From: Dr. Stephen Henson <steve@openssl.org>
Date: Tue, 6 Apr 2010 15:03:27 +0000 (+0000)
Subject: Remove obsolete PRNG note. Add comment about use of SHA256 et al.
X-Git-Tag: OpenSSL-fips-2_0-rc1~1150
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=d4a45bf31a19b7f5256a5239815b03f793d1d1d6;p=oweals%2Fopenssl.git

Remove obsolete PRNG note. Add comment about use of SHA256 et al.
---

diff --git a/doc/ssl/SSL_library_init.pod b/doc/ssl/SSL_library_init.pod
index eed526e47e..e7fbefbfac 100644
--- a/doc/ssl/SSL_library_init.pod
+++ b/doc/ssl/SSL_library_init.pod
@@ -15,7 +15,7 @@ SSL_library_init, OpenSSL_add_ssl_algorithms, SSLeay_add_ssl_algorithms
 
 =head1 DESCRIPTION
 
-SSL_library_init() registers the available ciphers and digests.
+SSL_library_init() registers the available SSL/TLS ciphers and digests.
 
 OpenSSL_add_ssl_algorithms() and SSLeay_add_ssl_algorithms() are synonyms
 for SSL_library_init().
@@ -27,9 +27,10 @@ SSL_library_init() is not reentrant.
 
 =head1 WARNING
 
-SSL_library_init() only registers ciphers. Another important initialization
-is the seeding of the PRNG (Pseudo Random Number Generator), which has to
-be performed separately.
+SSL_library_init() mainly adds ciphers and digests used directly by SSL/TLS.
+In some cases this is not sufficient and errors about unknown algorithms
+will occur: for example when an attempt is made to use a certificate using
+SHA256. This can be resolved by also calling OpenSSL_add_all_algorithms().
 
 =head1 EXAMPLES