NetBSD/lib/libcrypto/man/OPENSSL_config.3

.\"	$NetBSD: OPENSSL_config.3,v 1.1 2004/03/20 21:48:46 groo Exp $
.\"
.\" Automatically generated by Pod::Man version 1.15
.\" Sat Mar 20 16:41:01 2004
.\"
.\" Standard preamble:
.\" ======================================================================
.de Sh \" Subsection heading
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R

.fi
..
.\" Set up some character translations and predefined strings.  \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote.  | will give a
.\" real vertical bar.  \*(C+ will give a nicer C++.  Capital omega is used
.\" to do unbreakable dashes and therefore won't be available.  \*(C` and
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
.tr \(*W-|\(bv\*(Tr
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
.    ds -- \(*W-
.    ds PI pi
.    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
.    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
.    ds L" ""
.    ds R" ""
.    ds C` ""
.    ds C' ""
'br\}
.el\{\
.    ds -- \|\(em\|
.    ds PI \(*p
.    ds L" ``
.    ds R" ''
'br\}
.\"
.\" If the F register is turned on, we'll generate index entries on stderr
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
.\" index entries marked with X<> in POD.  Of course, you'll have to process
.\" the output yourself in some meaningful fashion.
.if \nF \{\
.    de IX
.    tm Index:\\$1\t\\n%\t"\\$2"
..
.    nr % 0
.    rr F
.\}
.\"
.\" For nroff, turn off justification.  Always turn off hyphenation; it
.\" makes way too many mistakes in technical documents.
.hy 0
.if n .na
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear.  Run.  Save yourself.  No user-serviceable parts.
.bd B 3
.    \" fudge factors for nroff and troff
.if n \{\
.    ds #H 0
.    ds #V .8m
.    ds #F .3m
.    ds #[ \f1
.    ds #] \fP
.\}
.if t \{\
.    ds #H ((1u-(\\\\n(.fu%2u))*.13m)
.    ds #V .6m
.    ds #F 0
.    ds #[ \&
.    ds #] \&
.\}
.    \" simple accents for nroff and troff
.if n \{\
.    ds ' \&
.    ds ` \&
.    ds ^ \&
.    ds , \&
.    ds ~ ~
.    ds /
.\}
.if t \{\
.    ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
.    ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
.    ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
.    ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
.    ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
.    ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
.    \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
.    \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
.    \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
.    ds : e
.    ds 8 ss
.    ds o a
.    ds d- d\h'-1'\(ga
.    ds D- D\h'-1'\(hy
.    ds th \o'bp'
.    ds Th \o'LP'
.    ds ae ae
.    ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ======================================================================
.\"
.IX Title "OPENSSL_config 3"
.TH OPENSSL_config 3 "0.9.7d" "2004-03-19" "OpenSSL"
.UC
.SH "NAME"
OPENSSL_config, OPENSSL_no_config \- simple OpenSSL configuration functions
.SH "LIBRARY"
libcrypto, -lcrypto
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/conf.h>
.Ve
.Vb 2
\& void OPENSSL_config(const char *config_name);
\& void OPENSSL_no_config(void);
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
\&\fIOPENSSL_config()\fR configures OpenSSL using the standard \fBopenssl.cnf\fR
configuration file name using \fBconfig_name\fR. If \fBconfig_name\fR is \s-1NULL\s0 then
the default name \fBopenssl_conf\fR will be used. Any errors are ignored. Further
calls to \fIOPENSSL_config()\fR will have no effect. The configuration file format
is documented in the conf(5) manual page.
.PP
\&\fIOPENSSL_no_config()\fR disables configuration. If called before \fIOPENSSL_config()\fR
no configuration takes place.
.SH "NOTES"
.IX Header "NOTES"
It is \fBstrongly\fR recommended that \fBall\fR new applications call \fIOPENSSL_config()\fR
or the more sophisticated functions such as \fICONF_modules_load()\fR during
initialization (that is before starting any threads). By doing this
an application does not need to keep track of all configuration options
and some new functionality can be supported automatically.
.PP
It is also possible to automatically call \fIOPENSSL_config()\fR when an application
calls \fIOPENSSL_add_all_algorithms()\fR by compiling an application with the
preprocessor symbol \fB\s-1OPENSSL_LOAD_CONF\s0\fR #define'd. In this way configuration
can be added without source changes.
.PP
The environment variable \fB\s-1OPENSSL_CONFIG\s0\fR can be set to specify the location
of the configuration file.
.PP
Currently \s-1ASN1\s0 OBJECTs and \s-1ENGINE\s0 configuration can be performed future
versions of OpenSSL will add new configuration options.
.PP
There are several reasons why calling the OpenSSL configuration routines is
advisable. For example new \s-1ENGINE\s0 functionality was added to OpenSSL 0.9.7.
In OpenSSL 0.9.7 control functions can be supported by ENGINEs, this can be
used (among other things) to load dynamic ENGINEs from shared libraries (DSOs).
However very few applications currently support the control interface and so
very few can load and use dynamic ENGINEs. Equally in future more sophisticated
ENGINEs will require certain control operations to customize them. If an
application calls \fIOPENSSL_config()\fR it doesn't need to know or care about
\&\s-1ENGINE\s0 control operations because they can be performed by editing a
configuration file.
.PP
Applications should free up configuration at application closedown by calling
\&\fICONF_modules_free()\fR.
.SH "RESTRICTIONS"
.IX Header "RESTRICTIONS"
The \fIOPENSSL_config()\fR function is designed to be a very simple \*(L"call it and
forget it\*(R" function. As a result its behaviour is somewhat limited. It ignores
all errors silently and it can only load from the standard configuration file
location for example.
.PP
It is however \fBmuch\fR better than nothing. Applications which need finer
control over their configuration functionality should use the configuration
functions such as \fICONF_load_modules()\fR directly.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
Neither \fIOPENSSL_config()\fR nor \fIOPENSSL_no_config()\fR return a value.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
conf(5), CONF_load_modules_file(3),
\&\fICONF_modules_free\fR\|(3),CONF_modules_free(3)
.SH "HISTORY"
.IX Header "HISTORY"
\&\fIOPENSSL_config()\fR and \fIOPENSSL_no_config()\fR first appeared in OpenSSL 0.9.7