[openssl.org #358] patch for openssl-SNAP-20021120. Attempt to improve configurability.
OK, patch applied and committed. This ticket is now resolved. [[EMAIL PROTECTED] - Tue Nov 26 20:05:17 2002]: I am working on trying to build the libraries (libcrypto and libssl) to run on an embedded system with limited storage. To give you an idea, i have approximately 1.5 megabytes of diskspace in the system. I need to reduce the footprint of the libraries as much as possible. We dont plan to use OCSP in our system. This is the reason we want to turn it off and save space. Although the gain (in this specific case) is small regarding to footprint the idea of having a configurable library is in my opinion good. -- Richard Levitte __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #358] patch for openssl-SNAP-20021120. Attempt to improve configurability.
I can understand wanting to disable the use of sockets. I can't understand why OCSP or speed should be disabled, however. Please explain. [[EMAIL PROTECTED] - Sat Nov 23 19:46:14 2002]: Hi, This patch makes it possible to build apps/openssl without the speed and ocsp programs and without sockets. to disable apps/speed.c (openssl speed) just Configure with no-speed. Thank you, Enrique diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- 20021120/apps/ocsp.c ./apps/ocsp.c --- /tmp/openssl-SNAP-20021120/apps/ocsp.c 2002-11-13 17:00:24.0 +0100 +++ ./apps/ocsp.c 2002-11-22 04:00:56.0 +0100 @@ -55,6 +55,7 @@ * Hudson ([EMAIL PROTECTED]). * */ +#ifndef OPENSSL_NO_OCSP #include stdio.h #include string.h @@ -722,7 +723,12 @@ } else if (host) { +#ifndef OPENSSL_NO_SOCK cbio = BIO_new_connect(host); +#else + BIO_printf(bio_err, Error creating connect BIO - sockets not supported.\n); + goto end; +#endif if (!cbio) { BIO_printf(bio_err, Error creating connect BIO\n); @@ -1139,7 +1145,11 @@ bufbio = BIO_new(BIO_f_buffer()); if (!bufbio) goto err; +#ifndef OPENSSL_NO_SOCK acbio = BIO_new_accept(port); +#else + BIO_printf(bio_err, Error setting up accept BIO - sockets not supported.\n); +#endif if (!acbio) goto err; BIO_set_accept_bios(acbio, bufbio); @@ -1226,3 +1236,4 @@ return 1; } +#endif diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- 20021120/apps/progs.h ./apps/progs.h --- /tmp/openssl-SNAP-20021120/apps/progs.h 2002-08-26 14:00:21.0 +0200 +++ ./apps/progs.h 2002-11-22 04:01:11.0 +0100 @@ -100,7 +100,9 @@ #if !defined(OPENSSL_NO_SOCK) !(defined(OPENSSL_NO_SSL2) defined(OPENSSL_NO_SSL3)) {FUNC_TYPE_GENERAL,s_client,s_client_main}, #endif +#ifndef OPENSSL_NO_SPEED {FUNC_TYPE_GENERAL,speed,speed_main}, +#endif #if !defined(OPENSSL_NO_SOCK) !(defined(OPENSSL_NO_SSL2) defined(OPENSSL_NO_SSL3)) {FUNC_TYPE_GENERAL,s_time,s_time_main}, #endif @@ -120,7 +122,9 @@ {FUNC_TYPE_GENERAL,smime,smime_main}, {FUNC_TYPE_GENERAL,rand,rand_main}, {FUNC_TYPE_GENERAL,engine,engine_main}, +#ifndef OPENSSL_NO_OCSP {FUNC_TYPE_GENERAL,ocsp,ocsp_main}, +#endif #ifndef OPENSSL_NO_MD2 {FUNC_TYPE_MD,md2,dgst_main}, #endif diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- 20021120/apps/speed.c ./apps/speed.c --- /tmp/openssl-SNAP-20021120/apps/speed.c 2002-11-19 01:00:57.0 +0100 +++ ./apps/speed.c 2002-11-21 23:33:02.0 +0100 @@ -71,6 +71,8 @@ /* most of this code has been pilfered from my libdes speed.c program */ +#ifndef OPENSSL_NO_SPEED + #undef SECONDS #define SECONDS3 #define RSA_SECONDS10 @@ -2569,3 +2571,4 @@ return 1; } #endif +#endif diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- 20021120/crypto/x509v3/ext_dat.h ./crypto/x509v3/ext_dat.h --- /tmp/openssl-SNAP-20021120/crypto/x509v3/ext_dat.h 2002-06-13 15:00:47.0 +0200 +++ ./crypto/x509v3/ext_dat.h 2002-11-22 09:33:10.0 +0100 @@ -90,17 +90,23 @@ v3_crld, v3_ext_ku, v3_crl_reason, +#ifndef OPENSSL_NO_OCSP v3_crl_invdate, +#endif v3_sxnet, v3_info, +#ifndef OPENSSL_NO_OCSP v3_ocsp_nonce, v3_ocsp_crlid, v3_ocsp_accresp, v3_ocsp_nocheck, v3_ocsp_acutoff, v3_ocsp_serviceloc, +#endif v3_sinfo, +#ifndef OPENSSL_NO_OCSP v3_crl_hold +#endif }; /* Number of standard extensions */ diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- 20021120/crypto/x509v3/v3_ocsp.c ./crypto/x509v3/v3_ocsp.c --- /tmp/openssl-SNAP-20021120/crypto/x509v3/v3_ocsp.c 2001-02-23 05:01:03.0 +0100 +++ ./crypto/x509v3/v3_ocsp.c 2002-11-22 09:33:03.0 +0100 @@ -56,6 +56,8 @@ * */ +#ifndef OPENSSL_NO_OCSP + #include stdio.h #include cryptlib.h #include openssl/conf.h @@ -270,3 +272,4 @@ err: return 0; } +#endif diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- 20021120/ssl/bio_ssl.c ./ssl/bio_ssl.c --- /tmp/openssl-SNAP-20021120/ssl/bio_ssl.c2002-01-12 17:00:41.0 +0100 +++ ./ssl/bio_ssl.c 2002-11-21 23:06:11.0 +0100 @@ -526,6 +526,7 @@ BIO *BIO_new_ssl_connect(SSL_CTX *ctx) { +#ifndef OPENSSL_NO_SOCK BIO *ret=NULL,*con=NULL,*ssl=NULL; if ((con=BIO_new(BIO_s_connect())) == NULL) @@ -538,6 +539,7 @@ err: if (con != NULL) BIO_free(con); if (ret != NULL) BIO_free(ret); +#endif return(NULL); } -- Richard Levitte
[openssl.org #358] patch for openssl-SNAP-20021120. Attempt to improve configurability.
