Changes between 1.1.1 and 3.0.0 [xx XXX xxxx]
- *) Added support for enabling instrumentation through trace output.
- This is left to application control, by allowing it to register BIOs as
- channels for a number of tracing and debugging categories.
+ *) Added a new generic trace API which provides support for enabling
+ instrumentation through trace output. This feature is mainly intended
+ as an aid for developers and is disabled by default. To utilize it,
+ OpenSSL needs to be configured with the `enable-trace` option.
+
+ If the tracing API is enabled, the application can activate trace output
+ by registering BIOs as trace channels for a number of tracing and debugging
+ categories.
The 'openssl' application has been expanded to enable any of the types
available via environment variables defined by the user, and serves as
"ssl-trace" => "default",
"ssl3" => "default",
"ssl3-method" => "default",
+ "trace" => "default",
"ubsan" => "default",
"unit-test" => "default",
"weak-ssl-ciphers" => "default",
require additional system-dependent options! See "Note on
multi-threading" below.
+ enable-trace
+ Build with support for the integrated tracing api. See manual pages
+ OSSL_trace_set_channel(3) and OSSL_trace_enabled(3) for details.
+
no-ts
Don't build Time Stamping Authority support.
OpenSSL functionality, either in OpenSSL itself or in engine modules
or similar.
-If operational (see L</NOTES> below), these functions are used to
+If tracing is enabled (see L</NOTES> below), these functions are used to
generate free text tracing output.
The tracing output is divided into types which are enabled
OSSL_trace_end(OSSL_TRACE_CATEGORY_TLS, trace);
}
-=head2 Tracing disabled
+=head2 Configure Tracing
-The OpenSSL library may be built with tracing disabled, which makes
-everything documented here inoperational.
+By default, the OpenSSL library is built with tracing disabled. To
+use the tracing functionality documented here, it is therefore
+necessary to configure and build OpenSSL with the 'enable-trace' option.
When the library is built with tracing disabled:
=head1 NOTES
-=head2 Tracing disabled
+=head2 Configure Tracing
-The OpenSSL library may be built with tracing disabled, which makes
-everything documented here inoperational.
+By default, the OpenSSL library is built with tracing disabled. To
+use the tracing functionality documented here, it is therefore
+necessary to configure and build OpenSSL with the 'enable-trace' option.
When the library is built with tracing disabled, the macro
C<OPENSSL_NO_TRACE> is defined in C<openssl/opensslconf.h> and all
projects / oweals / openssl.git / commitdiff