Configurable build variables

Question

Configurable build variables

petreeftime opened this issue 5 years ago · 2 comments

When compiling this crate there's no way to specify any build configuration for OpenSSL. Being able to specify the build configuration allows building a more hardened version of OpenSSL when some features are not required. This means both no-* configuration flags (for example, no-rc2), as well as -D configuration flags (for example -DOPENSSL_NO_HEARTBEATS). This feature would also need to be made available from the openssl crate.

Answer 1 · 2020-03-20T14:11:48.000Z

Another option would be to have a more hardened configuration by default, but that might not be a good fit for everyone.

Answer 2 · 2020-07-11T15:05:14.000Z

I've added a PR that removes a bunch of the weak crypto algorithms that are not directly exposed by the openssl crate: #68.