3-May-99 17:45 you wrote:
> According to Khimenko Victor:
>> 1. OpenSSL must go in /usr/lib and NOT in /usr/local/<something>,
>> OpenSSL programs must be put in /usr/bin and includes in /usr/include or
>> subdirectory under /usr/include...
>> 3. Configuration files must be put in /etc instead
>> ("/etc contains configuration files and directories that are specific to
>> the current system. No binaries should be located under /etc.")
> Doesn't something like ./config --prefix=/usr --openssldir=/etc/openssl
> do what you want?
Well, Almost. Still this will lead to /etc/openssl/lib/openssl.cnf and it
looks little ugly :-( Of course I can just use patch like it was done with
SSLeay 0.9.0b..OpenSSL 0.9.2b ...
-- apps/ca.c --
...
#define CONFIG_FILE "lib/openssl.cnf"
...
if (configfile == NULL)
{
/* We will just use 'buf[0]' as a temporary buffer. */
strncpy(buf[0],X509_get_default_cert_area(),
sizeof(buf[0])-2-sizeof(CONFIG_FILE));
strcat(buf[0],"/");
strcat(buf[0],CONFIG_FILE);
configfile=buf[0];
}
...
-- apps/openssl.c --
...
/* Lets load up our environment a little */
p=getenv("OPENSSL_CONF");
if (p == NULL)
p=getenv("SSLEAY_CONF");
if (p == NULL)
{
strcpy(config_name,X509_get_default_cert_area());
strcat(config_name,"/lib/");
strcat(config_name,OPENSSL_CONF);
p=config_name;
}
...
-- apps/req.c --
...
/* Lets load up our environment a little */
p=getenv("OPENSSL_CONF");
if (p == NULL)
p=getenv("SSLEAY_CONF");
if (p == NULL)
{
strcpy(config_name,X509_get_default_cert_area());
strcat(config_name,"/lib/");
strcat(config_name,OPENSSL_CONF);
p=config_name;
}
...
-- cut --
BTW I can not understood why ca.c uses it's own definition of CONFIG_FILE
and it's own way to create config file name but it's not a big deal...
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
