From 498abff0ae907dce08f37a1353976755e8c8120e Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Tue, 9 Feb 2016 09:39:07 +0000 Subject: [PATCH] Add an OPENSSL_NO_AUTOERRINIT option This option disables automatic loading of the crypto/ssl error strings in order to keep statically linked executable file size down Reviewed-by: Richard Levitte --- Configure | 3 ++- crypto/init.c | 6 +++++- ssl/ssl_init.c | 10 ++++++++-- util/mk1mf.pl | 3 +++ 4 files changed, 18 insertions(+), 4 deletions(-) diff --git a/Configure b/Configure index ba21c4f85f..c81a66157e 100755 --- a/Configure +++ b/Configure @@ -228,6 +228,7 @@ my @disablables = ( "asm", "async", "autoalginit", + "autoerrinit", "bf", "camellia", "capieng", @@ -743,7 +744,7 @@ foreach (sort (keys %disabled)) ($ALGO = $algo = $_) =~ tr/[\-a-z]/[_A-Z]/; if (/^asm$/ || /^err$/ || /^hw$/ || /^hw-/ || /^async$/ - || /^autoalginit/) + || /^autoalginit/ || /^autoerrinit/) { push @{$config{openssl_other_defines}}, "OPENSSL_NO_$ALGO"; print " OPENSSL_NO_$ALGO"; diff --git a/crypto/init.c b/crypto/init.c index 856b06afdd..bce8438b95 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -282,7 +282,11 @@ static void ossl_init_no_load_crypto_strings(void) static void ossl_init_load_crypto_strings(void) { -#ifndef OPENSSL_NO_ERR + /* + * OPENSSL_NO_AUTOERRINIT is provided here to prevent at compile time + * pulling in all the error strings during static linking + */ +#if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT) # ifdef OPENSSL_INIT_DEBUG fprintf(stderr, "OPENSSL_INIT: ossl_init_load_crypto_strings: " "err_load_crypto_strings_intern()\n"); diff --git a/ssl/ssl_init.c b/ssl/ssl_init.c index f1014135a1..1bccba1cd8 100644 --- a/ssl/ssl_init.c +++ b/ssl/ssl_init.c @@ -253,11 +253,17 @@ static OPENSSL_INIT_ONCE ssl_strings = OPENSSL_INIT_ONCE_STATIC_INIT; static int ssl_strings_inited = 0; static void ossl_init_load_ssl_strings(void) { -#ifdef OPENSSL_INIT_DEBUG + /* + * OPENSSL_NO_AUTOERRINIT is provided here to prevent at compile time + * pulling in all the error strings during static linking + */ +#if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT) +# ifdef OPENSSL_INIT_DEBUG fprintf(stderr, "OPENSSL_INIT: ossl_init_load_ssl_strings: " "ERR_load_SSL_strings()\n"); -#endif +# endif ERR_load_SSL_strings(); +#endif ssl_strings_inited = 1; } diff --git a/util/mk1mf.pl b/util/mk1mf.pl index e7cbea883d..1e72b9003b 100755 --- a/util/mk1mf.pl +++ b/util/mk1mf.pl @@ -144,6 +144,7 @@ and [options] can be one of no-hw - No hw no-async - No Async (use NULL) no-autoalginit - Don't auto load algorithms in libcrypto + no-autoerrinit - Don't auto load error strings for libcrypto or libssl nasm - Use NASM for x86 asm nw-nasm - Use NASM x86 asm for NetWare nw-mwasm - Use Metrowerks x86 asm for NetWare @@ -300,6 +301,7 @@ $cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine; $cflags.=" -DOPENSSL_NO_HW" if $no_hw; $cflags.=" -DOPENSSL_NO_ASYNC" if $no_async; $cflags.=" -DOPENSSL_NO_AUTOALGINIT" if $no_autoalginit; +$cflags.=" -DOPENSSL_NO_AUTOERRINIT" if $no_autoerrinit; $cflags.=" -DOPENSSL_FIPS" if $fips; $cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake; $cflags.=" -DOPENSSL_NO_EC2M" if $no_ec2m; @@ -1417,6 +1419,7 @@ sub read_options "no-hw" => \$no_hw, "no-async" => \$no_async, "no-autoalginit" => \$no_autoalginit, + "no-autoerrinit" => \$no_autoerrinit, "just-ssl" => [\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast, \$no_md2, \$no_mdc2, \$no_dsa, \$no_dh, -- 2.25.1