README revision 109998
194742SobrienWARNING WARNING WARNING!!! 294742Sobrien 394742SobrienThis stuff is experimental, may change radically or be deleted altogether 495253Srubefore OpenSSL 0.9.7 release. You have been warned! 594742Sobrien 694772SimpConfiguration modules. These are a set of modules which can perform 794772Simpvarious configuration functions. 894772Simp 994844SrwatsonCurrently the routines should be called at most once when an application 1094854Ssosstarts up: that is before it starts any threads. 1194917Simp 1294917SimpThe routines read a configuration file set up like this: 1394917Simp 1494917Simp----- 1596272Smarkm#default section 1696272Smarkmopenssl_init=init_section 1794845Smarkm 1894845Smarkm[init_section] 1994845Smarkm 2095382Srnordiermodule1=value1 2194847Sjhb#Second instance of module1 2294847Sjhbmodule1.1=valueX 2394847Sjhbmodule2=value2 2494849Sphkmodule3=dso_literal 2594849Sphkmodule4=dso_section 2694849Sphk 2794849Sphk[dso_section] 2894849Sphk 2994849Sphkpath=/some/path/to/some/dso.so 3094849Sphkother_stuff=other_value 3194855Sscottl---- 3294855Sscottl 3394902SbennoWhen this file is loaded a configuration module with the specified 3494915Skenstring (module* in the above example) is looked up and its init 3594915Skenfunction called as: 3694920Smjacob 3794915Skenint conf_init_func(CONF_IMODULE *md, CONF *cnf); 3894915Sken 3994915SkenThe function can then take whatever action is appropriate, for example 4094915Skenfurther lookups based on the value. Multiple instances of the same 4194915Skenconfig module can be loaded. 4294915Sken 4394915SkenWhen the application closes down the modules are cleaned up by calling 4494915Skenan optional finish function: 4594920Smjacob 4694920Smjacobvoid conf_finish_func(CONF_IMODULE *md); 4794920Smjacob 4895347ScokaneThe finish functions are called in reverse order: that is the last module 4994918Sgshapiroloaded is the first one cleaned up. 5094918Sgshapiro 5194918SgshapiroIf no module exists with a given name then an attempt is made to load 5294918Sgshapiroa DSO with the supplied name. This might mean that "module3" attempts 5394918Sgshapiroto load a DSO called libmodule3.so or module3.dll for example. An explicit 5494955SmurrayDSO name can be given by including a separate section as in the module4 example 5594955Smurrayabove. 5695054Snectar 5795455SdesThe DSO is expected to at least contain an initialization function: 5895455Sdes 5996268Sgadint OPENSSL_init(CONF_IMODULE *md, CONF *cnf); 6096268Sgad 6196268Sgadand may also include a finish function: 6296301Sgrog 63void OPENSSL_finish(CONF_IMODULE *md); 64 65Static modules can also be added using, 66 67int CONF_module_add(char *name, dso_mod_init_func *ifunc, dso_mod_finish_func *ffunc); 68 69where "name" is the name in the configuration file this function corresponds to. 70 71A set of builtin modules (currently only an ASN1 non functional test module) can be 72added by calling OPENSSL_load_builtin_modules(). 73 74The function OPENSSL_config() is intended as a simple configuration function that 75any application can call to perform various default configuration tasks. It uses the 76file openssl.cnf in the usual locations. 77 78 79