Hi, I am working on trying to build the libraries (libcrypto and libssl) to run on an embedded system with limited storage. To give you an idea, i have approximately 1.5 megabytes of diskspace in the system. I need to reduce the footprint of the libraries as much as possible. We dont plan to use OCSP in our system. This is the reason we want to turn it off and save space. Although the gain (in this specific case) is small regarding to footprint the idea of having a configurable library is in my opinion good. apps/openssl is used by some of the test scripts in the test directory. I need to be able to run the tests to verify that I have a working library. This is why patches for the apps/ are provided to. BTW, if you have any suggestions, it may be config options, stuff in the TODO lists or anything that may help reduce the footprint of the library please let me know. Thank you, Enrique On Tue, Nov 26, 2002 at 10:39:33AM +0100, Richard Levitte via RT wrote: I can understand wanting to disable the use of sockets. I can't understand why OCSP or speed should be disabled, however. Please explain. [[EMAIL PROTECTED] - Sat Nov 23 19:46:14 2002]: Hi, This patch makes it possible to build apps/openssl without the speed and ocsp programs and without sockets. to disable apps/speed.c (openssl speed) just Configure with no-speed. Thank you, Enrique diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- 20021120/apps/ocsp.c ./apps/ocsp.c --- /tmp/openssl-SNAP-20021120/apps/ocsp.c 2002-11-13 17:00:24.0 +0100 +++ ./apps/ocsp.c 2002-11-22 04:00:56.0 +0100 @@ -55,6 +55,7 @@ * Hudson ([EMAIL PROTECTED]). * */ +#ifndef OPENSSL_NO_OCSP #include stdio.h #include string.h @@ -722,7 +723,12 @@ } else if (host) { +#ifndef OPENSSL_NO_SOCK cbio = BIO_new_connect(host); +#else + BIO_printf(bio_err, Error creating connect BIO - sockets not supported.\n); + goto end; +#endif if (!cbio) { BIO_printf(bio_err, Error creating connect BIO\n); @@ -1139,7 +1145,11 @@ bufbio = BIO_new(BIO_f_buffer()); if (!bufbio) goto err; +#ifndef OPENSSL_NO_SOCK acbio = BIO_new_accept(port); +#else + BIO_printf(bio_err, Error setting up accept BIO - sockets not supported.\n); +#endif if (!acbio) goto err; BIO_set_accept_bios(acbio, bufbio); @@ -1226,3 +1236,4 @@ return 1; } +#endif diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- 20021120/apps/progs.h ./apps/progs.h --- /tmp/openssl-SNAP-20021120/apps/progs.h 2002-08-26 14:00:21.0 +0200 +++ ./apps/progs.h 2002-11-22 04:01:11.0 +0100 @@ -100,7 +100,9 @@ #if !defined(OPENSSL_NO_SOCK) !(defined(OPENSSL_NO_SSL2) defined(OPENSSL_NO_SSL3)) {FUNC_TYPE_GENERAL,s_client,s_client_main}, #endif +#ifndef OPENSSL_NO_SPEED {FUNC_TYPE_GENERAL,speed,speed_main}, +#endif #if !defined(OPENSSL_NO_SOCK) !(defined(OPENSSL_NO_SSL2) defined(OPENSSL_NO_SSL3)) {FUNC_TYPE_GENERAL,s_time,s_time_main}, #endif @@ -120,7 +122,9 @@ {FUNC_TYPE_GENERAL,smime,smime_main}, {FUNC_TYPE_GENERAL,rand,rand_main}, {FUNC_TYPE_GENERAL,engine,engine_main}, +#ifndef OPENSSL_NO_OCSP {FUNC_TYPE_GENERAL,ocsp,ocsp_main}, +#endif #ifndef OPENSSL_NO_MD2 {FUNC_TYPE_MD,md2,dgst_main}, #endif diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- 20021120/apps/speed.c ./apps/speed.c --- /tmp/openssl-SNAP-20021120/apps/speed.c 2002-11-19 01:00:57.0 +0100 +++ ./apps/speed.c 2002-11-21 23:33:02.0 +0100 @@ -71,6 +71,8 @@ /* most of this code has been pilfered from my libdes speed.c program */ +#ifndef OPENSSL_NO_SPEED + #undef SECONDS #define SECONDS3 #define RSA_SECONDS10 @@ -2569,3 +2571,4 @@ return 1; } #endif +#endif diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- 20021120/crypto/x509v3/ext_dat.h ./crypto/x509v3/ext_dat.h --- /tmp/openssl-SNAP-20021120/crypto/x509v3/ext_dat.h 2002-06-13 15:00:47.0 +0200 +++ ./crypto/x509v3/ext_dat.h 2002-11-22 09:33:10.0 +0100 @@ -90,17 +90,23 @@ v3_crld, v3_ext_ku, v3_crl_reason, +#ifndef OPENSSL_NO_OCSP v3_crl_invdate, +#endif v3_sxnet, v3_info, +#ifndef OPENSSL_NO_OCSP v3_ocsp_nonce, v3_ocsp_crlid, v3_ocsp_accresp, v3_ocsp_nocheck, v3_ocsp_acutoff, v3_ocsp_serviceloc, +#endif v3_sinfo, +#ifndef OPENSSL_NO_OCSP v3_crl_hold +#endif }; /* Number of standard extensions */ diff
[openssl.org #358] patch for openssl-SNAP-20021120. Attempt to improve configurability.
