3 * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
6 /* ====================================================================
7 * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * licensing@OpenSSL.org.
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
35 * 6. Redistributions of any form whatsoever must retain the following
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
54 * This product includes cryptographic software written by Eric Young
55 * (eay@cryptsoft.com). This product includes software written by Tim
56 * Hudson (tjh@cryptsoft.com).
62 #include <openssl/crypto.h>
64 #include <openssl/conf.h>
65 #include <openssl/dso.h>
66 #include <openssl/x509.h>
68 #define DSO_mod_init_name "OPENSSL_init"
69 #define DSO_mod_finish_name "OPENSSL_finish"
72 * This structure contains a data about supported modules. entries in this
73 * table correspond to either dynamic or static modules.
76 struct conf_module_st
{
77 /* DSO of this module or NULL if static */
79 /* Name of the module */
84 conf_finish_func
*finish
;
85 /* Number of successfully initialized modules */
91 * This structure contains information about modules that have been
92 * successfully initialized. There may be more than one entry for a given
96 struct conf_imodule_st
{
104 static STACK_OF(CONF_MODULE
) *supported_modules
= NULL
;
105 static STACK_OF(CONF_IMODULE
) *initialized_modules
= NULL
;
107 static void module_free(CONF_MODULE
*md
);
108 static void module_finish(CONF_IMODULE
*imod
);
109 static int module_run(const CONF
*cnf
, char *name
, char *value
,
110 unsigned long flags
);
111 static CONF_MODULE
*module_add(DSO
*dso
, const char *name
,
112 conf_init_func
*ifunc
,
113 conf_finish_func
*ffunc
);
114 static CONF_MODULE
*module_find(char *name
);
115 static int module_init(CONF_MODULE
*pmod
, char *name
, char *value
,
117 static CONF_MODULE
*module_load_dso(const CONF
*cnf
, char *name
, char *value
,
118 unsigned long flags
);
120 /* Main function: load modules from a CONF structure */
122 int CONF_modules_load(const CONF
*cnf
, const char *appname
,
125 STACK_OF(CONF_VALUE
) *values
;
127 char *vsection
= NULL
;
135 vsection
= NCONF_get_string(cnf
, NULL
, appname
);
137 if (!appname
|| (!vsection
&& (flags
& CONF_MFLAGS_DEFAULT_SECTION
)))
138 vsection
= NCONF_get_string(cnf
, NULL
, "openssl_conf");
145 values
= NCONF_get_section(cnf
, vsection
);
150 for (i
= 0; i
< sk_CONF_VALUE_num(values
); i
++) {
151 vl
= sk_CONF_VALUE_value(values
, i
);
152 ret
= module_run(cnf
, vl
->name
, vl
->value
, flags
);
154 if (!(flags
& CONF_MFLAGS_IGNORE_ERRORS
))
162 #ifndef OPENSSL_NO_STDIO
163 int CONF_modules_load_file(const char *filename
, const char *appname
,
169 conf
= NCONF_new(NULL
);
173 if (filename
== NULL
) {
174 file
= CONF_get1_default_config_file();
178 file
= (char *)filename
;
180 if (NCONF_load(conf
, file
, NULL
) <= 0) {
181 if ((flags
& CONF_MFLAGS_IGNORE_MISSING_FILE
) &&
182 (ERR_GET_REASON(ERR_peek_last_error()) == CONF_R_NO_SUCH_FILE
)) {
189 ret
= CONF_modules_load(conf
, appname
, flags
);
192 if (filename
== NULL
)
200 static int module_run(const CONF
*cnf
, char *name
, char *value
,
206 md
= module_find(name
);
208 /* Module not found: try to load DSO */
209 if (!md
&& !(flags
& CONF_MFLAGS_NO_DSO
))
210 md
= module_load_dso(cnf
, name
, value
