diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2010-04-07 13:18:07 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2010-04-07 13:18:07 +0000 |
commit | c0b8eb606fc6e31bff2f7ceadcd8441a646fdcee (patch) | |
tree | af479d0ffbc5c12602481abd389b44e10acd64a8 /doc | |
parent | d4a45bf31a19b7f5256a5239815b03f793d1d1d6 (diff) | |
download | openssl-c0b8eb606fc6e31bff2f7ceadcd8441a646fdcee.tar.gz |
Add SHA2 algorithms to SSL_library_init(). Although these aren't used
directly by SSL/TLS SHA2 certificates are becoming more common and
applications that only call SSL_library_init() and not
OpenSSL_add_all_alrgorithms() will fail when verifying certificates.
Update docs.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/ssl/SSL_library_init.pod | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/doc/ssl/SSL_library_init.pod b/doc/ssl/SSL_library_init.pod index e7fbefbfac..8766776fea 100644 --- a/doc/ssl/SSL_library_init.pod +++ b/doc/ssl/SSL_library_init.pod @@ -27,25 +27,28 @@ SSL_library_init() is not reentrant. =head1 WARNING -SSL_library_init() mainly adds ciphers and digests used directly by SSL/TLS. -In some cases this is not sufficient and errors about unknown algorithms -will occur: for example when an attempt is made to use a certificate using -SHA256. This can be resolved by also calling OpenSSL_add_all_algorithms(). +SSL_library_init() adds ciphers and digests used directly and indirectly by +SSL/TLS. =head1 EXAMPLES A typical TLS/SSL application will start with the library initialization, -will provide readable error messages and will seed the PRNG. +and provide readable error messages. SSL_load_error_strings(); /* readable error messages */ SSL_library_init(); /* initialize library */ - actions_to_seed_PRNG(); =head1 RETURN VALUES SSL_library_init() always returns "1", so it is safe to discard the return value. +=head1 NOTES + +OpenSSL 0.9.8o and 1.0.0a and later added SHA2 algorithms to SSL_library_init(). +Applications which need to use SHA2 in earlier versions of OpenSSL should call +OpenSSL_add_all_algorithms() as well. + =head1 SEE ALSO L<ssl(3)|ssl(3)>, L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>, |