diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2010-04-07 13:18:30 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2010-04-07 13:18:30 +0000 |
commit | acc9938ba5aa32fc382399e9a8cbd3a0dea91b34 (patch) | |
tree | 7cbb10a3e789a669409e82a11e854b5d437da27f /doc | |
parent | f6d13ac8cf4cacf4f0150290b4aee67062bfacc7 (diff) |
Add SHA2 algorithms to SSL_library_init(). Although these aren't used
directly by SSL/TLS SHA2 certificates are becoming more common and
applications that only call SSL_library_init() and not
OpenSSL_add_all_alrgorithms() will fail when verifying certificates.
Update docs.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/ssl/SSL_library_init.pod | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/doc/ssl/SSL_library_init.pod b/doc/ssl/SSL_library_init.pod index e7fbefbfac..8766776fea 100644 --- a/doc/ssl/SSL_library_init.pod +++ b/doc/ssl/SSL_library_init.pod @@ -27,25 +27,28 @@ SSL_library_init() is not reentrant. =head1 WARNING -SSL_library_init() mainly adds ciphers and digests used directly by SSL/TLS. -In some cases this is not sufficient and errors about unknown algorithms -will occur: for example when an attempt is made to use a certificate using -SHA256. This can be resolved by also calling OpenSSL_add_all_algorithms(). +SSL_library_init() adds ciphers and digests used directly and indirectly by +SSL/TLS. =head1 EXAMPLES A typical TLS/SSL application will start with the library initialization, -will provide readable error messages and will seed the PRNG. +and provide readable error messages. SSL_load_error_strings(); /* readable error messages */ SSL_library_init(); /* initialize library */ - actions_to_seed_PRNG(); =head1 RETURN VALUES SSL_library_init() always returns "1", so it is safe to discard the return value. +=head1 NOTES + +OpenSSL 0.9.8o and 1.0.0a and later added SHA2 algorithms to SSL_library_init(). +Applications which need to use SHA2 in earlier versions of OpenSSL should call +OpenSSL_add_all_algorithms() as well. + =head1 SEE ALSO L<ssl(3)|ssl(3)>, L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>, |