[openssl] master update
Matt Caswell
matt at openssl.org
Thu Jun 10 09:04:31 UTC 2021
The branch master has been updated
via 726f92e016bac53175ed5d5321bce1ddf6b207d6 (commit)
from 25959e04c350c2b82d545ea38b18ff714acf61ba (commit)
- Log -----------------------------------------------------------------
commit 726f92e016bac53175ed5d5321bce1ddf6b207d6
Author: Arran Cudbard-Bell <a.cudbardb at freeradius.org>
Date: Tue Jun 8 16:45:38 2021 -0500
Enable ssl-trace by default
There doesn't appear to be a good reason to omit protocol message tracing by default.
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15665)
-----------------------------------------------------------------------
Summary of changes:
Configure | 3 +--
INSTALL.md | 9 ++++++---
doc/man1/openssl-s_client.pod.in | 3 +--
doc/man1/openssl-s_server.pod.in | 3 +--
4 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/Configure b/Configure
index f6951bbb18..c6e85b3e48 100755
--- a/Configure
+++ b/Configure
@@ -548,7 +548,6 @@ our %disabled = ( # "what" => "comment"
"msan" => "default",
"rc5" => "default",
"sctp" => "default",
- "ssl-trace" => "default",
"ssl3" => "default",
"ssl3-method" => "default",
"trace" => "default",
@@ -575,7 +574,7 @@ my @disable_cascades = (
"rc2", "rc4", "rmd160",
"seed", "siphash", "siv",
"sm3", "sm4", "srp",
- "srtp", "ssl3-method",
+ "srtp", "ssl3-method", "ssl-trace",
"ts", "ui-console", "whirlpool",
"fips-securitychecks" ],
sub { $config{processor} eq "386" }
diff --git a/INSTALL.md b/INSTALL.md
index 1855dcd128..202a66885e 100644
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -850,11 +850,14 @@ disengage SSE2 code paths upon application start-up, but if you aim for wider
"audience" running such kernel, consider `no-sse2`. Both the `386` and `no-asm`
options imply `no-sse2`.
-### enable-ssl-trace
+### no-ssl-trace
-Build with the SSL Trace capabilities.
+Don't build with SSL Trace capabilities.
-This adds the `-trace` option to `s_client` and `s_server`.
+This removes the `-trace` option from `s_client` and `s_server`, and omits the
+`SSL_trace()` function from libssl.
+
+Disabling `ssl-trace` may provide a small reduction in libssl binary size.
### no-static-engine
diff --git a/doc/man1/openssl-s_client.pod.in b/doc/man1/openssl-s_client.pod.in
index 985ca4125d..144e367d4e 100644
--- a/doc/man1/openssl-s_client.pod.in
+++ b/doc/man1/openssl-s_client.pod.in
@@ -460,8 +460,7 @@ Show all protocol messages with hex dump.
=item B<-trace>
-Show verbose trace output of protocol messages. OpenSSL needs to be compiled
-with B<enable-ssl-trace> for this option to work.
+Show verbose trace output of protocol messages.
=item B<-msgfile> I<filename>
diff --git a/doc/man1/openssl-s_server.pod.in b/doc/man1/openssl-s_server.pod.in
index 27522fc04b..97852ae7bf 100644
--- a/doc/man1/openssl-s_server.pod.in
+++ b/doc/man1/openssl-s_server.pod.in
@@ -536,8 +536,7 @@ Configure SSL_CTX using the given configuration value.
=item B<-trace>
-Show verbose trace output of protocol messages. OpenSSL needs to be compiled
-with B<enable-ssl-trace> for this option to work.
+Show verbose trace output of protocol messages.
=item B<-brief>
More information about the openssl-commits
mailing list