1OPENSSL_INIT_CRYPTO(3) OpenSSL OPENSSL_INIT_CRYPTO(3)
2
6 OPENSSL_INIT_new, OPENSSL_INIT_set_config_appname, OPENSSL_INIT_free,
7 OPENSSL_init_crypto, OPENSSL_cleanup, OPENSSL_atexit,
8 OPENSSL_thread_stop - OpenSSL initialisation and deinitialisation
9 functions
10
12 #include <openssl/crypto.h>
13 void OPENSSL_cleanup(void);
15 int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
16 int OPENSSL_atexit(void (*handler)(void));
17 void OPENSSL_thread_stop(void);
18 OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void);
20 int OPENSSL_INIT_set_config_appname(OPENSSL_INIT_SETTINGS *init,
21 const char* name);
22 void OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *init);
23
25 During normal operation OpenSSL (libcrypto) will allocate various
26 resources at start up that must, subsequently, be freed on close down
27 of the library. Additionally some resources are allocated on a per
28 thread basis (if the application is multi-threaded), and these
29 resources must be freed prior to the thread closing.
30 As of version 1.1.0 OpenSSL will automatically allocate all resources
32 that it needs so no explicit initialisation is required. Similarly it
33 will also automatically deinitialise as required.
34 However, there way be situations when explicit initialisation is
36 desirable or needed, for example when some non-default initialisation
37 is required. The function OPENSSL_init_crypto() can be used for this
38 purpose for libcrypto (see also OPENSSL_init_ssl(3) for the libssl
39 equivalent).
40 Numerous internal OpenSSL functions call OPENSSL_init_crypto().
42 Therefore, in order to perform non-default initialisation,
43 OPENSSL_init_crypto() MUST be called by application code prior to any
44 other OpenSSL function calls.
45 The opts parameter specifies which aspects of libcrypto should be
47 initialised. Valid options are:
48 OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS
50 Suppress automatic loading of the libcrypto error strings. This
51 option is not a default option. Once selected subsequent calls to
52 OPENSSL_init_crypto() with the option
53 OPENSSL_INIT_LOAD_CRYPTO_STRINGS will be ignored.
54 OPENSSL_INIT_LOAD_CRYPTO_STRINGS
56 Automatic loading of the libcrypto error strings. With this option
57 the library will automatically load the libcrypto error strings.
58 This option is a default option. Once selected subsequent calls to
59 OPENSSL_init_crypto() with the option
60 OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS will be ignored.
61 OPENSSL_INIT_ADD_ALL_CIPHERS
63 With this option the library will automatically load and make
64 available all libcrypto ciphers. This option is a default option.
65 Once selected subsequent calls to OPENSSL_init_crypto() with the
66 option OPENSSL_INIT_NO_ADD_ALL_CIPHERS will be ignored.
67 OPENSSL_INIT_ADD_ALL_DIGESTS
69 With this option the library will automatically load and make
70 available all libcrypto digests. This option is a default option.
71 Once selected subsequent calls to OPENSSL_init_crypto() with the
72 option OPENSSL_INIT_NO_ADD_ALL_CIPHERS will be ignored.
73 OPENSSL_INIT_NO_ADD_ALL_CIPHERS
75 With this option the library will suppress automatic loading of
76 libcrypto ciphers. This option is not a default option. Once
77 selected subsequent calls to OPENSSL_init_crypto() with the option
78 OPENSSL_INIT_ADD_ALL_CIPHERS will be ignored.
79 OPENSSL_INIT_NO_ADD_ALL_DIGESTS
81 With this option the library will suppress automatic loading of
82 libcrypto digests. This option is not a default option. Once
83 selected subsequent calls to OPENSSL_init_crypto() with the option
84 OPENSSL_INIT_ADD_ALL_DIGESTS will be ignored.
85 OPENSSL_INIT_LOAD_CONFIG
87 With this option an OpenSSL configuration file will be
88 automatically loaded and used by calling OPENSSL_config(). This is
89 not a default option for libcrypto. From OpenSSL 1.1.1 this is a
90 default option for libssl (see OPENSSL_init_ssl(3) for further
91 details about libssl initialisation). See the description of
92 OPENSSL_INIT_new(), below.
93 OPENSSL_INIT_NO_LOAD_CONFIG
95 With this option the loading of OpenSSL configuration files will be
96 suppressed. It is the equivalent of calling OPENSSL_no_config().
97 This is not a default option.
98 OPENSSL_INIT_ASYNC
100 With this option the library with automatically initialise the
101 libcrypto async sub-library (see ASYNC_start_job(3)). This is a
102 default option.
103 OPENSSL_INIT_ENGINE_RDRAND
105 With this option the library will automatically load and initialise
106 the RDRAND engine (if available). This not a default option.
107 OPENSSL_INIT_ENGINE_DYNAMIC
109 With this option the library will automatically load and initialise
110 the dynamic engine. This not a default option.
111 OPENSSL_INIT_ENGINE_OPENSSL
113 With this option the library will automatically load and initialise
114 the openssl engine. This not a default option.
115 OPENSSL_INIT_ENGINE_CRYPTODEV
117 With this option the library will automatically load and initialise
118 the cryptodev engine (if available). This not a default option.
