[openssl-dev] Seeking feedback on some #ifdef changes

[Salz, Rich]

Looking at just OPENSSL_NO_xxx, we have over 100 openssl #ifdef options and we are considering removing nearly a third of them.  Please reply soon if the following plan would cause problems. This will happen only in master, for post-1.0.2.
We will remove the following options.  You could argue that the OPENSSL_NO_SHAxxx options be treated as crypto, but OpenSSL does not compile without SHA and SHA1 defined, and we have no interest in spending the time to fix it. So for consistency, we will remove all of them.
        GENUINE_DSA (and the broken DSS0 since SHA0 will be removed)
        OPENSSL_NO_BIO
        OPENSSL_NO_BUFFER
        OPENSSL_NO_BUF_FREELISTS
        OPENSSL_NO_CHAIN_VERIFY
        OPENSSL_NO_DESCBCM (also removing the code; no EVP support)
        OPENSSL_NO_EVP
        OPENSSL_NO_FIPS_ERR
        OPENSSL_NO_HASH_COMP
        OPENSSL_NO_LHASH
        OPENSSL_NO_LOCKING
        OPENSSL_NO_MULTIBYTE (also removing the code)
        OPENSSL_NO_OBJECT
        OPENSSL_NO_RFC3779
        OPENSSL_NO_SHA
        OPENSSL_NO_SHA0 (also removing the code for SHA0)
        OPENSSL_NO_SHA1
        OPENSSL_NO_SHA224
        OPENSSL_NO_SHA256
        OPENSSL_NO_SHA384
        OPENSSL_NO_SHA512
        OPENSSL_NO_SPEED
        OPENSSL_NO_SSL_INTERN (first attempt at making things opaque)
        OPENSSL_NO_STACK
        OPENSSL_NO_STORE
        OPENSSL_NO_TLS
        OPENSSL_NO_TLS1
        OPENSSL_NO_TLS1_2_CLIENT
        OPENSSL_NO_TLSEXT
        OPENSSL_NO_X509
        OPENSSL_NO_X509_VERIFY


--
Principal Security Engineer, Akamai Technologies
IM: rsalz at jabber.me<mailto:rsalz at jabber.me> Twitter: RichSalz

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150123/31b17e1e/attachment.html>