1*0Sstevel@tonic-gateWARNING WARNING WARNING!!! 2*0Sstevel@tonic-gate 3*0Sstevel@tonic-gateThis stuff is experimental, may change radically or be deleted altogether 4*0Sstevel@tonic-gatebefore OpenSSL 0.9.7 release. You have been warned! 5*0Sstevel@tonic-gate 6*0Sstevel@tonic-gateConfiguration modules. These are a set of modules which can perform 7*0Sstevel@tonic-gatevarious configuration functions. 8*0Sstevel@tonic-gate 9*0Sstevel@tonic-gateCurrently the routines should be called at most once when an application 10*0Sstevel@tonic-gatestarts up: that is before it starts any threads. 11*0Sstevel@tonic-gate 12*0Sstevel@tonic-gateThe routines read a configuration file set up like this: 13*0Sstevel@tonic-gate 14*0Sstevel@tonic-gate----- 15*0Sstevel@tonic-gate#default section 16*0Sstevel@tonic-gateopenssl_init=init_section 17*0Sstevel@tonic-gate 18*0Sstevel@tonic-gate[init_section] 19*0Sstevel@tonic-gate 20*0Sstevel@tonic-gatemodule1=value1 21*0Sstevel@tonic-gate#Second instance of module1 22*0Sstevel@tonic-gatemodule1.1=valueX 23*0Sstevel@tonic-gatemodule2=value2 24*0Sstevel@tonic-gatemodule3=dso_literal 25*0Sstevel@tonic-gatemodule4=dso_section 26*0Sstevel@tonic-gate 27*0Sstevel@tonic-gate[dso_section] 28*0Sstevel@tonic-gate 29*0Sstevel@tonic-gatepath=/some/path/to/some/dso.so 30*0Sstevel@tonic-gateother_stuff=other_value 31*0Sstevel@tonic-gate---- 32*0Sstevel@tonic-gate 33*0Sstevel@tonic-gateWhen this file is loaded a configuration module with the specified 34*0Sstevel@tonic-gatestring (module* in the above example) is looked up and its init 35*0Sstevel@tonic-gatefunction called as: 36*0Sstevel@tonic-gate 37*0Sstevel@tonic-gateint conf_init_func(CONF_IMODULE *md, CONF *cnf); 38*0Sstevel@tonic-gate 39*0Sstevel@tonic-gateThe function can then take whatever action is appropriate, for example 40*0Sstevel@tonic-gatefurther lookups based on the value. Multiple instances of the same 41*0Sstevel@tonic-gateconfig module can be loaded. 42*0Sstevel@tonic-gate 43*0Sstevel@tonic-gateWhen the application closes down the modules are cleaned up by calling 44*0Sstevel@tonic-gatean optional finish function: 45*0Sstevel@tonic-gate 46*0Sstevel@tonic-gatevoid conf_finish_func(CONF_IMODULE *md); 47*0Sstevel@tonic-gate 48*0Sstevel@tonic-gateThe finish functions are called in reverse order: that is the last module 49*0Sstevel@tonic-gateloaded is the first one cleaned up. 50*0Sstevel@tonic-gate 51*0Sstevel@tonic-gateIf no module exists with a given name then an attempt is made to load 52*0Sstevel@tonic-gatea DSO with the supplied name. This might mean that "module3" attempts 53*0Sstevel@tonic-gateto load a DSO called libmodule3.so or module3.dll for example. An explicit 54*0Sstevel@tonic-gateDSO name can be given by including a separate section as in the module4 example 55*0Sstevel@tonic-gateabove. 56*0Sstevel@tonic-gate 57*0Sstevel@tonic-gateThe DSO is expected to at least contain an initialization function: 58*0Sstevel@tonic-gate 59*0Sstevel@tonic-gateint OPENSSL_init(CONF_IMODULE *md, CONF *cnf); 60*0Sstevel@tonic-gate 61*0Sstevel@tonic-gateand may also include a finish function: 62*0Sstevel@tonic-gate 63*0Sstevel@tonic-gatevoid OPENSSL_finish(CONF_IMODULE *md); 64*0Sstevel@tonic-gate 65*0Sstevel@tonic-gateStatic modules can also be added using, 66*0Sstevel@tonic-gate 67*0Sstevel@tonic-gateint CONF_module_add(char *name, dso_mod_init_func *ifunc, dso_mod_finish_func *ffunc); 68*0Sstevel@tonic-gate 69*0Sstevel@tonic-gatewhere "name" is the name in the configuration file this function corresponds to. 70*0Sstevel@tonic-gate 71*0Sstevel@tonic-gateA set of builtin modules (currently only an ASN1 non functional test module) can be 72*0Sstevel@tonic-gateadded by calling OPENSSL_load_builtin_modules(). 73*0Sstevel@tonic-gate 74*0Sstevel@tonic-gateThe function OPENSSL_config() is intended as a simple configuration function that 75*0Sstevel@tonic-gateany application can call to perform various default configuration tasks. It uses the 76*0Sstevel@tonic-gatefile openssl.cnf in the usual locations. 77*0Sstevel@tonic-gate 78*0Sstevel@tonic-gate 79