, flags
);
213 if (!(flags
& CONF_MFLAGS_SILENT
)) {
214 CONFerr(CONF_F_MODULE_RUN
, CONF_R_UNKNOWN_MODULE_NAME
);
215 ERR_add_error_data(2, "module=", name
);
220 ret
= module_init(md
, name
, value
, cnf
);
223 if (!(flags
& CONF_MFLAGS_SILENT
)) {
224 char rcode
[DECIMAL_SIZE(ret
) + 1];
225 CONFerr(CONF_F_MODULE_RUN
, CONF_R_MODULE_INITIALIZATION_ERROR
);
226 BIO_snprintf(rcode
, sizeof rcode
, "%-8d", ret
);
227 ERR_add_error_data(6, "module=", name
, ", value=", value
,
228 ", retcode=", rcode
);
235 /* Load a module from a DSO */
236 static CONF_MODULE
*module_load_dso(const CONF
*cnf
, char *name
, char *value
,
240 conf_init_func
*ifunc
;
241 conf_finish_func
*ffunc
;
245 /* Look for alternative path in module section */
246 path
= NCONF_get_string(cnf
, value
, "path");
251 dso
= DSO_load(NULL
, path
, NULL
, 0);
253 errcode
= CONF_R_ERROR_LOADING_DSO
;
256 ifunc
= (conf_init_func
*)DSO_bind_func(dso
, DSO_mod_init_name
);
258 errcode
= CONF_R_MISSING_INIT_FUNCTION
;
261 ffunc
= (conf_finish_func
*)DSO_bind_func(dso
, DSO_mod_finish_name
);
262 /* All OK, add module */
263 md
= module_add(dso
, name
, ifunc
, ffunc
);
273 CONFerr(CONF_F_MODULE_LOAD_DSO
, errcode
);
274 ERR_add_error_data(4, "module=", name
, ", path=", path
);
278 /* add module to list */
279 static CONF_MODULE
*module_add(DSO
*dso
, const char *name
,
280 conf_init_func
*ifunc
, conf_finish_func
*ffunc
)
282 CONF_MODULE
*tmod
= NULL
;
283 if (supported_modules
== NULL
)
284 supported_modules
= sk_CONF_MODULE_new_null();
285 if (supported_modules
== NULL
)
287 tmod
= OPENSSL_malloc(sizeof(CONF_MODULE
));
292 tmod
->name
= BUF_strdup(name
);
294 tmod
->finish
= ffunc
;
297 if (!sk_CONF_MODULE_push(supported_modules
, tmod
)) {
306 * Find a module from the list. We allow module names of the form
307 * modname.XXXX to just search for modname to allow the same module to be
308 * initialized more than once.
311 static CONF_MODULE
*module_find(char *name
)
316 p
= strrchr(name
, '.');
321 nchar
= strlen(name
);
323 for (i
= 0; i
< sk_CONF_MODULE_num(supported_modules
); i
++) {
324 tmod
= sk_CONF_MODULE_value(supported_modules
, i
);
325 if (!strncmp(tmod
->name
, name
, nchar
))
333 /* initialize a module */
334 static int module_init(CONF_MODULE
*pmod
, char *name
, char *value
,
339 CONF_IMODULE
*imod
= NULL
;
341 /* Otherwise add initialized module to list */
342 imod
= OPENSSL_malloc(sizeof(CONF_IMODULE
));
347 imod
->name
= BUF_strdup(name
);
348 imod
->value
= BUF_strdup(value
);
349 imod
->usr_data
= NULL
;
351 if (!imod
->name
|| !imod
->value
)
354 /* Try to initialize module */
356 ret
= pmod
->init(imod
, cnf
);
358 /* Error occurred, exit */
363 if (initialized_modules
== NULL
) {
364 initialized_modules
= sk_CONF_IMODULE_new_null();
365 if (!initialized_modules
) {
366 CONFerr(CONF_F_MODULE_INIT
, ERR_R_MALLOC_FAILURE
);
371 if (!sk_CONF_IMODULE_push(initialized_modules
, imod
)) {
372 CONFerr(CONF_F_MODULE_INIT
, ERR_R_MALLOC_FAILURE
);
382 /* We've started the module so we'd better finish it */
383 if (pmod
->finish
&& init_called
)
389 OPENSSL_free(imod
->name
);
391 OPENSSL_free(imod
->value
);
400 * Unload any dynamic modules that have a link count of zero: i.e. have no
401 * active initialized modules. If 'all' is set then all modules are unloaded
402 * including static ones.
