[tor-dev] Size issues with Orbot statically linking OpenSSL

Nathan Freitas nathan at freitas.net
Sun Jan 15 14:50:06 UTC 2012

With the recent problems related to SSLv3 with versions of OpenSSL less
than 1.0.0f, we have been investigating how to deal with this on Android
for Orbot. Historically, we have used the version of OpenSSL provided by
the Android device itself, which has ranged from 0.9.8 to 1.0.0e (the
latest on ICS 4.0).

We have now produced a build of OpenSSL 1.0.0f with the necessary
Android patches, and statically linked this into the Tor binary we ship
inside of Orbot. (We already do this for LibEvent, since that is not
included in Android itself). With both OpenSSL and LibEvent linked, the
Tor binary increases from 3MB to about 8MB.

8MB is not terrible, but once you include the Orbot app, Privoxy and
other files, we are getting into the 10MB+ range.

I think this is all fine, and we can enable users to run the app from a
secured partition on their external storage, but I did just want to run
this by all of you to see if there are any options for limiting the size
of libssl.a and libcrypto.a, and the resulting Tor binary.



More information about the tor-dev mailing list