mirror of https://github.com/openssl/openssl.git
doc/man7/openssl-env: document which variables are considered security-sensitive
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/28025)
This commit is contained in:
Eugene Syromiatnikov
Neil Horman
parent
6de54753c2
commit
f5fdbb8fff
|
|
@ -8,8 +8,9 @@ openssl-env - OpenSSL environment variables
|
|||
|
||||
The OpenSSL libraries use environment variables to override the
|
||||
compiled-in default paths for various data.
|
||||
To avoid security risks, the environment is usually not consulted when
|
||||
the executable is set-user-ID or set-group-ID.
|
||||
To avoid security risks, the environment is not consulted
|
||||
for security-sensitive environment variables when the executable
|
||||
is set-user-ID or set-group-ID.
|
||||
|
||||
=over 4
|
||||
|
||||
|
|
@ -18,34 +19,46 @@ the executable is set-user-ID or set-group-ID.
|
|||
Specifies the path to a certificate transparency log list.
|
||||
See L<CTLOG_STORE_new(3)>.
|
||||
|
||||
This variable is considered a security-sensitive environment variable.
|
||||
|
||||
=item B<HTTPS_PROXY>, B<HTTP_PROXY>, B<NO_PROXY>, B<https_proxy>, B<http_proxy>, B<no_proxy>
|
||||
|
||||
Specify a proxy hostname.
|
||||
See L<OSSL_HTTP_parse_url(3)>.
|
||||
|
||||
These variables are considered security-sensitive environment variables.
|
||||
|
||||
=item B<LEGACY_GOST_PKCS12>
|
||||
|
||||
Affects the way MAC is generated in PKCS#12 containers for GOST algorithms.
|
||||
See L<PKCS12_gen_mac(3)>.
|
||||
|
||||
This variable is considered a security-sensitive environment variable.
|
||||
|
||||
=item B<OPENSSL>
|
||||
|
||||
Specifies the path to the B<openssl> executable. Used by
|
||||
the B<rehash> script (see L<openssl-rehash(1)/Script Configuration>)
|
||||
and by the B<CA.pl> script (see L<CA.pl(1)/NOTES>
|
||||
|
||||
This variable is not considered security-sensitive.
|
||||
|
||||
=item B<OPENSSL_CONF>, B<OPENSSL_CONF_INCLUDE>
|
||||
|
||||
Specifies the path to a configuration file and the directory for
|
||||
included files.
|
||||
See L<config(5)>.
|
||||
|
||||
These variables are considered security-sensitive environment variables.
|
||||
|
||||
=item B<OPENSSL_CONFIG>
|
||||
|
||||
Specifies a configuration option and filename for the B<req> and B<ca>
|
||||
commands invoked by the B<CA.pl> script.
|
||||
See L<CA.pl(1)>.
|
||||
|
||||
This variable is not considered security-sensitive.
|
||||
|
||||
=item B<OPENSSL_DEBUG_DECC_INIT>
|
||||
|
||||
On VMS only: if this variable is set, enables verbose output of parsing
|
||||
|
|
@ -53,21 +66,29 @@ of C<DECC$*> logical names, that contain C RTL features, during library
|
|||
initialisation (C<LIB$INITIALIZE>). If the value of the variable is more
|
||||
than 1, outputs information about every processed feature.
|
||||
|
||||
This variable is not considered security-sensitive.
|
||||
|
||||
=item B<OPENSSL_ENGINES>
|
||||
|
||||
Specifies the directory from which dynamic engines are loaded.
|
||||
See L<openssl-engine(1)>.
|
||||
|
||||
This variable is considered a security-sensitive environment variable.
|
||||
|
||||
=item B<OPENSSL_MALLOC_FAILURES>, B<OPENSSL_MALLOC_FD>, B<OPENSSL_MALLOC_SEED>
|
||||
|
||||
If built with debugging, this allows memory allocation to fail.
|
||||
See L<OPENSSL_malloc(3)>.
|
||||
|
||||
These variables are not considered security-sensitive.
|
||||
|
||||
=item B<OPENSSL_MODULES>
|
||||
|
||||
Specifies the directory from which cryptographic providers are loaded.
|
||||
Equivalently, the generic B<-provider-path> command-line option may be used.
|
||||
|
||||
This variable is considered a security-sensitive environment variable.
