On Fri, Jun 16, 2006 at 12:22:31PM -0700, Justin Erenkrantz wrote:
...
> If there's a reason or rationale to use a particular init sequence,
> I'd love to know.
It's sufficient to just call SSL_load_error_strings for error string
initialization; that function itself calls ERR_load_crypto_strings (and
ERR_load_ssl_strings) so calling both is redundant.
SSL_library_init(3) recommends the init sequence of just
SSL_load_error_strings then SSL_library_init. It's definitely necessary
to call the latter at some point - from looking at OpenSSL 0.9.8a at
least there is work done in there which is not done anywhere else.
CRYPTO_malloc_init looks like it will only make a difference on Win32
but I suppose should be called first if used at all.
So, I guess the recommended init sequence would be:
CRYPTO_malloc_init();
SSL_load_error_strings();
SSL_library_init();
OpenSSL_add_all_algorithms();
But like you say this doesn't cover the thread-safety stuff; also some
of the ENGINE stuff is process-global IIRC. All hail global state :(
joe