Hi, I am working on trying to build the libraries (libcrypto and libssl) to run on an embedded system with limited storage. To give you an idea, i have approximately 1.5 megabytes of diskspace in the system. I need to reduce the footprint of the libraries as much as possible. We dont plan to use OCSP in our system. This is the reason we want to turn it off and save space. Although the gain (in this specific case) is small regarding to footprint the idea of having a configurable library is in my opinion good. apps/openssl is used by some of the test scripts in the test directory. I need to be able to run the tests to verify that I have a working library. This is why patches for the apps/ are provided to. BTW, if you have any suggestions, it may be config options, stuff in the TODO lists or anything that may help reduce the footprint of the library please let me know. Thank you, Enrique On Tue, Nov 26, 2002 at 10:39:33AM +0100, Richard Levitte via RT wrote: I can understand wanting to disable the use of sockets. I can't understand why OCSP or speed should be disabled, however. Please explain. [[EMAIL PROTECTED] - Sat Nov 23 19:46:14 2002]: Hi, This patch makes it possible to build apps/openssl without the speed and ocsp programs and without sockets. to disable apps/speed.c (openssl speed) just Configure with no-speed. Thank you, Enrique diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- 20021120/apps/ocsp.c ./apps/ocsp.c --- /tmp/openssl-SNAP-20021120/apps/ocsp.c 2002-11-13 17:00:24.0 +0100 +++ ./apps/ocsp.c 2002-11-22 04:00:56.0 +0100 @@ -55,6 +55,7 @@ * Hudson ([EMAIL PROTECTED]). * */ +#ifndef OPENSSL_NO_OCSP #include stdio.h #include string.h @@ -722,7 +723,12 @@ } else if (host) { +#ifndef OPENSSL_NO_SOCK cbio = BIO_new_connect(host); +#else + BIO_printf(bio_err, Error creating connect BIO - sockets not supported.\n); + goto end; +#endif if (!cbio) { BIO_printf(bio_err, Error creating connect BIO\n); @@ -1139,7 +1145,11 @@ bufbio = BIO_new(BIO_f_buffer()); if (!bufbio) goto err; +#ifndef OPENSSL_NO_SOCK acbio = BIO_new_accept(port); +#else + BIO_printf(bio_err, Error setting up accept BIO - sockets not supported.\n); +#endif if (!acbio) goto err; BIO_set_accept_bios(acbio, bufbio); @@ -1226,3 +1236,4 @@ return 1; } +#endif diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- 20021120/apps/progs.h ./apps/progs.h --- /tmp/openssl-SNAP-20021120/apps/progs.h 2002-08-26 14:00:21.0 +0200 +++ ./apps/progs.h 2002-11-22 04:01:11.0 +0100 @@ -100,7 +100,9 @@ #if !defined(OPENSSL_NO_SOCK) !(defined(OPENSSL_NO_SSL2) defined(OPENSSL_NO_SSL3)) {FUNC_TYPE_GENERAL,s_client,s_client_main}, #endif +#ifndef OPENSSL_NO_SPEED {FUNC_TYPE_GENERAL,speed,speed_main}, +#endif #if !defined(OPENSSL_NO_SOCK) !