Hi, I am working on trying to build the libraries (libcrypto and libssl) to run on an embedded system with limited storage. To give you an idea, i have approximately 1.5 megabytes of diskspace in the system. I need to reduce the footprint of the libraries as much as possible.
We dont plan to use OCSP in our system. This is the reason we want to turn it off and save space. Although the gain (in this specific case) is small regarding to footprint the idea of having a configurable library is in my opinion good. apps/openssl is used by some of the test scripts in the test directory. I need to be able to run the tests to verify that I have a working library. This is why patches for the apps/ are provided to. BTW, if you have any suggestions, it may be config options, stuff in the TODO lists or anything that may help reduce the footprint of the library please let me know. Thank you, Enrique On Tue, Nov 26, 2002 at 10:39:33AM +0100, Richard Levitte via RT wrote: > > I can understand wanting to disable the use of sockets. I can't > understand why OCSP or speed should be disabled, however. Please > explain. > > [[EMAIL PROTECTED] - Sat Nov 23 19:46:14 2002]: > > > Hi, > > > > This patch makes it possible to build apps/openssl without the > speed > > and ocsp programs and without sockets. > > > > to disable apps/speed.c (openssl speed) just Configure with > no-speed. > > > > Thank you, > > Enrique > > > > diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- > > 20021120/apps/ocsp.c ./apps/ocsp.c > > --- /tmp/openssl-SNAP-20021120/apps/ocsp.c 2002-11-13 > > 17:00:24.000000000 +0100 > > +++ ./apps/ocsp.c 2002-11-22 04:00:56.000000000 +0100 > > @@ -55,6 +55,7 @@ > > * Hudson ([EMAIL PROTECTED]). > > * > > */ > > +#ifndef OPENSSL_NO_OCSP > > > > #include <stdio.h> > > #include <string.h> > > @@ -722,7 +723,12 @@ > > } > > else if (host) > > { > > +#ifndef OPENSSL_NO_SOCK > > cbio = BIO_new_connect(host); > > +#else > > + BIO_printf(bio_err, "Error creating connect > > BIO - sockets not supported.\n"); > > + goto end; > > +#endif > > if (!cbio) > > { > > BIO_printf(bio_err, "Error creating connect > > BIO\n"); > > @@ -1139,7 +1145,11 @@ > > bufbio = BIO_new(BIO_f_buffer()); > > if (!bufbio) > > goto err; > > +#ifndef OPENSSL_NO_SOCK > > acbio = BIO_new_accept(port); > > +#else > > + BIO_printf(bio_err, "Error setting up accept BIO - sockets not > > supported.\n"); > > +#endif > > if (!acbio) > > goto err; > > BIO_set_accept_bios(acbio, bufbio); > > @@ -1226,3 +1236,4 @@ > > return 1; > > } > > > > +#endif > > diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- > > 20021120/apps/progs.h ./apps/progs.h > > --- /tmp/openssl-SNAP-20021120/apps/progs.h 2002-08-26 > > 14:00:21.000000000 +0200 > > +++ ./apps/progs.h 2002-11-22 04:01:11.000000000 +0100 > > @@ -100,7 +100,9 @@ > > #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && > > defined(OPENSSL_NO_SSL3)) > > {FUNC_TYPE_GENERAL,"s_client",s_client_main}, > > #endif > > +#ifndef OPENSSL_NO_SPEED > > {FUNC_TYPE_GENERAL,"speed",speed_main}, > > +#endif > > #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && > > defined(OPENSSL_NO_SSL3)) > > {FUNC_TYPE_GENERAL,"s_time",s_time_main}, > > #endif > > @@ -120,7 +122,9 @@ > > {FUNC_TYPE_GENERAL,"smime",smime_main}, > > {FUNC_TYPE_GENERAL,"rand",rand_main}, > > {FUNC_TYPE_GENERAL,"engine",engine_main}, > > +#ifndef OPENSSL_NO_OCSP > > {FUNC_TYPE_GENERAL,"ocsp",ocsp_main}, > > +#endif > > #ifndef OPENSSL_NO_MD2 > > {FUNC_TYPE_MD,"md2",dgst_main}, > > #endif > > diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- > > 20021120/apps/speed.c ./apps/speed.c > > --- /tmp/openssl-SNAP-20021120/apps/speed.c 2002-11-19 > > 01:00:57.000000000 +0100 > > +++ ./apps/speed.c 2002-11-21 23:33:02.000000000 +0100 > > @@ -71,6 +71,8 @@ > > > > /* most of this code has been pilfered from my libdes speed.c > program > > */ > > > > +#ifndef OPENSSL_NO_SPEED > > + > > #undef SECONDS > > #define SECONDS 3 > > #define RSA_SECONDS 10 > > @@ -2569,3 +2571,4 @@ > > return 1; > > } > > #endif > > +#endif > > diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- > > 20021120/crypto/x509v3/ext_dat.h ./crypto/x509v3/ext_dat.h > > --- /tmp/openssl-SNAP-20021120/crypto/x509v3/ext_dat.h 2002-06-13 > > 15:00:47.000000000 +0200 > > +++ ./crypto/x509v3/ext_dat.h 2002-11-22 09:33:10.000000000 +0100 > > @@ -90,17 +90,23 @@ > > &v3_crld, > > &v3_ext_ku, > > &v3_crl_reason, > > +#ifndef OPENSSL_NO_OCSP > > &v3_crl_invdate, > > +#endif > > &v3_sxnet, > > &v3_info, > > +#ifndef OPENSSL_NO_OCSP > > &v3_ocsp_nonce, > > &v3_ocsp_crlid, > > &v3_ocsp_accresp, > > &v3_ocsp_nocheck, > > &v3_ocsp_acutoff, > > &v3_ocsp_serviceloc, > > +#endif > > &v3_sinfo, > > +#ifndef OPENSSL_NO_OCSP > > &v3_crl_hold > > +#endif > > }; > > > > /* Number of standard extensions */ > > diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- > > 20021120/crypto/x509v3/v3_ocsp.c ./crypto/x509v3/v3_ocsp.c > > --- /tmp/openssl-SNAP-20021120/crypto/x509v3/v3_ocsp.c 2001-02-23 > > 05:01:03.000000000 +0100 > > +++ ./crypto/x509v3/v3_ocsp.c 2002-11-22 09:33:03.000000000 +0100 > > @@ -56,6 +56,8 @@ > > * > > */ > > > > +#ifndef OPENSSL_NO_OCSP > > + > > #include <stdio.h> > > #include "cryptlib.h" > > #include <openssl/conf.h> > > @@ -270,3 +272,4 @@ > > err: > > return 0; > > } > > +#endif > > diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- > > 20021120/ssl/bio_ssl.c ./ssl/bio_ssl.c > > --- /tmp/openssl-SNAP-20021120/ssl/bio_ssl.c 2002-01-12 > > 17:00:41.000000000 +0100 > > +++ ./ssl/bio_ssl.c 2002-11-21 23:06:11.000000000 +0100 > > @@ -526,6 +526,7 @@ > > > > BIO *BIO_new_ssl_connect(SSL_CTX *ctx) > > { > > +#ifndef OPENSSL_NO_SOCK > > BIO *ret=NULL,*con=NULL,*ssl=NULL; > > > > if ((con=BIO_new(BIO_s_connect())) == NULL) > > @@ -538,6 +539,7 @@ > > err: > > if (con != NULL) BIO_free(con); > > if (ret != NULL) BIO_free(ret); > > +#endif > > return(NULL); > > } > > > > > > > -- > Richard Levitte ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]