Sorry for responding late to this thread, but has anyone considered consolidating the following three definitions:
OPENSSL_NO_EC OPENSSL_NO_ECDH OPENSSL_NO_EDDSA Is there a valid case where all three of these wouldn't be used together? Would the code even compile if only one (or two) of these were defined? On 01/23/2015 02:11 PM, Salz, Rich wrote: > > Looking at just OPENSSL_NO_xxx, we have over 100 openssl #ifdef > options and we are considering removing nearly a third of them. > Please reply soon if the following plan would cause problems. This > will happen only in master, for post-1.0.2. > > We will remove the following options. You could argue that the > OPENSSL_NO_SHAxxx options be treated as crypto, but OpenSSL does not > compile without SHA and SHA1 defined, and we have no interest in > spending the time to fix it. So for consistency, we will remove all of > them. > > GENUINE_DSA (and the broken DSS0 since SHA0 will be removed) > > OPENSSL_NO_BIO > > OPENSSL_NO_BUFFER > > OPENSSL_NO_BUF_FREELISTS > > OPENSSL_NO_CHAIN_VERIFY > > OPENSSL_NO_DESCBCM (also removing the code; no EVP support) > > OPENSSL_NO_EVP > > OPENSSL_NO_FIPS_ERR > > OPENSSL_NO_HASH_COMP > > OPENSSL_NO_LHASH > > OPENSSL_NO_LOCKING > > OPENSSL_NO_MULTIBYTE (also removing the code) > > OPENSSL_NO_OBJECT > > OPENSSL_NO_RFC3779 > > OPENSSL_NO_SHA > > OPENSSL_NO_SHA0 (also removing the code for SHA0) > > OPENSSL_NO_SHA1 > > OPENSSL_NO_SHA224 > > OPENSSL_NO_SHA256 > > OPENSSL_NO_SHA384 > > OPENSSL_NO_SHA512 > > OPENSSL_NO_SPEED > > OPENSSL_NO_SSL_INTERN (first attempt at making things opaque) > > OPENSSL_NO_STACK > > OPENSSL_NO_STORE > > OPENSSL_NO_TLS > > OPENSSL_NO_TLS1 > > OPENSSL_NO_TLS1_2_CLIENT > > OPENSSL_NO_TLSEXT > > OPENSSL_NO_X509 > > OPENSSL_NO_X509_VERIFY > > > > > > -- > > Principal Security Engineer, Akamai Technologies > > IM: rs...@jabber.me <mailto:rs...@jabber.me> Twitter: RichSalz > > > > > > _______________________________________________ > openssl-dev mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
