Bump OPENSSL_VERSION_NUMBER to 1.1.1.

With TLS 1.3 and Ed25519 support, we're much closer to OpenSSL 1.1.1 these days than OpenSSL 1.1.0. I've also added a test to keep OPENSSL_VERSION_NUMBER and OPENSSL_VERSION_TEXT in sync. Update-Note: Some OPENSSL_VERSION_NUMBER/OPENSSL_IS_BORINGSSL checks may need to be updated. Hopefully even more can go away. Bug: 367 Change-Id: Idaa238b74f35993c9c03fec31f1346c15cf82968 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/42864 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>
2020-09-16 12:29:13 -04:00 · 2020-09-16 12:29:13 -04:00 · 49e9f67d8b
commit 49e9f67d8b
parent a82cfdf083
4 changed files with 38 additions and 2 deletions
--- a/crypto/CMakeLists.txt
+++ b/crypto/CMakeLists.txt
@ -495,6 +495,7 @@ add_executable(
  compiler_test.cc
  constant_time_test.cc
  cpu-arm-linux_test.cc
+  crypto_test.cc
  curve25519/ed25519_test.cc
  curve25519/spake25519_test.cc
  curve25519/x25519_test.cc
--- a/crypto/crypto_test.cc
+++ b/crypto/crypto_test.cc
@ -0,0 +1,35 @@
+/* Copyright (c) 2020, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#include <stdio.h>
+#include <string.h>
+
+#include <string>
+
+#include <openssl/base.h>
+#include <openssl/crypto.h>
+
+#include <gtest/gtest.h>
+
+// Test that OPENSSL_VERSION_NUMBER and OPENSSL_VERSION_TEXT are consistent.
+// Node.js parses the version out of OPENSSL_VERSION_TEXT instead of using
+// OPENSSL_VERSION_NUMBER.
+TEST(CryptoTest, Version) {
+  char expected[512];
+  snprintf(expected, sizeof(expected), "OpenSSL %d.%d.%d ",
+           OPENSSL_VERSION_NUMBER >> 28, (OPENSSL_VERSION_NUMBER >> 20) & 0xff,
+           (OPENSSL_VERSION_NUMBER >> 12) & 0xff);
+  EXPECT_EQ(expected,
+            std::string(OPENSSL_VERSION_TEXT).substr(0, strlen(expected)));
+}
--- a/include/openssl/base.h
+++ b/include/openssl/base.h
@ -173,7 +173,7 @@ extern "C" {
 #endif

 #define OPENSSL_IS_BORINGSSL
-#define OPENSSL_VERSION_NUMBER 0x1010007f
+#define OPENSSL_VERSION_NUMBER 0x1010107f
 #define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER

 // BORINGSSL_API_VERSION is a positive integer that increments as BoringSSL
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@ -76,7 +76,7 @@ OPENSSL_EXPORT void CRYPTO_pre_sandbox_init(void);

 // OPENSSL_VERSION_TEXT contains a string the identifies the version of
 // “OpenSSL”. node.js requires a version number in this text.
-#define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0 (compatible; BoringSSL)"
+#define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1 (compatible; BoringSSL)"

 #define OPENSSL_VERSION 0
 #define OPENSSL_CFLAGS 1