On Fri, Aug 16, 2013 at 02:44:23PM +0000, Viktor Dukhovni wrote: > On Fri, Aug 16, 2013 at 07:17:22AM -0700, Thomas J. Hruska wrote: > > I think a lot of the init logic heralds from the original SSLeay > > days. There seems to be intent that initialization is supposed to > > happen in main() in the application and libraries shouldn't be > > calling initialization routines in OpenSSL. > > This is a big problem, when main() has no knowledge of OpenSSL, > rather OpenSSL is used indirectly via an intermediate library, that > may even be dynamically loaded (e.g. Java dynamically loading > GSSAPI, with Heimdal's GSS library using OpenSSL).
Right! > Now it is certainly not appropriate for other libraries to call > OpenSSL one-time initialization functions. The result is a mess. Exactly. > Therefore, it is probably time to consider moving the OpenSSL > library initialization code into OpenSSL itself, with the set of > ciphers and digests to initialize by default as well as the thread > locking mechanism chosen at compile time. But would patches for this be welcomed? Nico -- ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
