More configurable crypto and ssl library initialization
authorViktor Dukhovni <openssl-users@dukhovni.org>
Tue, 1 Jan 2019 07:53:24 +0000 (02:53 -0500)
committerViktor Dukhovni <openssl-users@dukhovni.org>
Mon, 7 Jan 2019 18:53:52 +0000 (13:53 -0500)
commit25eb9299cec4404a4cdf3167056bd147af2582f3
tree5ac56b44b67281dc303b00d583418362182cc790
parent1bfd76b3afa0abc275e9a60ee0ea7b22c4fb842a
More configurable crypto and ssl library initialization

1.  In addition to overriding the default application name,
    one can now also override the configuration file name
    and flags passed to CONF_modules_load_file().

2.  By default we still keep going when configuration file
    processing fails.  But, applications that want to be
    strict about initialization errors can now make explicit
    flag choices via non-null OPENSSL_INIT_SETTINGS that omit
    the CONF_MFLAGS_IGNORE_RETURN_CODES flag (which had so far
    been both undocumented and unused).

3.  In OPENSSL_init_ssl() do not request OPENSSL_INIT_LOAD_CONFIG
    if the options already include OPENSSL_INIT_NO_LOAD_CONFIG.

4.  Don't set up atexit() handlers when called with opts equal to
    OPENSSL_INIT_BASE_ONLY (this flag should only be used alone).

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7969)
crypto/conf/conf_lib.c
crypto/conf/conf_mod.c
crypto/conf/conf_sap.c
crypto/err/err.c
crypto/init.c
doc/man3/CONF_modules_load_file.pod
doc/man3/OPENSSL_init_crypto.pod
include/internal/conf.h
include/openssl/crypto.h
ssl/ssl_init.c
util/libcrypto.num