X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=doc%2Fcrypto%2FOPENSSL_config.pod;h=5096faca04fc5a92eea6b1892a3824430ea624c4;hp=888de88f6bbf537f8503d989b873ab6997518c1b;hb=491f3e4e8e4ba8853caa02fbeff51b69768e9646;hpb=184693f4af2846dd89f473482e55df26c428da36 diff --git a/doc/crypto/OPENSSL_config.pod b/doc/crypto/OPENSSL_config.pod index 888de88f6b..5096faca04 100644 --- a/doc/crypto/OPENSSL_config.pod +++ b/doc/crypto/OPENSSL_config.pod @@ -15,31 +15,24 @@ OPENSSL_config, OPENSSL_no_config - simple OpenSSL configuration functions OPENSSL_config() configures OpenSSL using the standard B configuration file name using B. If B is NULL then -the default name B will be used. Any errors are ignored. Further -calls to OPENSSL_config() will have no effect. The configuration file format -is documented in the L manual page. +the file specified in the environment variable B will be used, +and if that is not set then a system default location is used. +Errors are silently ignored. +Multiple calls have no effect. OPENSSL_no_config() disables configuration. If called before OPENSSL_config() no configuration takes place. =head1 NOTES -It is B recommended that B new applications call OPENSSL_config() -or the more sophisticated functions such as CONF_modules_load() during -initialization (that is before starting any threads). By doing this -an application does not need to keep track of all configuration options -and some new functionality can be supported automatically. - -It is also possible to automatically call OPENSSL_config() when an application -calls OPENSSL_add_all_algorithms() by compiling an application with the -preprocessor symbol B #define'd. In this way configuration -can be added without source changes. - -The environment variable B can be set to specify the location -of the configuration file. - -Currently ASN1 OBJECTs and ENGINE configuration can be performed future -versions of OpenSSL will add new configuration options. +The OPENSSL_config() function is designed to be a very simple "call it and +forget it" function. +It is however B better than nothing. Applications which need finer +control over their configuration functionality should use the configuration +functions such as CONF_modules_load() directly. This function is deprecated +and its use should be avoided. +Applications should instead call CONF_modules_load() during +initialization (that is before starting any threads). There are several reasons why calling the OpenSSL configuration routines is advisable. For example new ENGINE functionality was added to OpenSSL 0.9.7.