From 9153ba708be87ed6e7c25e1b4864f86fadeb95ad Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 8 Jul 2022 10:10:04 +0000 Subject: [PATCH] openssl: add `CURL_BORINGSSL_VERSION` to identify BoringSSL BoringSSL doesn't keep a version number, and doesn't self-identify itself via any other revision number via its own headers. We can identify BoringSSL revisions by their commit hash. This hash is typically known by the builder. This patch adds a way to pass this hash to libcurl, so that it can display in the curl version string: For example: `CFLAGS=-DCURL_BORINGSSL_VERSION="c239ffd0"` ``` curl 7.84.0 (x86_64-w64-mingw32) libcurl/7.84.0 BoringSSL/c239ffd0 (Schannel) zlib/1.2.12 [...] Release-Date: 2022-06-27 Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 [...] Features: alt-svc AsynchDNS brotli gsasl HSTS HTTP2 HTTP3 HTTPS-proxy IDN IPv6 Kerberos [...] ``` The setting is optional, and if not passed, BoringSSL will appear without a version number, like before this patch. Closes #9113 --- lib/vtls/openssl.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 78aacd0228..25e065d6cb 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -4454,7 +4454,13 @@ static size_t ossl_version(char *buffer, size_t size) (LIBRESSL_VERSION_NUMBER>>12)&0xff); #endif #elif defined(OPENSSL_IS_BORINGSSL) +#ifdef CURL_BORINGSSL_VERSION + return msnprintf(buffer, size, "%s/%s", + OSSL_PACKAGE, + CURL_BORINGSSL_VERSION); +#else return msnprintf(buffer, size, OSSL_PACKAGE); +#endif #elif defined(HAVE_OPENSSL_VERSION) && defined(OPENSSL_VERSION_STRING) return msnprintf(buffer, size, "%s/%s", OSSL_PACKAGE, OpenSSL_version(OPENSSL_VERSION_STRING)); -- 2.47.3