1109998SmarkmWARNING WARNING WARNING!!! 2109998Smarkm 3109998SmarkmThis stuff is experimental, may change radically or be deleted altogether 4109998Smarkmbefore OpenSSL 0.9.7 release. You have been warned! 5109998Smarkm 6109998SmarkmConfiguration modules. These are a set of modules which can perform 7109998Smarkmvarious configuration functions. 8109998Smarkm 9109998SmarkmCurrently the routines should be called at most once when an application 10109998Smarkmstarts up: that is before it starts any threads. 11109998Smarkm 12109998SmarkmThe routines read a configuration file set up like this: 13109998Smarkm 14109998Smarkm----- 15109998Smarkm#default section 16109998Smarkmopenssl_init=init_section 17109998Smarkm 18109998Smarkm[init_section] 19109998Smarkm 20109998Smarkmmodule1=value1 21109998Smarkm#Second instance of module1 22109998Smarkmmodule1.1=valueX 23109998Smarkmmodule2=value2 24109998Smarkmmodule3=dso_literal 25109998Smarkmmodule4=dso_section 26109998Smarkm 27109998Smarkm[dso_section] 28109998Smarkm 29109998Smarkmpath=/some/path/to/some/dso.so 30109998Smarkmother_stuff=other_value 31109998Smarkm---- 32109998Smarkm 33109998SmarkmWhen this file is loaded a configuration module with the specified 34109998Smarkmstring (module* in the above example) is looked up and its init 35109998Smarkmfunction called as: 36109998Smarkm 37109998Smarkmint conf_init_func(CONF_IMODULE *md, CONF *cnf); 38109998Smarkm 39109998SmarkmThe function can then take whatever action is appropriate, for example 40109998Smarkmfurther lookups based on the value. Multiple instances of the same 41109998Smarkmconfig module can be loaded. 42109998Smarkm 43109998SmarkmWhen the application closes down the modules are cleaned up by calling 44109998Smarkman optional finish function: 45109998Smarkm 46109998Smarkmvoid conf_finish_func(CONF_IMODULE *md); 47109998Smarkm 48109998SmarkmThe finish functions are called in reverse order: that is the last module 49109998Smarkmloaded is the first one cleaned up. 50109998Smarkm 51109998SmarkmIf no module exists with a given name then an attempt is made to load 52109998Smarkma DSO with the supplied name. This might mean that "module3" attempts 53109998Smarkmto load a DSO called libmodule3.so or module3.dll for example. An explicit 54109998SmarkmDSO name can be given by including a separate section as in the module4 example 55109998Smarkmabove. 56109998Smarkm 57109998SmarkmThe DSO is expected to at least contain an initialization function: 58109998Smarkm 59109998Smarkmint OPENSSL_init(CONF_IMODULE *md, CONF *cnf); 60109998Smarkm 61109998Smarkmand may also include a finish function: 62109998Smarkm 63109998Smarkmvoid OPENSSL_finish(CONF_IMODULE *md); 64109998Smarkm 65109998SmarkmStatic modules can also be added using, 66109998Smarkm 67109998Smarkmint CONF_module_add(char *name, dso_mod_init_func *ifunc, dso_mod_finish_func *ffunc); 68109998Smarkm 69109998Smarkmwhere "name" is the name in the configuration file this function corresponds to. 70109998Smarkm 71109998SmarkmA set of builtin modules (currently only an ASN1 non functional test module) can be 72109998Smarkmadded by calling OPENSSL_load_builtin_modules(). 73109998Smarkm 74109998SmarkmThe function OPENSSL_config() is intended as a simple configuration function that 75109998Smarkmany application can call to perform various default configuration tasks. It uses the 76109998Smarkmfile openssl.cnf in the usual locations. 77109998Smarkm 78109998Smarkm 79