> I am trying to build a smaller libressl(portable) and this is the > src code I had change. > > The auto based build system also needs tweeking, I simply removed > those lines for now but it would be nice with proper --enable/--disable > knobs.
We did not unentangle the happy maze of openssl defines and options in order to put it back later. There is no intent in supporting building with OPENSSL_NO_whatever. A diff back #ifdef OPENSSL_NO_FOO or shuffling the existing ones around in order to get things to build will not get accepted. On the other hand, diffs carefully removing the remaining defines will be much better welcomed. > I can currently build libressl with these defined, but I cannot > tell if any of them sholed be removed from a security perspective? If you're asking such a question, it looks to me that you have no idea what you are doing. What are you trying to achieve? A library so stripped down that it becomes useless? Miod