Re: Ciphers provided by engine not accessible...?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 22 Jul 2019 21:17:01 +0200,
Blumenthal, Uri - 0553 - MITLL wrote:
> 
> Turned out the failure was my misconfiguration - but the "config"
> man page doesn't seem to describe the *exact* order of the
> statements/sections.

It does, but perhaps not in a way you expected.  Here's a paragraph
from config(5), about the so called default section:

       The first section of a configuration file is special and is referred to
       as the default section. This section is usually unnamed and spans from
       the start of file until the first named section. When a name is being
       looked up it is first looked up in a named section (if any) and then
       the default section.

"start of the file until the first section" is key.  This is found
fairly early in the description.

And then, early in "OPENSSL_LIBRARY CONFIGURATION":

       To enable library configuration the default section needs to contain an
       appropriate line which points to the main configuration section. The
       default name is openssl_conf which is used by the openssl utility.
       Other applications may use an alternative name such as
       myapplication_conf.  All library configuration lines appear in the
       default section at the start of the configuration file.

"the default section" is key.

So the "openssl_conf = openssl_init" line must be early in the config
file.  The order of the different named sections doesn't (or
shouldn't) really matter.

Cheers,
Richard

-- 
Richard Levitte         levitte@xxxxxxxxxxx
OpenSSL Project         http://www.openssl.org/~levitte/



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux