From d56c8fa8260d226f98b26f017b45b9c2b135f38d Mon Sep 17 00:00:00 2001 From: cvs2svn Date: Wed, 18 Aug 2021 16:06:57 +0000 Subject: This commit was manufactured by cvs2git to create tag 'tb_20210818'. --- src/lib/libcrypto/man/CONF_modules_load_file.3 | 285 ------------------------- 1 file changed, 285 deletions(-) delete mode 100644 src/lib/libcrypto/man/CONF_modules_load_file.3 (limited to 'src/lib/libcrypto/man/CONF_modules_load_file.3') diff --git a/src/lib/libcrypto/man/CONF_modules_load_file.3 b/src/lib/libcrypto/man/CONF_modules_load_file.3 deleted file mode 100644 index bd419ef3e3..0000000000 --- a/src/lib/libcrypto/man/CONF_modules_load_file.3 +++ /dev/null @@ -1,285 +0,0 @@ -.\" $OpenBSD: CONF_modules_load_file.3,v 1.10 2021/08/03 18:49:30 schwarze Exp $ -.\" full merge up to: e9b77246 Jan 20 19:58:49 2017 +0100 -.\" selective merge up to: d090fc00 Feb 26 13:11:10 2019 +0800 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 3 2021 $ -.Dt CONF_MODULES_LOAD_FILE 3 -.Os -.Sh NAME -.Nm CONF_modules_load_file , -.Nm CONF_modules_load , -.Nm X509_get_default_cert_area -.Nd OpenSSL configuration functions -.Sh SYNOPSIS -.In openssl/conf.h -.Ft int -.Fo CONF_modules_load_file -.Fa "const char *filename" -.Fa "const char *appname" -.Fa "unsigned long flags" -.Fc -.Ft int -.Fo CONF_modules_load -.Fa "const CONF *cnf" -.Fa "const char *appname" -.Fa "unsigned long flags" -.Fc -.In openssl/x509.h -.Ft const char * -.Fn X509_get_default_cert_area void -.Sh DESCRIPTION -The function -.Fn CONF_modules_load_file -configures OpenSSL using the file -.Fa filename -in -.Xr openssl.cnf 5 -format and the application name -.Fa appname . -If -.Fa filename -is -.Dv NULL , -the standard OpenSSL configuration file -.Pa /etc/ssl/openssl.cnf -is used. -If -.Fa appname -is -.Dv NULL , -the standard OpenSSL application name -.Qq openssl_conf -is used. -The behaviour can be customized using -.Fa flags . -.Pp -See the -.Sx EXAMPLES -section for additional functions that may need to be called. -Calling configuration functions in the right order for the intended -effect can be tricky because many configuration functions internally -call each other. -.Pp -.Fn CONF_modules_load -is identical to -.Fn CONF_modules_load_file -except it reads configuration information from -.Fa cnf . -.Pp -The following -.Fa flags -are currently recognized: -.Bl -tag -width Ds -.It Dv CONF_MFLAGS_IGNORE_ERRORS -Ignore errors returned by individual configuration modules. -By default, the first module error is considered fatal and no further -modules are loaded. -.It Dv CONF_MFLAGS_SILENT -Do not add any error information. -By default, all module errors add error information to the error queue. -.It Dv CONF_MFLAGS_NO_DSO -Disable loading of configuration modules from DSOs. -.It Dv CONF_MFLAGS_IGNORE_MISSING_FILE -Let -.Fn CONF_modules_load_file -ignore missing configuration files. -By default, a missing configuration file returns an error. -.It CONF_MFLAGS_DEFAULT_SECTION -If -.Fa appname -is not -.Dv NULL -but does not exist, fall back to the default section -.Qq openssl_conf . -.El -.Pp -By using -.Fn CONF_modules_load_file -with appropriate flags, an application can customise application -configuration to best suit its needs. -In some cases the use of a configuration file is optional and its -absence is not an error: in this case -.Dv CONF_MFLAGS_IGNORE_MISSING_FILE -would be set. -.Pp -Errors during configuration may also be handled differently by -different applications. -For example in some cases an error may simply print out a