405 void CONF_modules_unload(int all
)
409 CONF_modules_finish();
410 /* unload modules in reverse order */
411 for (i
= sk_CONF_MODULE_num(supported_modules
) - 1; i
>= 0; i
--) {
412 md
= sk_CONF_MODULE_value(supported_modules
, i
);
413 /* If static or in use and 'all' not set ignore it */
414 if (((md
->links
> 0) || !md
->dso
) && !all
)
416 /* Since we're working in reverse this is OK */
417 (void)sk_CONF_MODULE_delete(supported_modules
, i
);
420 if (sk_CONF_MODULE_num(supported_modules
) == 0) {
421 sk_CONF_MODULE_free(supported_modules
);
422 supported_modules
= NULL
;
426 /* unload a single module */
427 static void module_free(CONF_MODULE
*md
)
431 OPENSSL_free(md
->name
);
435 /* finish and free up all modules instances */
437 void CONF_modules_finish(void)
440 while (sk_CONF_IMODULE_num(initialized_modules
) > 0) {
441 imod
= sk_CONF_IMODULE_pop(initialized_modules
);
444 sk_CONF_IMODULE_free(initialized_modules
);
445 initialized_modules
= NULL
;
448 /* finish a module instance */
450 static void module_finish(CONF_IMODULE
*imod
)
452 if (imod
->pmod
->finish
)
453 imod
->pmod
->finish(imod
);
455 OPENSSL_free(imod
->name
);
456 OPENSSL_free(imod
->value
);
460 /* Add a static module to OpenSSL */
462 int CONF_module_add(const char *name
, conf_init_func
*ifunc
,
463 conf_finish_func
*ffunc
)
465 if (module_add(NULL
, name
, ifunc
, ffunc
))
471 void CONF_modules_free(void)
473 CONF_modules_finish();
474 CONF_modules_unload(1);
477 /* Utility functions */
479 const char *CONF_imodule_get_name(const CONF_IMODULE
*md
)
484 const char *CONF_imodule_get_value(const CONF_IMODULE
*md
)
489 void *CONF_imodule_get_usr_data(const CONF_IMODULE
*md
)
494 void CONF_imodule_set_usr_data(CONF_IMODULE
*md
, void *usr_data
)
496 md
->usr_data
= usr_data
;
499 CONF_MODULE
*CONF_imodule_get_module(const CONF_IMODULE
*md
)
504 unsigned long CONF_imodule_get_flags(const CONF_IMODULE
*md
)
509 void CONF_imodule_set_flags(CONF_IMODULE
*md
, unsigned long flags
)
514 void *CONF_module_get_usr_data(CONF_MODULE
*pmod
)
516 return pmod
->usr_data
;
519 void CONF_module_set_usr_data(CONF_MODULE
*pmod
, void *usr_data
)
521 pmod
->usr_data
= usr_data
;
524 /* Return default config file name */
526 char *CONF_get1_default_config_file(void)
531 file
= getenv("OPENSSL_CONF");
533 return BUF_strdup(file
);
535 len
= strlen(X509_get_default_cert_area());
536 #ifndef OPENSSL_SYS_VMS
539 len
+= strlen(OPENSSL_CONF
);
541 file
= OPENSSL_malloc(len
+ 1);
545 BUF_strlcpy(file
, X509_get_default_cert_area(), len
+ 1);
546 #ifndef OPENSSL_SYS_VMS
547 BUF_strlcat(file
, "/", len
+ 1);
549 BUF_strlcat(file
, OPENSSL_CONF
, len
+ 1);
555 * This function takes a list separated by 'sep' and calls the callback
556 * function giving the start and length of each member optionally stripping
557 * leading and trailing whitespace. This can be used to parse comma separated
561 int CONF_parse_list(const char *list_
, int sep
, int nospc
,
562 int (*list_cb
) (const char *elem
, int len
, void *usr
),
566 const char *lstart
, *tmpend
, *p
;
569 CONFerr(CONF_F_CONF_PARSE_LIST
, CONF_R_LIST_CANNOT_BE_NULL
);
576 while (*lstart
&& isspace((unsigned char)*lstart
))
579 p
= strchr(lstart
, sep
);
580 if (p
== lstart
|| !*lstart
)
581 ret
= list_cb(NULL
, 0, arg
);
586 tmpend
= lstart
+ strlen(lstart
) - 1;
588 while (isspace((unsigned char)*tmpend
))
591 ret
= list_cb(lstart
, tmpend
- lstart
+ 1, arg
);