Opened 3 weeks ago

Last modified 3 weeks ago

#32200 new enhancement

only include required bits of OpenSSL in Android builds

Reported by: eighthave Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-mobile, tbb-rbm
Cc: Actual Points:
Parent ID: #28704 Points:
Reviewer: Sponsor:


I've been doing some experiments to make the Android binaries smaller. One of them is building OpenSSL with as many things as possible turned off. This does make the resulting binary smaller. Here's what I tried:

$ ./Configure \
	no-comp no-dtls no-ec2m no-psk no-srp no-ssl2 no-ssl3 \
	no-camellia no-idea no-md2 no-md4 no-mdc2 no-rc2 no-rc4 no-rc5 no-rmd160 no-whirlpool \
	no-dso no-engine no-hw no-ui-console \
	no-shared no-unit-test \

The open question is whether the test coverage is good enough to know whether this breaks anything.

Additionally, I think Android ndk-build used to 'gcc' "gc sections" to mark unused code blocks which were then stripped out at the end. They seemed to have stopped doing this with clang, but I don't know why. In the past, I have seen the "gc sections" stripping reduce binary size quite a bit.

Also related: I tried building with -Os and -Oz instead of -O2. That made a big difference:

This is related to #28764

Child Tickets

Change History (2)

comment:1 Changed 3 weeks ago by nickm

For what it's worth, I believe that OpenSSL is pretty good about disabling identifiers in the headers when you disable them. If Tor compiles with it, you probably didn't disable anything crucial.

comment:2 Changed 3 weeks ago by gk

Component: - Select a componentApplications/Tor Browser
Keywords: tbb-rbm added; Android removed
Owner: set to tbb-team
Parent ID: #28704
Note: See TracTickets for help on using tickets.