1da347917SbeckConfiguration modules. These are a set of modules which can perform 2da347917Sbeckvarious configuration functions. 3da347917Sbeck 4da347917SbeckCurrently the routines should be called at most once when an application 5da347917Sbeckstarts up: that is before it starts any threads. 6da347917Sbeck 7da347917SbeckThe routines read a configuration file set up like this: 8da347917Sbeck 9da347917Sbeck----- 10da347917Sbeck#default section 11*f1535dc8Sdjmopenssl_conf=init_section 12da347917Sbeck 13da347917Sbeck[init_section] 14da347917Sbeck 15da347917Sbeckmodule1=value1 16da347917Sbeck#Second instance of module1 17da347917Sbeckmodule1.1=valueX 18da347917Sbeckmodule2=value2 19da347917Sbeckmodule3=dso_literal 20da347917Sbeckmodule4=dso_section 21da347917Sbeck 22da347917Sbeck[dso_section] 23da347917Sbeck 24da347917Sbeckpath=/some/path/to/some/dso.so 25da347917Sbeckother_stuff=other_value 26da347917Sbeck---- 27da347917Sbeck 28*f1535dc8SdjmWhen this file is loaded a configuration module with the specified string 29*f1535dc8Sdjm(module* in the above example) is looked up and its init function called as: 30da347917Sbeck 31da347917Sbeckint conf_init_func(CONF_IMODULE *md, CONF *cnf); 32da347917Sbeck 33*f1535dc8SdjmThe function can then take whatever action is appropriate, for example further 34*f1535dc8Sdjmlookups based on the value. Multiple instances of the same config module can be 35*f1535dc8Sdjmloaded. 36da347917Sbeck 37*f1535dc8SdjmWhen the application closes down the modules are cleaned up by calling an 38*f1535dc8Sdjmoptional finish function: 39da347917Sbeck 40da347917Sbeckvoid conf_finish_func(CONF_IMODULE *md); 41da347917Sbeck 42da347917SbeckThe finish functions are called in reverse order: that is the last module 43da347917Sbeckloaded is the first one cleaned up. 44da347917Sbeck 45*f1535dc8SdjmIf no module exists with a given name then an attempt is made to load a DSO 46*f1535dc8Sdjmwith the supplied name. This might mean that "module3" attempts to load a DSO 47*f1535dc8Sdjmcalled libmodule3.so or module3.dll for example. An explicit DSO name can be 48*f1535dc8Sdjmgiven by including a separate section as in the module4 example above. 49da347917Sbeck 50da347917SbeckThe DSO is expected to at least contain an initialization function: 51da347917Sbeck 52da347917Sbeckint OPENSSL_init(CONF_IMODULE *md, CONF *cnf); 53da347917Sbeck 54da347917Sbeckand may also include a finish function: 55da347917Sbeck 56da347917Sbeckvoid OPENSSL_finish(CONF_IMODULE *md); 57da347917Sbeck 58da347917SbeckStatic modules can also be added using, 59da347917Sbeck 60*f1535dc8Sdjmint CONF_module_add(char *name, dso_mod_init_func *ifunc, dso_mod_finish_func 61*f1535dc8Sdjm*ffunc); 62da347917Sbeck 63*f1535dc8Sdjmwhere "name" is the name in the configuration file this function corresponds 64*f1535dc8Sdjmto. 65da347917Sbeck 66*f1535dc8SdjmA set of builtin modules (currently only an ASN1 non functional test module) 67*f1535dc8Sdjmcan be added by calling OPENSSL_load_builtin_modules(). 68da347917Sbeck 69*f1535dc8SdjmThe function OPENSSL_config() is intended as a simple configuration function 70*f1535dc8Sdjmthat any application can call to perform various default configuration tasks. 71*f1535dc8SdjmIt uses the file openssl.cnf in the usual locations. 72da347917Sbeck 73da347917Sbeck 74