only include required bits of OpenSSL in Android builds
I've been doing some experiments to make the Android libtor.so binaries smaller. One of them is building OpenSSL with as many things as possible turned off. This does make the resulting binary smaller. Here's what I tried:
$ ./Configure \
no-comp no-dtls no-ec2m no-psk no-srp no-ssl2 no-ssl3 \
no-camellia no-idea no-md2 no-md4 no-mdc2 no-rc2 no-rc4 no-rc5 no-rmd160 no-whirlpool \
no-dso no-engine no-hw no-ui-console \
no-shared no-unit-test \
The open question is whether the test coverage is good enough to know whether this breaks anything.
Additionally, I think Android ndk-build used to 'gcc' "gc sections" to mark unused code blocks which were then stripped out at the end. They seemed to have stopped doing this with clang, but I don't know why. In the past, I have seen the "gc sections" stripping reduce binary size quite a bit.
Also related: I tried building with -Os
and -Oz
instead of -O2
. That made a big difference:
https://github.com/guardianproject/tor-android/issues/18
This is related to #28764 (moved)