

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 78aacd0228553d518225f7977f3fa03365525067..25e065d6cbceb3b1a3bf799ce731d8dfdb234f6c 100644 (file)
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -4454,7 +4454,13 @@ static size_t ossl_version(char *buffer, size_t size)
                    (LIBRESSL_VERSION_NUMBER>>12)&0xff);
 #endif
 #elif defined(OPENSSL_IS_BORINGSSL)
+#ifdef CURL_BORINGSSL_VERSION
+  return msnprintf(buffer, size, "%s/%s",
+                   OSSL_PACKAGE,
+                   CURL_BORINGSSL_VERSION);
+#else
   return msnprintf(buffer, size, OSSL_PACKAGE);
+#endif
 #elif defined(HAVE_OPENSSL_VERSION) && defined(OPENSSL_VERSION_STRING)
   return msnprintf(buffer, size, "%s/%s",
                    OSSL_PACKAGE, OpenSSL_version(OPENSSL_VERSION_STRING));