The only one of all those that matters (to me) is OPENSSL_NO_SSL_INTERN since that provides a way to anticipate the effects of this API change. I'm fine with it going, but it needs a specified replacement (even if the replacement is we'll do that by default). Currently for example Qt won't build with OPENSSL_NO_SSL_INTERN defined since there are fields used for NPN that we need (iirc).
Cheers Rich. On 23 January 2015 at 19:11, Salz, Rich <[email protected]> wrote: > Looking at just OPENSSL_NO_xxx, we have over 100 openssl #ifdef options > and we are considering removing nearly a third of them. Please reply soon > if the following plan would cause problems. This will happen only in > master, for post-1.0.2. > > We will remove the following options. You could argue that the > OPENSSL_NO_SHAxxx options be treated as crypto, but OpenSSL does not > compile without SHA and SHA1 defined, and we have no interest in spending > the time to fix it. So for consistency, we will remove all of them. > > GENUINE_DSA (and the broken DSS0 since SHA0 will be removed) > > OPENSSL_NO_BIO > > OPENSSL_NO_BUFFER > > OPENSSL_NO_BUF_FREELISTS > > OPENSSL_NO_CHAIN_VERIFY > > OPENSSL_NO_DESCBCM (also removing the code; no EVP support) > > OPENSSL_NO_EVP > > OPENSSL_NO_FIPS_ERR > > OPENSSL_NO_HASH_COMP > > OPENSSL_NO_LHASH > > OPENSSL_NO_LOCKING > > OPENSSL_NO_MULTIBYTE (also removing the code) > > OPENSSL_NO_OBJECT > > OPENSSL_NO_RFC3779 > > OPENSSL_NO_SHA > > OPENSSL_NO_SHA0 (also removing the code for SHA0) > > OPENSSL_NO_SHA1 > > OPENSSL_NO_SHA224 > > OPENSSL_NO_SHA256 > > OPENSSL_NO_SHA384 > > OPENSSL_NO_SHA512 > > OPENSSL_NO_SPEED > > OPENSSL_NO_SSL_INTERN (first attempt at making things opaque) > > OPENSSL_NO_STACK > > OPENSSL_NO_STORE > > OPENSSL_NO_TLS > > OPENSSL_NO_TLS1 > > OPENSSL_NO_TLS1_2_CLIENT > > OPENSSL_NO_TLSEXT > > OPENSSL_NO_X509 > > OPENSSL_NO_X509_VERIFY > > > > > > -- > > Principal Security Engineer, Akamai Technologies > > IM: [email protected] Twitter: RichSalz > > > > _______________________________________________ > openssl-dev mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev > >
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
