Add an OPENSSL_NO_AUTOERRINIT option

This option disables automatic loading of the crypto/ssl error strings in
order to keep statically linked executable file size down

Reviewed-by: Richard Levitte <levitte@openssl.org>

diff --git a/Configure b/Configure
index ba21c4f85fe4dd9105c12f8a68af2ac391d49176..c81a66157e0795eb45a0a997d3785952a75faa0e 100755 (executable)
--- a/Configure
+++ b/Configure
@@ -228,6 +228,7 @@ my @disablables = (
     "asm",
     "async",
     "autoalginit",
+    "autoerrinit",
     "bf",
     "camellia",
     "capieng",
@@ -743,7 +744,7 @@ foreach (sort (keys %disabled))
                ($ALGO = $algo = $_) =~ tr/[\-a-z]/[_A-Z]/;
 
                if (/^asm$/ || /^err$/ || /^hw$/ || /^hw-/ || /^async$/
-                               || /^autoalginit/)
+                               || /^autoalginit/ || /^autoerrinit/)
                        {
                        push @{$config{openssl_other_defines}}, "OPENSSL_NO_$ALGO";
                        print " OPENSSL_NO_$ALGO";

diff --git a/crypto/init.c b/crypto/init.c
index 856b06afddde245888dd8e1e14de83a28f27ad7c..bce8438b9561d9b02515009e6223eb613606c001 100644 (file)
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -282,7 +282,11 @@ static void ossl_init_no_load_crypto_strings(void)
 
 static void ossl_init_load_crypto_strings(void)
 {
-#ifndef OPENSSL_NO_ERR
+    /*
+     * OPENSSL_NO_AUTOERRINIT is provided here to prevent at compile time
+     * pulling in all the error strings during static linking
+     */
+#if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT)
 # ifdef OPENSSL_INIT_DEBUG
     fprintf(stderr, "OPENSSL_INIT: ossl_init_load_crypto_strings: "
                     "err_load_crypto_strings_intern()\n");

diff --git a/ssl/ssl_init.c b/ssl/ssl_init.c
index f1014135a15b3d87c57e49c370b40a7cb9409fd5..1bccba1cd85aa2dd62d62e012615b050b28d6618 100644 (file)
--- a/ssl/ssl_init.c
+++ b/ssl/ssl_init.c
@@ -253,11 +253,17 @@ static OPENSSL_INIT_ONCE ssl_strings = OPENSSL_INIT_ONCE_STATIC_INIT;
 static int ssl_strings_inited = 0;
 static void ossl_init_load_ssl_strings(void)
 {
-#ifdef OPENSSL_INIT_DEBUG
+    /*
+     * OPENSSL_NO_AUTOERRINIT is provided here to prevent at compile time
+     * pulling in all the error strings during static linking
+     */
+#if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT)
+# ifdef OPENSSL_INIT_DEBUG
         fprintf(stderr, "OPENSSL_INIT: ossl_init_load_ssl_strings: "
                         "ERR_load_SSL_strings()\n");
-#endif
+# endif
     ERR_load_SSL_strings();
+#endif
     ssl_strings_inited = 1;
 }
 

diff --git a/util/mk1mf.pl b/util/mk1mf.pl
index e7cbea883d66d109d70af4aad99927a54e28543d..1e72b9003b5f6050c531e57e9b3433d43b51090a 100755 (executable)
--- a/util/mk1mf.pl
+++ b/util/mk1mf.pl
@@ -144,6 +144,7 @@ and [options] can be one of
        no-hw                                   - No hw
        no-async                                - No Async (use NULL)
        no-autoalginit                          - Don't auto load algorithms in libcrypto
+       no-autoerrinit                          - Don't auto load error strings for libcrypto or libssl
        nasm                                    - Use NASM for x86 asm
        nw-nasm                                 - Use NASM x86 asm for NetWare
        nw-mwasm                                - Use Metrowerks x86 asm for NetWare
@@ -300,6 +301,7 @@ $cflags.=" -DOPENSSL_NO_ENGINE"   if $no_engine;
 $cflags.=" -DOPENSSL_NO_HW"   if $no_hw;
 $cflags.=" -DOPENSSL_NO_ASYNC" if $no_async;
 $cflags.=" -DOPENSSL_NO_AUTOALGINIT" if $no_autoalginit;
+$cflags.=" -DOPENSSL_NO_AUTOERRINIT" if $no_autoerrinit;
 $cflags.=" -DOPENSSL_FIPS"    if $fips;
 $cflags.=" -DOPENSSL_NO_JPAKE"    if $no_jpake;
 $cflags.=" -DOPENSSL_NO_EC2M"    if $no_ec2m;
@@ -1417,6 +1419,7 @@ sub read_options
                "no-hw" => \$no_hw,
                "no-async" => \$no_async,
                "no-autoalginit" => \$no_autoalginit,
+               "no-autoerrinit" => \$no_autoerrinit,
                "just-ssl" =>
                        [\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast,
                          \$no_md2, \$no_mdc2, \$no_dsa, \$no_dh,