|
||||
|
||||
=item B<OPENSSL_SEC_MEM>
|
||||
|
||||
Initializes the secure memory at the beginning of the application which makes
|
||||
|
|
@ -76,12 +97,16 @@ indicates the B<size> parameter in bytes. The value can be expressed in
|
|||
binary, octal, decimal and hexadecimal. For formatting see B<strtol(3)>.
|
||||
For further restrictions see L<CRYPTO_secure_malloc_init(3)>.
|
||||
|
||||
This variable is not considered security-sensitive.
|
||||
|
||||
=item B<OPENSSL_SEC_MEM_MINSIZE>
|
||||
|
||||
An optional variable used with B<OPENSSL_SEC_MEM>. The value indicates
|
||||
B<minsize> parameter in bytes. The same formatting applies as above.
|
||||
Default is 0. For more info see L<CRYPTO_secure_malloc_init(3)>.
|
||||
|
||||
This variable is not considered security-sensitive.
|
||||
|
||||
=item B<OPENSSL_TRACE>
|
||||
|
||||
By default the OpenSSL trace feature is disabled statically.
|
||||
|
|
@ -175,6 +200,8 @@ Traces the HTTP client and server, such as messages being sent and received.
|
|||
|
||||
=back
|
||||
|
||||
This variable is not considered security-sensitive.
|
||||
|
||||
=item B<OPENSSL_WIN32_UTF8>
|
||||
|
||||
If set, then L<UI_OpenSSL(3)> returns UTF-8 encoded strings, rather than
|
||||
|
|
@ -191,20 +218,28 @@ processor capabilities and run time feature enquiry. These environment
|
|||
variables can be used to exert more control over this selection process.
|
||||
See L<OPENSSL_ia32cap(3)>, L<OPENSSL_riscvcap(3)>, and L<OPENSSL_s390xcap(3)>.
|
||||
|
||||
These variables are not considered security-sensitive.
|
||||
|
||||
=item B<OSSL_QFILTER>
|
||||
|
||||
Used to set a QUIC qlog filter specification. See L<openssl-qlog(7)>.
|
||||
|
||||
This variable is considered a security-sensitive environment variable.
|
||||
|
||||
=item B<QLOGDIR>
|
||||
|
||||
Specifies a QUIC qlog output directory. See L<openssl-qlog(7)>.
|
||||
|
||||
This variable is considered a security-sensitive environment variable.
|
||||
|
||||
=item B<RANDFILE>
|
||||
|
||||
The state file for the random number generator.
|
||||
This should not be needed in normal use.
|
||||
See L<RAND_load_file(3)>.
|
||||
|
||||
This variable is considered a security-sensitive environment variable.
|
||||
|
||||
=item B<SSLKEYLOGFILE>
|
||||
|
||||
Used to produce the standard format output file for SSL key logging. Optionally
|
||||
|
|
@ -217,21 +252,31 @@ the exchanged keys during an SSL session, it allows any available party with
|
|||
read access to the file to decrypt application traffic sent over that session.
|
||||
Use of this feature should be restricted to test and debug environments only.
|
||||
|
||||
This variable is considered a security-sensitive environment variable.
|
||||
|
||||
=item B<SSL_CERT_DIR>, B<SSL_CERT_FILE>
|
||||
|
||||
Specify the default directory or file containing CA certificates.
|
||||
See L<SSL_CTX_load_verify_locations(3)>.
|
||||
|
||||
These variables are considered security-sensitive environment variables,
|
||||
except in L<openssl-rehash(1)>, where B<SSL_CERT_DIR> is not considered
|
||||
security-sensitive.
|
||||
|
||||
=item B<SSL_CIPHER>
|
||||
|
||||
Used by L<openssl-s_time(1)> in case B<-cipher> option (that allows modifying
|
||||
TLSv1.2 and below cipher list sent by the client) is not provided,
|
||||
for specification of the aforementioned ciphers.
|
||||
|
||||
This variable is not considered security-sensitive.
|
||||
|
||||
=item B<TSGET>
|
||||
|
||||
Additional arguments for the L<tsget(1)> command.
|
||||
|
||||
This variable is not considered security-sensitive.
|
||||
|
||||
=back
|
||||
|
||||
=head1 HISTORY
|
||||
|
|
|
|||
Loading…
Reference in New Issue