From 309c561694497358896a907bc0ccfb7cc0fda075 Mon Sep 17 00:00:00 2001 From: tb Date: Sun, 19 Nov 2023 10:23:53 +0000 Subject: [PATCH] Remove obsolete engine configuration section --- lib/libcrypto/man/openssl.cnf.5 | 108 +------------------------------- 1 file changed, 2 insertions(+), 106 deletions(-) diff --git a/lib/libcrypto/man/openssl.cnf.5 b/lib/libcrypto/man/openssl.cnf.5 index eda4829ab6b..05295cbbaf1 100644 --- a/lib/libcrypto/man/openssl.cnf.5 +++ b/lib/libcrypto/man/openssl.cnf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: openssl.cnf.5,v 1.9 2023/10/21 14:05:49 tb Exp $ +.\" $OpenBSD: openssl.cnf.5,v 1.10 2023/11/19 10:23:53 tb Exp $ .\" full merge up to: OpenSSL man5/config b53338cb Feb 28 12:30:28 2017 +0100 .\" selective merge up to: OpenSSL a8c5ed81 Jul 18 13:57:25 2017 -0400 .\" @@ -50,7 +50,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: October 21 2023 $ +.Dd $Mdocdate: November 19 2023 $ .Dt OPENSSL.CNF 5 .Os .Sh NAME @@ -192,13 +192,9 @@ openssl_conf = openssl_init [openssl_init] oid_section = new_oids -engines = engine_section [new_oids] \&... new oids here ... - -[engine_section] -\&... engine stuff here ... .Ed .Pp The features of each configuration module are described below. @@ -228,106 +224,6 @@ comma and the numerical OID form. For example: .Pp .Dl shortName = some object long name, 1.2.3.4 -.Ss Engine Configuration Module -This ENGINE configuration module has the name -.Ic engines . -The value of this variable points to a section containing further ENGINE -configuration information. -.Pp -The section pointed to by -.Ic engines -is a table of engine names (though see -.Ic engine_id -below) and further sections containing configuration information -specific to each ENGINE. -.Pp -Each ENGINE specific section is used to set default algorithms, load -dynamic ENGINEs, perform initialization and send ctrls. -The actual operation performed depends on the command -name which is the name of the name value pair. -The currently supported commands are listed below. -.Pp -For example: -.Bd -literal -offset indent -[engine_section] -# Configure ENGINE named "foo" -foo = foo_section -# Configure ENGINE named "bar" -bar = bar_section - -[foo_section] -\&... foo ENGINE specific commands ... - -[bar_section] -\&... "bar" ENGINE specific commands ... -.Ed -.Pp -The command -.Ic engine_id -is used to give the ENGINE name. -If used, this command must be first. -For example: -.Bd -literal -offset indent -[engine_section] -# This would normally handle an ENGINE named "foo" -foo = foo_section - -[foo_section] -# Override default name and use "myfoo" instead. -engine_id = myfoo -.Ed -.Pp -The command -.Ic dynamic_path -loads and adds an ENGINE from the given path. -It is equivalent to sending the ctrls -.Sy SO_PATH -with the path argument followed by -.Sy LIST_ADD -with value 2 and -.Sy LOAD -to the dynamic ENGINE. -If this is not the required behaviour then alternative ctrls can be sent -directly to the dynamic ENGINE using ctrl commands. -.Pp -The command -.Ic init -determines whether to initialize the ENGINE. -If the value is 0, the ENGINE will not be initialized. -If it is 1, an attempt is made to initialized the ENGINE immediately. -If the -.Ic init -command is not present, then an attempt will be made to initialize -the ENGINE after all commands in its section have been processed. -.Pp -The command -.Ic default_algorithms -sets the default algorithms an ENGINE will supply using the functions -.Xr ENGINE_set_default_string 3 . -.Pp -If the name matches none of the above command names, it is assumed -to be a ctrl command which is sent to the ENGINE. -The value of the command is the argument to the ctrl command. -If the value is the string -.Cm EMPTY , -then no value is sent to the command. -.Pp -For example: -.Bd -literal -offset indent -[engine_section] -# Configure ENGINE named "foo" -foo = foo_section - -[foo_section] -# Load engine from DSO -dynamic_path = /some/path/fooengine.so -# A foo specific ctrl. -some_ctrl = some_value -# Another ctrl that doesn't take a value. -other_ctrl = EMPTY -# Supply all default algorithms -default_algorithms = ALL -.Ed .Sh FILES .Bl -tag -width /etc/ssl/openssl.cnf -compact .It Pa /etc/ssl/openssl.cnf -- 2.20.1