diff options
Diffstat (limited to 'secure/lib/libcrypto/man/man7/openssl-env.7')
| -rw-r--r-- | secure/lib/libcrypto/man/man7/openssl-env.7 | 30 |
1 files changed, 20 insertions, 10 deletions
diff --git a/secure/lib/libcrypto/man/man7/openssl-env.7 b/secure/lib/libcrypto/man/man7/openssl-env.7 index 1b1163c8c9f4..6a4f1ae42520 100644 --- a/secure/lib/libcrypto/man/man7/openssl-env.7 +++ b/secure/lib/libcrypto/man/man7/openssl-env.7 @@ -1,5 +1,5 @@ .\" -*- mode: troff; coding: utf-8 -*- -.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45) +.\" Automatically generated by Pod::Man v6.0.2 (Pod::Simple 3.45) .\" .\" Standard preamble: .\" ======================================================================== @@ -52,10 +52,13 @@ . \} .\} .rr rF +.\" +.\" Required to disable full justification in groff 1.23.0. +.if n .ds AD l .\" ======================================================================== .\" .IX Title "OPENSSL-ENV 7ossl" -.TH OPENSSL-ENV 7ossl 2025-09-30 3.5.4 OpenSSL +.TH OPENSSL-ENV 7ossl 2026-04-07 3.5.6 OpenSSL .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -65,9 +68,9 @@ openssl\-env \- OpenSSL environment variables .SH DESCRIPTION .IX Header "DESCRIPTION" The OpenSSL libraries use environment variables to override the -compiled-in default paths for various data. +compiled\-in default paths for various data. To avoid security risks, the environment is usually not consulted when -the executable is set-user-ID or set-group-ID. +the executable is set\-user\-ID or set\-group\-ID. .IP \fBCTLOG_FILE\fR 4 .IX Item "CTLOG_FILE" Specifies the path to a certificate transparency log list. @@ -98,7 +101,7 @@ See \fBOPENSSL_malloc\fR\|(3). .IP \fBOPENSSL_MODULES\fR 4 .IX Item "OPENSSL_MODULES" Specifies the directory from which cryptographic providers are loaded. -Equivalently, the generic \fB\-provider\-path\fR command-line option may be used. +Equivalently, the generic \fB\-provider\-path\fR command\-line option may be used. .IP \fBOPENSSL_TRACE\fR 4 .IX Item "OPENSSL_TRACE" By default the OpenSSL trace feature is disabled statically. @@ -109,8 +112,14 @@ Unless OpenSSL tracing support is generally disabled, enable trace output of specific parts of OpenSSL libraries, by name. This output usually makes sense only if you know OpenSSL internals well. .Sp -The value of this environment varialble is a comma-separated list of names, +The value of this environment variable is a comma\-separated list of names, with the following available: +.IP \fBOPENSSL_RUNNING_UNIT_TESTS\fR 4 +.IX Item "OPENSSL_RUNNING_UNIT_TESTS" +This environment variable is used to flag the fact that unit tests are being run +(i.e. \`make test\`). It is used to detect when the OpenSSL should behave in a special +manner during unit tests (i.e. when unit tests are being run on fuzzing builds). It should +generally not be set by users. .RS 4 .IP \fBTRACE\fR 4 .IX Item "TRACE" @@ -177,7 +186,7 @@ Traces the HTTP client and server, such as messages being sent and received. .IX Item "OPENSSL_WIN32_UTF8" If set, then \fBUI_OpenSSL\fR\|(3) returns UTF\-8 encoded strings, rather than ones encoded in the current code page, and -the \fBopenssl\fR\|(1) program also transcodes the command-line parameters +the \fBopenssl\fR\|(1) program also transcodes the command\-line parameters from the current code page to UTF\-8. This environment variable is only checked on Microsoft Windows platforms. .IP \fBRANDFILE\fR 4 @@ -198,7 +207,8 @@ OpenSSL supports a number of different algorithm implementations for various machines and, by default, it determines which to use based on the processor capabilities and run time feature enquiry. These environment variables can be used to exert more control over this selection process. -See \fBOPENSSL_ia32cap\fR\|(3), \fBOPENSSL_s390xcap\fR\|(3) and \fBOPENSSL_riscvcap\fR\|(3). +See \fBOPENSSL_ia32cap\fR\|(3), \fBOPENSSL_ppccap\fR\|(3), \fBOPENSSL_riscvcap\fR\|(3), +and \fBOPENSSL_s390xcap\fR\|(3). .IP "\fBNO_PROXY\fR, \fBHTTPS_PROXY\fR, \fBHTTP_PROXY\fR" 4 .IX Item "NO_PROXY, HTTPS_PROXY, HTTP_PROXY" Specify a proxy hostname. @@ -214,7 +224,7 @@ Used to set a QUIC qlog filter specification. See \fBopenssl\-qlog\fR\|(7). Used to produce the standard format output file for SSL key logging. Optionally set this variable to a filename to log all secrets produced by SSL connections. Note, use of the environment variable is predicated on configuring OpenSSL at -build time with the enable-sslkeylog feature. The file format standard can be +build time with the enable\-sslkeylog feature. The file format standard can be found at <https://datatracker.ietf.org/doc/draft\-ietf\-tls\-keylogfile/>. Note: the use of \fBSSLKEYLOGFILE\fR poses an explicit security risk. By recording the exchanged keys during an SSL session, it allows any available party with @@ -222,7 +232,7 @@ read access to the file to decrypt application traffic sent over that session. Use of this feature should be restricted to test and debug environments only. .SH COPYRIGHT .IX Header "COPYRIGHT" -Copyright 2019\-2024 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019\-2026 The OpenSSL Project Authors. All Rights Reserved. .PP Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy |