<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Sorry for responding late to this thread, but has anyone considered
consolidating the following three definitions:<br>
<br>
OPENSSL_NO_EC<br>
OPENSSL_NO_ECDH<br>
OPENSSL_NO_EDDSA<br>
<br>
Is there a valid case where all three of these wouldn't be used
together? Would the code even compile if only one (or two) of these
were defined?<br>
<br>
<br>
<div class="moz-cite-prefix">On 01/23/2015 02:11 PM, Salz, Rich
wrote:<br>
</div>
<blockquote
cite="mid:86f2e98515634754b9236972841d3db2@usma1ex-dag1mb2.msg.corp.akamai.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta name="Generator" content="Microsoft Word 14 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal">Looking at just OPENSSL_NO_xxx, we have
over 100 openssl #ifdef options and we are considering
removing nearly a third of them. Please reply soon if the
following plan would cause problems. This will happen only in
master, for post-1.0.2.<o:p></o:p></p>
<p class="MsoNormal"><o:p></o:p></p>
<p class="MsoNormal">We will remove the following options. You
could argue that the OPENSSL_NO_SHAxxx options be treated as
crypto, but OpenSSL does not compile without SHA and SHA1
defined, and we have no interest in spending the time to fix
it. So for consistency, we will remove all of them.<o:p></o:p></p>
<p class="MsoNormal"> GENUINE_DSA (and the broken DSS0
since SHA0 will be removed)<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_BIO<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_BUFFER<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_BUF_FREELISTS<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_CHAIN_VERIFY<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_DESCBCM (also removing
the code; no EVP support)<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_EVP<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_FIPS_ERR<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_HASH_COMP<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_LHASH<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_LOCKING<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_MULTIBYTE (also removing
the code)<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_OBJECT<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_RFC3779<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_SHA<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_SHA0 (also removing the
code for SHA0)<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_SHA1<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_SHA224<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_SHA256<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_SHA384<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_SHA512<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_SPEED<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_SSL_INTERN (first
attempt at making things opaque)<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_STACK<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_STORE<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_TLS<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_TLS1<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_TLS1_2_CLIENT<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_TLSEXT<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_X509<o:p></o:p></p>
<p class="MsoNormal"> OPENSSL_NO_X509_VERIFY<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">-- <o:p></o:p></p>
<p class="MsoNormal">Principal Security Engineer, Akamai
Technologies<o:p></o:p></p>
<p class="MsoNormal">IM: <a moz-do-not-send="true"
href="mailto:rsalz@jabber.me">rsalz@jabber.me</a> Twitter:
RichSalz<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
openssl-dev mailing list
To unsubscribe: <a class="moz-txt-link-freetext" href="https://mta.openssl.org/mailman/listinfo/openssl-dev">https://mta.openssl.org/mailman/listinfo/openssl-dev</a>
</pre>
</blockquote>
<br>
</body>
</html>