[openssl-dev] [openssl.org #3876] [PATCH] Do not complain if config file not found
Richard Levitte via RT
rt at openssl.org
Thu May 28 15:41:34 UTC 2015
On Thu May 28 02:44:11 2015, rsalz wrote:
> Because it goes ahead and proceeds. Not it is explicit testing ENOTFOUND.
> It should either error+exit or not complain.
>
> I can be convinced the current behavior is useful.
> --
> Rich Salz, OpenSSL dev team; rsalz at openssl.org
The current behavior is useful with the commands that actually use the
configuration file. Those are ca, req, srp and ts, and except for req, they're
all loading the default config file on their own, completely ignoring the fact
that openssl.c:main() has already done so.
My suggestion is, at least for 1.1 (but I don't see why this can't be ported
down to 1.0.2 and 1.0.1) remove the config loading code from openssl.c:main()
and add the same code in req.c as you can find in ts.c or srp.c... possibly
refactoring that code into a helper function in apps.c.
--
Richard Levitte
levitte at openssl.org
More information about the openssl-dev
mailing list