disable features

Johan Adolfsson johan.adolfsson at axis.com
Wed Oct 24 20:03:20 EST 2001

For embedded applications the size matters, 
we're talking ~2MB flash memory and 8-16 MB RAM, 
not 10GB harddisks and >64MB :-)
so I would like to see this included. 

I agree that the options in OpenSSL is sort of a pain in the a**, 
but the problem is to find all the possible fetures you can turn 
off and still get a usable system (e.g. for https usage and still be 
compatible with the majority of browsers) :-)

----- Original Message ----- 
From: Lutz Jaenicke <Lutz.Jaenicke at aet.TU-Cottbus.DE>
To: <openssh-unix-dev at mindrot.org>; <openssh at openbsd.org>
Sent: Wednesday, October 24, 2001 11:46
Subject: Re: disable features

> On Wed, Oct 24, 2001 at 10:30:51AM +0200, Markus Friedl wrote:
> > this (uncomplete) patch makes various features compile time
> > options and saves up to 24K in the resulting
> > ssh/sshd binaries. i don't know whether this
> > should be added to the CVS since it makes
> > the code less readable.
> Please allow me a personal comment:
> OpenSSL is full of options like these (even though they are treated
> the other way round: we have NO_* options to explicitly disable
> features). If you ask me: it is pain in the a*. Don't do it, if
> it is not really necessary for a particular reason, say patents.
> Fortunately, 99% of all OpenSSL users compile without touching these
> options, just on some platforms some features are not supported.
> I am too lazy to check out the reducement in size and while I hate
> creeping featurism, I do think that the tradeoff between size of
> the executables and simplicity (and readability) of the code in this
> case is not worth the hassle. It is more or less impossible to buy
> harddisks below 10GB these days. (Well, I am writing this message
> in front of a 10 year old HP-9000/710 with 50MHz and 64MB RAM, but
> I still don't care about the 24k you mention :-)
> Consider a ssh[d] that has been compiled without X11 forwarding.
> Will it require a special ssh[d]_config without the X11Forwarding
> keyword (because X11 forwarding is not supported and it should thus
> trigger an error message if used)? It will mean that we will not only
> have to ask for platforms when bugs are reported but also have to consider
> that some option was (not) compiled in...
> > perhaps WITH_COMPRESSION should be added, since
> > it removes the dependency on libz
> Maybe yes. However: on all platforms currently supported by OpenSSH
> libz is available anyway...
> Just speaking for myself,
> Lutz
> -- 
> Lutz Jaenicke                             Lutz.Jaenicke at aet.TU-Cottbus.DE
> BTU Cottbus               http://www.aet.TU-Cottbus.DE/personen/jaenicke/
> Lehrstuhl Allgemeine Elektrotechnik                  Tel. +49 355 69-4129
> Universitaetsplatz 3-4, D-03044 Cottbus              Fax. +49 355 69-4153

More information about the openssh-unix-dev mailing list