warning -message and the application may continue. -In other cases an application might consider a configuration file -error fatal and exit immediately. -.Pp -Applications can use the -.Fn CONF_modules_load -function if they wish to load a configuration file themselves and -have finer control over how errors are treated. -.Sh RETURN VALUES -.Fn CONF_modules_load_file -and -.Fn CONF_modules_load -return 1 for success and zero or a negative value for failure. -If module errors are not ignored, the return code will reflect the return -value of the failing module (this will always be zero or negative). -.Pp -.Fn X509_get_default_cert_area -returns a pointer to the constant string -.Qq "/etc/ssl" . -.Sh FILES -.Bl -tag -width /etc/ssl/openssl.cnf -compact -.It Pa /etc/ssl -standard configuration directory -.It Pa /etc/ssl/openssl.cnf -standard configuration file -.El -.Sh EXAMPLES -Load a configuration file and print out any errors and exit (missing -file considered fatal): -.Bd -literal -if (CONF_modules_load_file(NULL, NULL, 0) <= 0) { - fprintf(stderr, "FATAL: error loading configuration file\en"); - ERR_print_errors_fp(stderr); - exit(1); -} -.Ed -.Pp -Load default configuration file using the section indicated -by "myapp", tolerate missing files, but exit on other errors: -.Bd -literal -if (CONF_modules_load_file(NULL, "myapp", - CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) { - fprintf(stderr, "FATAL: error loading configuration file\en"); - ERR_print_errors_fp(stderr); - exit(1); -} -.Ed -.Pp -Load custom configuration file and section instead of the standard one, -only print warnings on error, missing configuration file ignored: -.Bd -literal -OPENSSL_no_config(); -ENGINE_load_builtin_engines(); -OPENSSL_load_builtin_modules(); -if (CONF_modules_load_file("/something/app.cnf", "myapp", - CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) { - fprintf(stderr, "WARNING: error loading configuration file\en"); - ERR_print_errors_fp(stderr); -} -.Ed -.Pp -In the previous example, the call to -.Xr OPENSSL_no_config 3 -is required first to suppress automatic loading -of the standard configuration file, and the calls to -.Xr ENGINE_load_builtin_engines 3 -and -.Xr OPENSSL_load_builtin_modules 3 -are needed so that the configuration of builtin modules and engines -is also loaded in addition to the configuration of -.Qq myapp . -.Pp -Load and parse configuration file manually, custom error handling: -.Bd -literal -FILE *fp; -CONF *cnf = NULL; -long eline; - -fp = fopen("/somepath/app.cnf", "r"); -if (fp == NULL) { - fprintf(stderr, "Error opening configuration file\en"); - /* Other missing configuration file behaviour */ -} else { - cnf = NCONF_new(NULL); - if (NCONF_load_fp(cnf, fp, &eline) == 0) { - fprintf(stderr, "Error on line %ld of configuration file\en", - eline); - ERR_print_errors_fp(stderr); - /* Other malformed configuration file behaviour */ - } else if (CONF_modules_load(cnf, "appname", 0) <= 0) { - fprintf(stderr, "Error configuring application\en"); - ERR_print_errors_fp(stderr); - /* Other configuration error behaviour */ - } - fclose(fp); - NCONF_free(cnf); -} -.Ed -.Sh SEE ALSO -.Xr CONF_modules_free 3 , -.Xr ENGINE_load_builtin_engines 3 , -.Xr ERR 3 , -.Xr OPENSSL_config 3 , -.Xr OPENSSL_load_builtin_modules 3 -.Sh HISTORY -.Fn X509_get_default_cert_area -first appeared in SSLeay 0.4.1 and has been available since -.Ox 2.4 . -.Pp -.Fn CONF_modules_load_file -and -.Fn CONF_modules_load -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -- cgit v1.2.3-55-g6feb