openssl/crypto/conf
Dr. Stephen Henson e133ff7190 PR: 2840
Reported by: David McCullough <david_mccullough@mcafee.com>

Restore fips configuration module from 0.9.8.
2012-07-03 20:16:30 +00:00
..
.cvsignore Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
cnf_save.c Move all the existing function pointer casts associated with LHASH's two 2001-01-09 00:24:38 +00:00
conf.h Stop warning about extra ';' outside of function. 2008-05-31 19:17:25 +00:00
conf_api.c PR: 2576 2011-09-02 11:20:32 +00:00
conf_api.h Constification, add config to /dev/crypto. 2002-01-18 16:51:05 +00:00
conf_def.c Fix warnings (From HEAD, original patch by Ben). 2010-06-15 17:25:15 +00:00
conf_def.h Allow 8-bit characters. This is not really complete, it only marks 2002-01-02 11:06:02 +00:00
conf_err.c Don't die if the value is NULL (Coverity CID 98). 2007-04-01 18:00:52 +00:00
conf_lib.c LHASH revamp. make depend. 2008-05-26 11:24:29 +00:00
conf_mall.c PR: 2840 2012-07-03 20:16:30 +00:00
conf_mod.c Update obsolete email address... 2008-11-05 18:39:08 +00:00
conf_sap.c Update obsolete email address... 2008-11-05 18:39:08 +00:00
keysets.pl Allow 8-bit characters. This is not really complete, it only marks 2002-01-02 11:06:02 +00:00
Makefile make depend 2011-09-16 23:15:22 +00:00
README Tidy up docs, remove warning. 2007-05-10 17:35:37 +00:00
ssleay.cnf
test.c I've always wanted to make the CONF library more adaptable. Here's 2000-04-09 12:04:35 +00:00

Configuration modules. These are a set of modules which can perform
various configuration functions.

Currently the routines should be called at most once when an application
starts up: that is before it starts any threads.

The routines read a configuration file set up like this:

-----
#default section
openssl_conf=init_section

[init_section]

module1=value1
#Second instance of module1
module1.1=valueX
module2=value2
module3=dso_literal
module4=dso_section

[dso_section]

path=/some/path/to/some/dso.so
other_stuff=other_value
----

When this file is loaded a configuration module with the specified string
(module* in the above example) is looked up and its init function called as:

int conf_init_func(CONF_IMODULE *md, CONF *cnf);

The function can then take whatever action is appropriate, for example further
lookups based on the value. Multiple instances of the same config module can be
loaded.

When the application closes down the modules are cleaned up by calling an
optional finish function:

void conf_finish_func(CONF_IMODULE *md);

The finish functions are called in reverse order: that is the last module
loaded is the first one cleaned up.

If no module exists with a given name then an attempt is made to load a DSO
with the supplied name. This might mean that "module3" attempts to load a DSO
called libmodule3.so or module3.dll for example. An explicit DSO name can be
given by including a separate section as in the module4 example above.

The DSO is expected to at least contain an initialization function:

int OPENSSL_init(CONF_IMODULE *md, CONF *cnf);

and may also include a finish function:

void OPENSSL_finish(CONF_IMODULE *md);

Static modules can also be added using,

int CONF_module_add(char *name, dso_mod_init_func *ifunc, dso_mod_finish_func
*ffunc);

where "name" is the name in the configuration file this function corresponds
to.

A set of builtin modules (currently only an ASN1 non functional test module)
can be added by calling OPENSSL_load_builtin_modules(). 

The function OPENSSL_config() is intended as a simple configuration function
that any application can call to perform various default configuration tasks.
It uses the file openssl.cnf in the usual locations.