© 2005-2007 Nokia
OPENSSL_config, OPENSSL_no_config — simple OpenSSL configuration functions
libcrypto.lib
#include <openssl/conf.h>
void OPENSSL_config(const char *config_name); void OPENSSL_no_config(void);
OPENSSL_config() configures OpenSSL using the standard openssl.cnf
configuration file name using config_name. If config_name is NULL then
the default name openssl_conf will be used. Any errors are ignored. Further
calls to OPENSSL_config()
will have no effect. The configuration file format
is documented in the conf() manual page.
OPENSSL_no_config() disables configuration. If called before
OPENSSL_config()
no configuration takes place.
It is strongly recommended that all new applications call
OPENSSL_config()
or the more sophisticated functions such as CONF_modules_load()
during
initialization (that is before starting any threads). By doing this
an application does not need to keep track of all configuration options
and some new functionality can be supported automatically.
It is also possible to automatically call
OPENSSL_config() when an application
calls OPENSSL_add_all_algorithms() by compiling an application with the
preprocessor symbol OPENSSL_LOAD_CONF #define'd. In this way configuration
can be added without source changes.
The environment variable OPENSSL_CONF can be set to specify the location of the configuration file.
Currently ASN1 OBJECTs and ENGINE configuration can be performed future versions of OpenSSL will add new configuration options.
There are several reasons why calling the OpenSSL configuration routines is
advisable. For example new ENGINE functionality was added to OpenSSL 0.9.7.
In OpenSSL 0.9.7 control functions can be supported by ENGINEs, this can be
used (among other things) to load dynamic ENGINEs from shared libraries (DSOs).
However very few applications currently support the control interface and so
very few can load and use dynamic ENGINEs. Equally in future more sophisticated
ENGINEs will require certain control operations to customize them. If an
application calls OPENSSL_config() it doesn't need to know or care about
ENGINE control operations because they can be performed by editing a
configuration file.
Applications should free up configuration at application closedown by calling CONF_modules_free().
The OPENSSL_config()
function is designed to be a very simple "call it and
forget it'' function. As a result its behaviour is somewhat limited. It ignores
all errors silently and it can only load from the standard configuration file
location for example.
It is however much better than nothing. Applications which need finer
control over their configuration functionality should use the configuration
functions such as CONF_load_modules() directly.
Neither OPENSSL_config() nor
OPENSSL_no_config() return a value.
conf(), CONF_modules_load_file(), CONF_modules_free()
OPENSSL_config() and
OPENSSL_no_config() first appeared in OpenSSL 0.9.7
For additional information or queries on this page send feedback
|
© 2005-2007 Nokia |
|