Configurable build variables
petreeftime opened this issue · 2 comments
petreeftime commented
When compiling this crate there's no way to specify any build configuration for OpenSSL. Being able to specify the build configuration allows building a more hardened version of OpenSSL when some features are not required. This means both no-* configuration flags (for example, no-rc2), as well as -D configuration flags (for example -DOPENSSL_NO_HEARTBEATS). This feature would also need to be made available from the openssl crate.
petreeftime commented
Another option would be to have a more hardened configuration by default, but that might not be a good fit for everyone.
petreeftime commented
I've added a PR that removes a bunch of the weak crypto algorithms that are not directly exposed by the openssl crate: #68.