OPENSSL_config, OPENSSL_no_config - simple OpenSSL configuration functions
void OPENSSL_config(const char *config_name);
OPENSSL_config() configures OpenSSL using the standard openssl.cnf
configuration file name using config_name. If config_name is NULL then the default name openssl_conf will be used. Any errors are ignored. Further calls to
OPENSSL_config() will have no effect. The configuration file
format is documented in the conf(5) manual page.
OPENSSL_no_config() disables configuration. If called before
OPENSSL_config() no configuration takes place.
It is strongly recommended that all new applications call
OPENSSL_config() or the more
sophisticated functions such as
initialization (that is before starting any threads). By doing this an
application does not need to keep track of all configuration options and
some new functionality can be supported automatically.
It is also possible to automatically call
when an application calls
compiling an application with the preprocessor symbol OPENSSL_LOAD_CONF #define'd. In this way configuration can be added without source changes.
The environment variable OPENSSL_CONF can be set to specify the location of the configuration file. Currently
ASN1 OBJECTs and ENGINE configuration can be performed future versions of
OpenSSL will add new configuration options.
There are several reasons why calling the OpenSSL configuration routines is
advisable. For example new ENGINE functionality was added to OpenSSL 0.9.7.
In OpenSSL 0.9.7 control functions can be supported by ENGINEs, this can be
used (among other things) to load dynamic ENGINEs from shared libraries
(DSOs). However very few applications currently support the control
interface and so very few can load and use dynamic ENGINEs. Equally in
future more sophisticated ENGINEs will require certain control operations
to customize them. If an application calls
doesn't need to know or care about ENGINE control operations because they
can be performed by editing a configuration file.
Applications should free up configuration at application closedown by
OPENSSL_config() function is designed to be a very simple
``call it and forget it'' function. As a result its behaviour is somewhat
limited. It ignores all errors silently and it can only load from the
standard configuration file location for example.
It is however much better than nothing. Applications which need finer control over their
configuration functionality should use the configuration functions such as
return a value.
appeared in OpenSSL 0.9.7