/* Need to load ENGINEs */
ENGINE_load_builtin_engines();
#endif
- /* Add others here? */
-
ERR_clear_error();
- if (CONF_modules_load_file(NULL, config_name,
+ CONF_modules_load_file(NULL, config_name,
CONF_MFLAGS_DEFAULT_SECTION |
- CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
- BIO *bio_err;
- ERR_load_crypto_strings();
- if ((bio_err = BIO_new_fp(stderr, BIO_NOCLOSE)) != NULL) {
- BIO_printf(bio_err, "Auto configuration failed\n");
- ERR_print_errors(bio_err);
- BIO_free(bio_err);
- }
- exit(1);
- }
-
- return;
+ CONF_MFLAGS_IGNORE_MISSING_FILE);
}
void OPENSSL_no_config()
OPENSSL_config() configures OpenSSL using the standard B<openssl.cnf>
configuration file name using B<config_name>. If B<config_name> is NULL then
-the default name B<openssl_conf> will be used. Any errors are ignored. Further
-calls to OPENSSL_config() will have no effect. The configuration file format
-is documented in the L<conf(5)|conf(5)> manual page.
+the file specified in the environment variable B<OPENSSL_CONF> will be used,
+and if that is not set then a system default location is used.
+Errors are silently ignored.
+Multiple calls have no effect.
OPENSSL_no_config() disables configuration. If called before OPENSSL_config()
no configuration takes place.
=head1 NOTES
-It is B<strongly> recommended that B<all> new applications call OPENSSL_config()
-or the more sophisticated functions such as CONF_modules_load() during
-initialization (that is before starting any threads). By doing this
-an application does not need to keep track of all configuration options
-and some new functionality can be supported automatically.
-
-It is also possible to automatically call OPENSSL_config() when an application
-calls OPENSSL_add_all_algorithms() by compiling an application with the
-preprocessor symbol B<OPENSSL_LOAD_CONF> #define'd. In this way configuration
-can be added without source changes.
-
-The environment variable B<OPENSSL_CONF> can be set to specify the location
-of the configuration file.
-
-Currently ASN1 OBJECTs and ENGINE configuration can be performed future
-versions of OpenSSL will add new configuration options.
+The OPENSSL_config() function is designed to be a very simple "call it and
+forget it" function.
+It is however B<much> better than nothing. Applications which need finer
+control over their configuration functionality should use the configuration
+functions such as CONF_modules_load() directly. This function is deprecated
+and its use should be avoided.
+Applications should instead call CONF_modules_load() during
+initialization (that is before starting any threads).
There are several reasons why calling the OpenSSL configuration routines is
advisable. For example new ENGINE functionality was added to OpenSSL 0.9.7.