Make OPENSSL_INIT_SETTINGS an opaque structure.
Reviewed-by: Richard Levitte <levitte@openssl.org>
*/
#include <stdio.h>
+#include <string.h>
+#include <internal/conf.h>
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/conf.h>
return conf->meth->dump(conf, out);
}
+
+/*
+ * These routines call the C malloc/free, to avoid intermixing with
+ * OpenSSL function pointers before the library is initialized.
+ */
+OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void)
+{
+ OPENSSL_INIT_SETTINGS *ret = malloc(sizeof(*ret));
+
+ memset(ret, 0, sizeof(*ret));
+ return ret;
+}
+
+
+void OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *settings,
+ const char *config_file)
+{
+ free(settings->config_name);
+ settings->config_name = config_file == NULL ? NULL : strdup(config_file);
+}
+
+void OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *settings)
+{
+ free(settings->config_name);
+ free(settings);
+}
void OPENSSL_config(const char *config_name)
{
- OPENSSL_INIT_SETTINGS settings[2];
+ OPENSSL_INIT_SETTINGS settings;
- settings[0].name = OPENSSL_INIT_SET_CONF_FILENAME;
- settings[0].value.type_string = config_name;
- settings[1].name = OPENSSL_INIT_SET_END;
- settings[1].value.type_int = 0;
- OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, settings);
+ memset(&settings, 0, sizeof(settings));
+ settings.config_name = strdup(config_name);
+ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, &settings);
}
void openssl_config_internal(const char *config_name)
#endif
+typedef struct ossl_init_stop_st OPENSSL_INIT_STOP;
struct ossl_init_stop_st {
void (*handler)(void);
OPENSSL_INIT_STOP *next;
base_inited = 0;
}
-static const OPENSSL_INIT_SETTINGS *ossl_init_get_setting(
- const OPENSSL_INIT_SETTINGS *settings, int name)
-{
- if (settings == NULL)
- return NULL;
-
- while (settings->name != OPENSSL_INIT_SET_END) {
- if (settings->name == name)
- return settings;
- settings++;
- }
-
- return NULL;
-}
-
/*
* If this function is called with a non NULL settings value then it must be
* called prior to any threads making calls to any OpenSSL functions,
if (opts & OPENSSL_INIT_LOAD_CONFIG) {
CRYPTO_w_lock(CRYPTO_LOCK_INIT);
- if (settings != NULL) {
- const OPENSSL_INIT_SETTINGS *curr;
- curr = ossl_init_get_setting(settings,
- OPENSSL_INIT_SET_CONF_FILENAME);
- config_filename = (curr == NULL) ? NULL : curr->value.type_string;
- } else {
- config_filename = NULL;
- }
+ config_filename = (settings == NULL) ? NULL : settings->config_name;
ossl_init_once_run(&config, ossl_init_config);
CRYPTO_w_unlock(CRYPTO_LOCK_INIT);
}
int OPENSSL_atexit(void (*handler)(void));
void OPENSSL_thread_stop(void);
+ OPENSSL_INIT_SETTINGS *OPENSSL_init_new(void);
+ OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *init, const char* name);
+ OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *init);
+
=head1 DESCRIPTION
During normal operation OpenSSL (libcrypto) will allocate various resources at
With this option an OpenSSL configuration file will be automatically loaded and
used by calling OPENSSL_config(). This is not a default option.
+See the description of OPENSSL_init_new(), below.
=item OPENSSL_INIT_NO_LOAD_CONFIG
OPENSSL_init_crypto(OPENSSL_INIT_NO_ADD_ALL_CIPHERS
| OPENSSL_INIT_NO_ADD_ALL_DIGESTS, NULL);
-
-The B<settings> parameter to OPENSSL_init_crypto() may be used to provide
-optional settings values to an option. Currently the only option this
-applies to is OPENSSL_INIT_LOAD_CONFIG. This provides the optional
-OPENSSL_INIT_SET_CONF_FILENAME parameter to provide a filename to load
-configuration from. If no filename is provided then the system default
-configuration file is assumed. For example
-
- const OPENSSL_INIT_SETTINGS settings[2] = {
- { OPENSSL_INIT_SET_CONF_FILENAME, .value.type_string = "myconf.cnf" },
- { OPENSSL_INIT_SET_END, .value.type_int = 0 }
- };
- OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, settings);
-
-The B<settings> parameter must be an array of OPENSSL_INIT_SETTINGS values
-terminated with an OPENSSL_INIT_SET_END entry.
