apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <jor...@redhat.com>
Subject Re: [PROPOSAL/PATCH] add ssl sockets
Date Sat, 17 Jun 2006 15:58:57 GMT
On Fri, Jun 16, 2006 at 12:22:31PM -0700, Justin Erenkrantz wrote:
...
> If there's a reason or rationale to use a particular init sequence,
> I'd love to know.

It's sufficient to just call SSL_load_error_strings for error string 
initialization; that function itself calls ERR_load_crypto_strings (and 
ERR_load_ssl_strings) so calling both is redundant.

SSL_library_init(3) recommends the init sequence of just 
SSL_load_error_strings then SSL_library_init.  It's definitely necessary 
to call the latter at some point - from looking at OpenSSL 0.9.8a at 
least there is work done in there which is not done anywhere else.

CRYPTO_malloc_init looks like it will only make a difference on Win32 
but I suppose should be called first if used at all.

So, I guess the recommended init sequence would be:

    CRYPTO_malloc_init();
    SSL_load_error_strings();
    SSL_library_init();
    OpenSSL_add_all_algorithms();

But like you say this doesn't cover the thread-safety stuff; also some 
of the ENGINE stuff is process-global IIRC.  All hail global state :(

joe

Mime
View raw message