Skip to content

Comments

Add support for BoringSSL#147

Open
Boris-Rasin wants to merge 1 commit intocppalliance:developfrom
Boris-Rasin:develop
Open

Add support for BoringSSL#147
Boris-Rasin wants to merge 1 commit intocppalliance:developfrom
Boris-Rasin:develop

Conversation

@Boris-Rasin
Copy link

@Boris-Rasin Boris-Rasin commented Feb 17, 2026

Summary by CodeRabbit

  • Chores
    • Improved SSL/TLS configuration handling for compatibility with different build variants. Internal adjustments to security level settings during initialization ensure proper compatibility across build configurations.

@coderabbitai
Copy link

coderabbitai bot commented Feb 17, 2026

No actionable comments were generated in the recent review. 🎉


📝 Walkthrough

Walkthrough

A conditional compilation fence was added to the OpenSSL context constructor to skip the SSL_CTX_set_security_level() call on BoringSSL builds, applying the security level configuration only to standard OpenSSL builds when ciphersuites are provided.

Changes

Cohort / File(s) Summary
OpenSSL Security Level Configuration
src/openssl/src/openssl_stream.cpp
Added conditional compilation to exclude SSL_CTX_set_security_level(ctx_, 0) on BoringSSL builds, preserving the call for standard OpenSSL builds when ciphersuites are configured.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 A hop, skip, and BoringSSL bound,
When ciphers dance, security found,
But BoringSSL skips the level set,
While OpenSSL plays its security duet,
One small change, conditional delight! ✨

🚥 Pre-merge checks | ✅ 2
✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately describes the main change: adding BoringSSL support through a conditional compilation block that excludes security level configuration for BoringSSL builds.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.


if (!cd.ciphersuites.empty())
{
#ifndef OPENSSL_IS_BORINGSSL
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Corosio does not have build configurations (no macros). This would have to be in a separate translation unit.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This works when corosio does find_package(OpenSSL) and gets BoringSSL instead.
The macro gets there through #include <openssl/ssl.h>
I tested with my package manager which does this, and it works.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I get it, of course it works. What I'm saying is that we don't use conditional compilation to change the nature of the binary on a specific platform. Every Capy library has to be the same. There's no "#if SINGLE_THREADED_MUTEX" or that stuff.

@cppalliance-bot
Copy link

An automated preview of the documentation is available at https://147.corosio.prtest3.cppalliance.org/index.html

If more commits are pushed to the pull request, the docs will rebuild at the same URL.

2026-02-17 19:42:15 UTC

@cppalliance-bot
Copy link

GCOVR code coverage report https://147.corosio.prtest3.cppalliance.org/gcovr/index.html
LCOV code coverage report https://147.corosio.prtest3.cppalliance.org/genhtml/index.html
Coverage Diff Report https://147.corosio.prtest3.cppalliance.org/diff-report/index.html

Build time: 2026-02-17 19:50:44 UTC

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants