Google Git
Sign in
flutter / third_party / openssl / ffbfbef94353d297cf6acd9081bb1f13dd8266e1 / . / crypto / conf / README
blob: 96e53b34ed853f7cd5da7fb1eec35225796a715d [file] [log] [blame]
Dr. Stephen Hensonbc37d992002-01-05 01:37:16 +0000[diff] [blame]1Configuration modules. These are a set of modules which can perform
2various configuration functions.
3
4Currently the routines should be called at most once when an application
5starts up: that is before it starts any threads.
6
7The routines read a configuration file set up like this:
8
9-----
10#default section
Dr. Stephen Hensonee7ca092007-05-10 17:35:37 +0000[diff] [blame]11openssl_conf=init_section
Dr. Stephen Hensonbc37d992002-01-05 01:37:16 +0000[diff] [blame]12
13[init_section]
14
15module1=value1
16#Second instance of module1
17module1.1=valueX
18module2=value2
19module3=dso_literal
20module4=dso_section
21
22[dso_section]
23
24path=/some/path/to/some/dso.so
25other_stuff=other_value
26----
27
Dr. Stephen Hensonee7ca092007-05-10 17:35:37 +0000[diff] [blame]28When this file is loaded a configuration module with the specified string
29(module* in the above example) is looked up and its init function called as:
Dr. Stephen Hensonbc37d992002-01-05 01:37:16 +0000[diff] [blame]30
31int conf_init_func(CONF_IMODULE *md, CONF *cnf);
32
Dr. Stephen Hensonee7ca092007-05-10 17:35:37 +0000[diff] [blame]33The function can then take whatever action is appropriate, for example further
34lookups based on the value. Multiple instances of the same config module can be
35loaded.
Dr. Stephen Hensonbc37d992002-01-05 01:37:16 +0000[diff] [blame]36
Dr. Stephen Hensonee7ca092007-05-10 17:35:37 +0000[diff] [blame]37When the application closes down the modules are cleaned up by calling an
38optional finish function:
Dr. Stephen Hensonbc37d992002-01-05 01:37:16 +0000[diff] [blame]39
40void conf_finish_func(CONF_IMODULE *md);
41
42The finish functions are called in reverse order: that is the last module
43loaded is the first one cleaned up.
44
Dr. Stephen Hensonee7ca092007-05-10 17:35:37 +0000[diff] [blame]45If no module exists with a given name then an attempt is made to load a DSO
46with the supplied name. This might mean that "module3" attempts to load a DSO
47called libmodule3.so or module3.dll for example. An explicit DSO name can be
48given by including a separate section as in the module4 example above.
Dr. Stephen Hensonbc37d992002-01-05 01:37:16 +0000[diff] [blame]49
50The DSO is expected to at least contain an initialization function:
51
52int OPENSSL_init(CONF_IMODULE *md, CONF *cnf);
53
54and may also include a finish function:
55
56void OPENSSL_finish(CONF_IMODULE *md);
57
58Static modules can also be added using,
59
Dr. Stephen Hensonee7ca092007-05-10 17:35:37 +0000[diff] [blame]60int CONF_module_add(char *name, dso_mod_init_func *ifunc, dso_mod_finish_func
61*ffunc);
Dr. Stephen Hensonbc37d992002-01-05 01:37:16 +0000[diff] [blame]62
Dr. Stephen Hensonee7ca092007-05-10 17:35:37 +0000[diff] [blame]63where "name" is the name in the configuration file this function corresponds
64to.
Dr. Stephen Hensonbc37d992002-01-05 01:37:16 +0000[diff] [blame]65
Dr. Stephen Hensonee7ca092007-05-10 17:35:37 +0000[diff] [blame]66A set of builtin modules (currently only an ASN1 non functional test module)
67can be added by calling OPENSSL_load_builtin_modules().
Dr. Stephen Hensonbc37d992002-01-05 01:37:16 +0000[diff] [blame]68
Dr. Stephen Hensonee7ca092007-05-10 17:35:37 +0000[diff] [blame]69The function OPENSSL_config() is intended as a simple configuration function
70that any application can call to perform various default configuration tasks.
71It uses the file openssl.cnf in the usual locations.
Dr. Stephen Hensonbc37d992002-01-05 01:37:16 +0000[diff] [blame]72
73