119 OPENSSL_INIT_ENGINE_CAPI
121 With this option the library will automatically load and initialise
122 the CAPI engine (if available). This not a default option.
123 OPENSSL_INIT_ENGINE_PADLOCK
125 With this option the library will automatically load and initialise
126 the padlock engine (if available). This not a default option.
127 OPENSSL_INIT_ENGINE_AFALG
129 With this option the library will automatically load and initialise
130 the AFALG engine. This not a default option.
131 OPENSSL_INIT_ENGINE_ALL_BUILTIN
133 With this option the library will automatically load and initialise
134 all the built in engines listed above with the exception of the
135 openssl and afalg engines. This not a default option.
136 OPENSSL_INIT_ATFORK
138 With this option the library will register its fork handlers. See
139 OPENSSL_fork_prepare(3) for details.
140 Multiple options may be combined together in a single call to
142 OPENSSL_init_crypto(). For example:
143 OPENSSL_init_crypto(OPENSSL_INIT_NO_ADD_ALL_CIPHERS
145 | OPENSSL_INIT_NO_ADD_ALL_DIGESTS, NULL);
146 The OPENSSL_cleanup() function deinitialises OpenSSL (both libcrypto
148 and libssl). All resources allocated by OpenSSL are freed. Typically
149 there should be no need to call this function directly as it is
150 initiated automatically on application exit. This is done via the
151 standard C library atexit() function. In the event that the application
152 will close in a manner that will not call the registered atexit()
153 handlers then the application should call OPENSSL_cleanup() directly.
154 Developers of libraries using OpenSSL are discouraged from calling this
155 function and should instead, typically, rely on auto-deinitialisation.
156 This is to avoid error conditions where both an application and a
157 library it depends on both use OpenSSL, and the library deinitialises
158 it before the application has finished using it.
159 Once OPENSSL_cleanup() has been called the library cannot be
161 reinitialised. Attempts to call OPENSSL_init_crypto() will fail and an
162 ERR_R_INIT_FAIL error will be added to the error stack. Note that
163 because initialisation has failed OpenSSL error strings will not be
164 available, only an error code. This code can be put through the openssl
165 errstr command line application to produce a human readable error (see
166 errstr(1)).
167 The OPENSSL_atexit() function enables the registration of a function to
169 be called during OPENSSL_cleanup(). Stop handlers are called after
170 deinitialisation of resources local to a thread, but before other
171 process wide resources are freed. In the event that multiple stop
172 handlers are registered, no guarantees are made about the order of
173 execution.
174 The OPENSSL_thread_stop() function deallocates resources associated
176 with the current thread. Typically this function will be called
177 automatically by the library when the thread exits. This should only be
178 called directly if resources should be freed at an earlier time, or
179 under the circumstances described in the NOTES section below.
180 The OPENSSL_INIT_LOAD_CONFIG flag will load a default configuration
182 file. For optional configuration file settings, an
183 OPENSSL_INIT_SETTINGS must be created and used. The routines
184 OPENSSL_init_new() and OPENSSL_INIT_set_config_appname() can be used to
185 allocate the object and set the application name, and then the object
186 can be released with OPENSSL_INIT_free() when done.
187
189 Resources local to a thread are deallocated automatically when the
190 thread exits (e.g. in a pthreads environment, when pthread_exit() is
191 called). On Windows platforms this is done in response to a
192 DLL_THREAD_DETACH message being sent to the libcrypto32.dll entry
193 point. Some windows functions may cause threads to exit without sending
194 this message (for example ExitProcess()). If the application uses such
195 functions, then the application must free up OpenSSL resources directly
196 via a call to OPENSSL_thread_stop() on each thread. Similarly this
197 message will also not be sent if OpenSSL is linked statically, and
198 therefore applications using static linking should also call
199 OPENSSL_thread_stop() on each thread. Additionally if OpenSSL is loaded
200 dynamically via LoadLibrary() and the threads are not destroyed until
201 after FreeLibrary() is called then each thread should call
202 OPENSSL_thread_stop() prior to the FreeLibrary() call.
203 On Linux/Unix where OpenSSL has been loaded via dlopen() and the
205 application is multi-threaded and if dlclose() is subsequently called
206 prior to the threads being destroyed then OpenSSL will not be able to
207 deallocate resources associated with those threads. The application
208 should either call OPENSSL_thread_stop() on each thread prior to the
209 dlclose() call, or alternatively the original dlopen() call should use
210 the RTLD_NODELETE flag (where available on the platform).
211
213 The functions OPENSSL_init_crypto, OPENSSL_atexit() and
214 OPENSSL_INIT_set_config_appname() return 1 on success or 0 on error.
215
217 OPENSSL_init_ssl(3)
218
220 The OPENSSL_init_crypto(), OPENSSL_cleanup(), OPENSSL_atexit(),
221 OPENSSL_thread_stop(), OPENSSL_INIT_new(),
222 OPENSSL_INIT_set_config_appname() and OPENSSL_INIT_free() functions
223 were added in OpenSSL 1.1.0.
224
226 Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
227 Licensed under the OpenSSL license (the "License"). You may not use
229 this file except in compliance with the License. You can obtain a copy
230 in the file LICENSE in the source distribution or at
231 <https://www.openssl.org/source/license.html>.
2321.1.1 2018-09-11 OPENSSL_INIT_CRYPTO(3)