(defined(OPENSSL_NO_SSL2) defined(OPENSSL_NO_SSL3)) {FUNC_TYPE_GENERAL,s_time,s_time_main}, #endif @@ -120,7 +122,9 @@ {FUNC_TYPE_GENERAL,smime,smime_main}, {FUNC_TYPE_GENERAL,rand,rand_main}, {FUNC_TYPE_GENERAL,engine,engine_main}, +#ifndef OPENSSL_NO_OCSP {FUNC_TYPE_GENERAL,ocsp,ocsp_main}, +#endif #ifndef OPENSSL_NO_MD2 {FUNC_TYPE_MD,md2,dgst_main}, #endif diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- 20021120/apps/speed.c ./apps/speed.c --- /tmp/openssl-SNAP-20021120/apps/speed.c 2002-11-19 01:00:57.0 +0100 +++ ./apps/speed.c 2002-11-21 23:33:02.0 +0100 @@ -71,6 +71,8 @@ /* most of this code has been pilfered from my libdes speed.c program */ +#ifndef OPENSSL_NO_SPEED + #undef SECONDS #define SECONDS3 #define RSA_SECONDS10 @@ -2569,3 +2571,4 @@ return 1; } #endif +#endif diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP- 20021120/crypto/x509v3/ext_dat.h ./crypto/x509v3/ext_dat.h --- /tmp/openssl-SNAP-20021120/crypto/x509v3/ext_dat.h 2002-06-13 15:00:47.0 +0200 +++ ./crypto/x509v3/ext_dat.h 2002-11-22 09:33:10.0 +0100 @@ -90,17 +90,23 @@ v3_crld, v3_ext_ku, v3_crl_reason, +#ifndef OPENSSL_NO_OCSP v3_crl_invdate, +#endif v3_sxnet, v3_info, +#ifndef OPENSSL_NO_OCSP v3_ocsp_nonce, v3_ocsp_crlid, v3_ocsp_accresp, v3_ocsp_nocheck, v3_ocsp_acutoff, v3_ocsp_serviceloc, +#endif v3_sinfo, +#ifndef OPENSSL_NO_OCSP v3_crl_hold +#endif }; /* Number of standard extensions */ diff
[openssl.org #358] patch for openssl-SNAP-20021120. Attempt to improve configurability.
Hi, This patch makes it possible to build apps/openssl without the speed and ocsp programs and without sockets. to disable apps/speed.c (openssl speed) just Configure with no-speed. Thank you, Enrique diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP-20021120/apps/ocsp.c ./apps/ocsp.c --- /tmp/openssl-SNAP-20021120/apps/ocsp.c 2002-11-13 17:00:24.0 +0100 +++ ./apps/ocsp.c 2002-11-22 04:00:56.0 +0100 @@ -55,6 +55,7 @@ * Hudson ([EMAIL PROTECTED]). * */ +#ifndef OPENSSL_NO_OCSP #include stdio.h #include string.h @@ -722,7 +723,12 @@ } else if (host) { +#ifndef OPENSSL_NO_SOCK cbio = BIO_new_connect(host); +#else + BIO_printf(bio_err, Error creating connect BIO - sockets not +supported.\n); + goto end; +#endif if (!cbio) { BIO_printf(bio_err, Error creating connect BIO\n); @@ -1139,7 +1145,11 @@ bufbio = BIO_new(BIO_f_buffer()); if (!bufbio) goto err; +#ifndef OPENSSL_NO_SOCK acbio = BIO_new_accept(port); +#else + BIO_printf(bio_err, Error setting up accept BIO - sockets not supported.\n); +#endif if (!acbio) goto err; BIO_set_accept_bios(acbio, bufbio); @@ -1226,3 +1236,4 @@ return 1; } +#endif diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP-20021120/apps/progs.h ./apps/progs.h --- /tmp/openssl-SNAP-20021120/apps/progs.h 2002-08-26 14:00:21.0 +0200 +++ ./apps/progs.h 2002-11-22 04:01:11.0 +0100 @@ -100,7 +100,9 @@ #if !defined(OPENSSL_NO_SOCK) !