5 CONF_modules_load_file, CONF_modules_load - OpenSSL configuration functions
9 #include <openssl/conf.h>
11 int CONF_modules_load_file(const char *filename, const char *appname,
13 int CONF_modules_load(const CONF *cnf, const char *appname,
18 The function CONF_modules_load_file() configures OpenSSL using file
19 B<filename> and application name B<appname>. If B<filename> is NULL
20 the standard OpenSSL configuration file is used. If B<appname> is
21 NULL the standard OpenSSL application name B<openssl_conf> is used.
22 The behaviour can be cutomized using B<flags>.
24 CONF_modules_load() is idential to CONF_modules_load_file() except it
25 reads configuration information from B<cnf>.
29 The following B<flags> are currently recognized:
31 B<CONF_MFLAGS_IGNORE_ERRORS> if set errors returned by individual
32 configuration modules are ignored. If not set the first module error is
33 considered fatal and no further modules are loaded.
35 Normally any modules errors will add error information to the error queue. If
36 B<CONF_MFLAGS_SILENT> is set no error information is added.
38 If B<CONF_MFLAGS_NO_DSO> is set configuration module loading from DSOs is
41 B<CONF_MFLAGS_IGNORE_MISSING_FILE> if set will make CONF_load_modules_file()
42 ignore missing configuration files. Normally a missing configuration file
45 B<CONF_MFLAGS_DEFAULT_SECTION> if set and B<appname> is not NULL will use the
46 default section pointed to by B<openssl_conf> if B<appname> does not exist.
48 Applications should call these functions after loading builtin modules using
49 OPENSSL_load_builtin_modules(), any ENGINEs for example using
50 ENGINE_load_builtin_engines(), any algorithms for example
51 OPENSSL_add_all_algorithms() and (if the application uses libssl)
54 By using CONF_modules_load_file() with appropriate flags an application can
55 customise application configuration to best suit its needs. In some cases the
56 use of a configuration file is optional and its absence is not an error: in
57 this case B<CONF_MFLAGS_IGNORE_MISSING_FILE> would be set.
59 Errors during configuration may also be handled differently by different
60 applications. For example in some cases an error may simply print out a warning
61 message and the application continue. In other cases an application might
62 consider a configuration file error as fatal and exit immediately.
64 Applications can use the CONF_modules_load() function if they wish to load a
65 configuration file themselves and have finer control over how errors are
70 Load a configuration file and print out any errors and exit (missing file
73 if (CONF_modules_load_file(NULL, NULL, 0) <= 0) {
74 fprintf(stderr, "FATAL: error loading configuration file\n");
75 ERR_print_errors_fp(stderr);
79 Load default configuration file using the section indicated by "myapp",
80 tolerate missing files, but exit on other errors:
82 if (CONF_modules_load_file(NULL, "myapp",
83 CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
84 fprintf(stderr, "FATAL: error loading configuration file\n");
85 ERR_print_errors_fp(stderr);
89 Load custom configuration file and section, only print warnings on error,
90 missing configuration file ignored:
92 if (CONF_modules_load_file("/something/app.cnf", "myapp",
93 CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
94 fprintf(stderr, "WARNING: error loading configuration file\n");
95 ERR_print_errors_fp(stderr);
98 Load and parse configuration file manually, custom error handling:
103 fp = fopen("/somepath/app.cnf", "r");
105 fprintf(stderr, "Error opening configuration file\n");
106 /* Other missing configuration file behaviour */
108 cnf = NCONF_new(NULL);
109 if (NCONF_load_fp(cnf, fp, &eline) == 0) {
110 fprintf(stderr, "Error on line %ld of configuration file\n", eline);
111 ERR_print_errors_fp(stderr);
112 /* Other malformed configuration file behaviour */
113 } else if (CONF_modules_load(cnf, "appname", 0) <= 0) {
114 fprintf(stderr, "Error configuring application\n");
115 ERR_print_errors_fp(stderr);
116 /* Other configuration error behaviour */
124 These functions return 1 for success and a zero or negative value for
125 failure. If module errors are not ignored the return code will reflect the
126 return value of the failing module (this will always be zero or negative).
130 L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>,
131 L<CONF_free(3)|CONF_free(3)>, L<err(3)|err(3)>
135 CONF_modules_load_file and CONF_modules_load first appeared in OpenSSL 0.9.7.