-
The OPENSSL_cleanup() function deinitialises OpenSSL (both libcrypto
and libssl). All resources allocated by OpenSSL are freed. Typically there
should be no need to call this function directly as it is initiated
resources should be freed at an earlier time, or under the circumstances
described in the NOTES section below.
+The B<OPENSSL_INIT_LOAD_CONFIG> flag will load a default configuration
+file. To specify a different file, an B<OPENSSL_INIT_SETTINGS> must
+be created and used. The routines
+OPENSSL_init_new() and OPENSSL_INIT_set_config_filename() can be used to
+allocate the object and set the configuration filename, and then the
+object can be released with OPENSSL_INIT_free() when done.
+
=head1 NOTES
Resources local to a thread are deallocated automatically when the thread exits
=back
-The B<settings> parameter specifies optional settings values to an option.
-Currently no such settings are available for libssl specific options. However
-these settings will also be passed internally to a call to
-L<OPENSSL_init_crypto(3)>, so this parameter can also be used to
-provide libcrypto settings values.
+OPENSSL_init_ssl() takes a B<settings> parameter which can be used to
+set parameter values. See L<OPENSSL_init_crypto(3)> for details.
=head1 RETURN VALUES
extern "C" {
#endif
+
+struct ossl_init_settings_st {
+ char *config_name;
+};
+
void openssl_config_internal(const char *config_name);
void openssl_no_config_internal(void);
#if OPENSSL_API_COMPAT < 0x10100000L
void OPENSSL_config(const char *config_name);
+
# define OPENSSL_no_config() \
OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG, NULL)
#endif
OPENSSL_INIT_ENGINE_PADLOCK)
-
-/* Optional settings for initialisation */
-# define OPENSSL_INIT_SET_END 0
-# define OPENSSL_INIT_SET_CONF_FILENAME 1
-
-typedef struct ossl_init_settings_st {
- int name;
- union {
- int type_int;
- long type_long;
- int32_t type_int32_t;
- uint32_t type_uint32_t;
- int64_t type_int64_t;
- uint64_t type_uint64_t;
- size_t type_size_t;
- const char *type_string;
- void *type_void_ptr;
- } value;
-} OPENSSL_INIT_SETTINGS;
-
-typedef struct ossl_init_stop_st OPENSSL_INIT_STOP;
-
/* Library initialisation functions */
void OPENSSL_cleanup(void);
int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
int OPENSSL_atexit(void (*handler)(void));
void OPENSSL_thread_stop(void);
+/* Low-level control of initialization */
+OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void);
+void OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *settings,
+ const char *config_file);
+void OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *settings);
+
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
typedef struct v3_ext_ctx X509V3_CTX;
typedef struct conf_st CONF;
+typedef struct ossl_init_settings_st OPENSSL_INIT_SETTINGS;
typedef struct ui_st UI;
typedef struct ui_method_st UI_METHOD;
}
}
+
/*
* If this function is called with a non NULL settings value then it must be
* called prior to any threads making calls to any OpenSSL functions,
OPENSSL_atexit 5211 1_1_0 EXIST::FUNCTION:
OPENSSL_init_crypto 5212 1_1_0 EXIST::FUNCTION:
OPENSSL_thread_stop 5213 1_1_0 EXIST::FUNCTION:
+OPENSSL_INIT_new 5215 1_1_0 EXIST::FUNCTION:
+OPENSSL_INIT_free 5216 1_1_0 EXIST::FUNCTION:
+OPENSSL_INIT_set_config_filename 5217 1_1_0 EXIST::FUNCTION:
projects / openssl.git / commitdiff