(defined(OPENSSL_NO_SSL2) defined(OPENSSL_NO_SSL3)) {FUNC_TYPE_GENERAL,s_client,s_client_main}, #endif +#ifndef OPENSSL_NO_SPEED {FUNC_TYPE_GENERAL,speed,speed_main}, +#endif #if !defined(OPENSSL_NO_SOCK) !(defined(OPENSSL_NO_SSL2) defined(OPENSSL_NO_SSL3)) {FUNC_TYPE_GENERAL,s_time,s_time_main}, #endif @@ -120,7 +122,9 @@ {FUNC_TYPE_GENERAL,smime,smime_main}, {FUNC_TYPE_GENERAL,rand,rand_main}, {FUNC_TYPE_GENERAL,engine,engine_main}, +#ifndef OPENSSL_NO_OCSP {FUNC_TYPE_GENERAL,ocsp,ocsp_main}, +#endif #ifndef OPENSSL_NO_MD2 {FUNC_TYPE_MD,md2,dgst_main}, #endif diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP-20021120/apps/speed.c ./apps/speed.c --- /tmp/openssl-SNAP-20021120/apps/speed.c 2002-11-19 01:00:57.0 +0100 +++ ./apps/speed.c 2002-11-21 23:33:02.0 +0100 @@ -71,6 +71,8 @@ /* most of this code has been pilfered from my libdes speed.c program */ +#ifndef OPENSSL_NO_SPEED + #undef SECONDS #define SECONDS3 #define RSA_SECONDS10 @@ -2569,3 +2571,4 @@ return 1; } #endif +#endif diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP-20021120/crypto/x509v3/ext_dat.h ./crypto/x509v3/ext_dat.h --- /tmp/openssl-SNAP-20021120/crypto/x509v3/ext_dat.h 2002-06-13 15:00:47.0 +0200 +++ ./crypto/x509v3/ext_dat.h 2002-11-22 09:33:10.0 +0100 @@ -90,17 +90,23 @@ v3_crld, v3_ext_ku, v3_crl_reason, +#ifndef OPENSSL_NO_OCSP v3_crl_invdate, +#endif v3_sxnet, v3_info, +#ifndef OPENSSL_NO_OCSP v3_ocsp_nonce, v3_ocsp_crlid, v3_ocsp_accresp, v3_ocsp_nocheck, v3_ocsp_acutoff, v3_ocsp_serviceloc, +#endif v3_sinfo, +#ifndef OPENSSL_NO_OCSP v3_crl_hold +#endif }; /* Number of standard extensions */ diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP-20021120/crypto/x509v3/v3_ocsp.c ./crypto/x509v3/v3_ocsp.c --- /tmp/openssl-SNAP-20021120/crypto/x509v3/v3_ocsp.c 2001-02-23 05:01:03.0 +0100 +++ ./crypto/x509v3/v3_ocsp.c 2002-11-22 09:33:03.0 +0100 @@ -56,6 +56,8 @@ * */ +#ifndef OPENSSL_NO_OCSP + #include stdio.h #include cryptlib.h #include openssl/conf.h @@ -270,3 +272,4 @@ err: return 0; } +#endif diff --exclude=Makefile.ssl -rbu /tmp/openssl-SNAP-20021120/ssl/bio_ssl.c ./ssl/bio_ssl.c --- /tmp/openssl-SNAP-20021120/ssl/bio_ssl.c2002-01-12 17:00:41.0 +0100 +++ ./ssl/bio_ssl.c 2002-11-21 23:06:11.0 +0100 @@ -526,6 +526,7 @@ BIO *BIO_new_ssl_connect(SSL_CTX *ctx) { +#ifndef OPENSSL_NO_SOCK BIO *ret=NULL,*con=NULL,*ssl=NULL; if ((con=BIO_new(BIO_s_connect())) == NULL) @@ -538,6 +539,7 @@ err: if (con != NULL) BIO_free(con); if (ret != NULL) BIO_free(ret); +#endif return(NULL); } __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]