diff options
| -rw-r--r-- | crypto/conf/conf_sap.c | 18 | ||||
| -rw-r--r-- | doc/crypto/OPENSSL_config.pod | 10 |
2 files changed, 6 insertions, 22 deletions
diff --git a/crypto/conf/conf_sap.c b/crypto/conf/conf_sap.c index a3e78961e3..544fe97387 100644 --- a/crypto/conf/conf_sap.c +++ b/crypto/conf/conf_sap.c @@ -86,24 +86,10 @@ void OPENSSL_config(const char *config_name) /* Need to load ENGINEs */ ENGINE_load_builtin_engines(); #endif - /* Add others here? */ - ERR_clear_error(); - if (CONF_modules_load_file(NULL, config_name, + CONF_modules_load_file(NULL, config_name, CONF_MFLAGS_DEFAULT_SECTION | - CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) { - BIO *bio_err; - ERR_load_crypto_strings(); - if ((bio_err = BIO_new_fp(stderr, BIO_NOCLOSE)) != NULL) { - BIO_printf(bio_err, "Auto configuration failed\n"); - ERR_print_errors(bio_err); - BIO_free(bio_err); - } - fprintf(stderr, "OpenSSL could not auto-configure.\n"); - exit(1); - } - - return; + CONF_MFLAGS_IGNORE_MISSING_FILE); } void OPENSSL_no_config() diff --git a/doc/crypto/OPENSSL_config.pod b/doc/crypto/OPENSSL_config.pod index fefe293605..91d61f3f51 100644 --- a/doc/crypto/OPENSSL_config.pod +++ b/doc/crypto/OPENSSL_config.pod @@ -17,8 +17,7 @@ OPENSSL_config() configures OpenSSL using the standard B<openssl.cnf> configuration file name using B<config_name>. If B<config_name> is NULL then the file specified in the environment variable B<OPENSSL_CONF> will be used, and if that is not set then a system default location is used. -In case of error, a message is printed to B<stderr> and the routine -exit's. +Errors are silently ignored. Multiple calls have no effect. OPENSSL_no_config() disables configuration. If called before OPENSSL_config() @@ -37,10 +36,9 @@ The OPENSSL_config() function is designed to be a very simple "call it and forget it" function. It is however B<much> better than nothing. Applications which need finer control over their configuration functionality should use the configuration -functions such as CONF_modules_load() directly. - -It is B<strongly> recommended that B<all> new applications call -CONF_modules_load() during +functions such as CONF_modules_load() directly. This function is deprecated +and its use should be avoided. +Applications should instead call CONF_modules_load() during initialization (that is before starting any threads). There are several reasons why calling the OpenSSL configuration routines is |