[openssl-dev] Seeking feedback on some #ifdef changes
Salz, Rich
rsalz at akamai.com
Fri Jan 23 19:11:35 UTC 2015
Looking at just OPENSSL_NO_xxx, we have over 100 openssl #ifdef options and we are considering removing nearly a third of them. Please reply soon if the following plan would cause problems. This will happen only in master, for post-1.0.2.
We will remove the following options. You could argue that the OPENSSL_NO_SHAxxx options be treated as crypto, but OpenSSL does not compile without SHA and SHA1 defined, and we have no interest in spending the time to fix it. So for consistency, we will remove all of them.
GENUINE_DSA (and the broken DSS0 since SHA0 will be removed)
OPENSSL_NO_BIO
OPENSSL_NO_BUFFER
OPENSSL_NO_BUF_FREELISTS
OPENSSL_NO_CHAIN_VERIFY
OPENSSL_NO_DESCBCM (also removing the code; no EVP support)
OPENSSL_NO_EVP
OPENSSL_NO_FIPS_ERR
OPENSSL_NO_HASH_COMP
OPENSSL_NO_LHASH
OPENSSL_NO_LOCKING
OPENSSL_NO_MULTIBYTE (also removing the code)
OPENSSL_NO_OBJECT
OPENSSL_NO_RFC3779
OPENSSL_NO_SHA
OPENSSL_NO_SHA0 (also removing the code for SHA0)
OPENSSL_NO_SHA1
OPENSSL_NO_SHA224
OPENSSL_NO_SHA256
OPENSSL_NO_SHA384
OPENSSL_NO_SHA512
OPENSSL_NO_SPEED
OPENSSL_NO_SSL_INTERN (first attempt at making things opaque)
OPENSSL_NO_STACK
OPENSSL_NO_STORE
OPENSSL_NO_TLS
OPENSSL_NO_TLS1
OPENSSL_NO_TLS1_2_CLIENT
OPENSSL_NO_TLSEXT
OPENSSL_NO_X509
OPENSSL_NO_X509_VERIFY
--
Principal Security Engineer, Akamai Technologies
IM: rsalz at jabber.me<mailto:rsalz at jabber.me> Twitter: RichSalz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150123/31b17e1e/attachment.html>
More information about the openssl-dev
mailing list