static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf)
{
STACK_OF(CONF_VALUE) *elist;
CONF_VALUE *cval;
int i;
#ifdef ENGINE_CONF_DEBUG
fprintf(stderr, "Called engine module: name %s, value %s\n",
CONF_imodule_get_name(md), CONF_imodule_get_value(md));
#endif
/* Value is a section containing ENGINEs to configure */
elist = NCONF_get_section(cnf, CONF_imodule_get_value(md));
if (!elist)
{
ENGINEerr(ENGINE_F_INT_ENGINE_MODULE_INIT, ENGINE_R_ENGINES_SECTION_ERROR);
return 0;
}
for (i = 0; i < sk_CONF_VALUE_num(elist); i++)
{
cval = sk_CONF_VALUE_value(elist, i);
if (!int_engine_configure(cval->name, cval->value, cnf))
return 0;
}
return 1;
}
/* TODO(3.0): the config module functions should be passed a library context */
static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
{
int i;
const char *oid_section;
STACK_OF(CONF_VALUE) *sktmp;
CONF_VALUE *oval;
OSSL_TRACE2(CONF, "Loading EVP module: name %s, value %s\n",
CONF_imodule_get_name(md), CONF_imodule_get_value(md));
oid_section = CONF_imodule_get_value(md);
if ((sktmp = NCONF_get_section(cnf, oid_section)) == NULL) {
EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION);
return 0;
}
for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
oval = sk_CONF_VALUE_value(sktmp, i);
if (strcmp(oval->name, "fips_mode") == 0) {
int m;
if (!X509V3_get_value_bool(oval, &m)) {
EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE);
return 0;
}
/*
* fips_mode is deprecated and should not be used in new
* configurations. Old configurations are likely to ONLY
* have this, so we assume that no default properties have
* been set before this.
*/
if (m > 0)
EVP_set_default_properties(NULL, "fips=yes");
} else if (strcmp(oval->name, "default_properties") == 0) {
EVP_set_default_properties(NULL, oval->value);
} else {
EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION);
ERR_add_error_data(4, "name=", oval->name,
", value=", oval->value);
return 0;
}
}
return 1;
}
static int alg_module_init (CONF_IMODULE * md, const CONF * cnf)
{
int i;
const char *oid_section;
STACK_OF (CONF_VALUE) * sktmp;
CONF_VALUE *oval;
oid_section = CONF_imodule_get_value (md);
if (!(sktmp = NCONF_get_section (cnf, oid_section)))
{
EVPerr (EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION);
return 0;
}
for (i = 0; i < sk_CONF_VALUE_num (sktmp); i++)
{
oval = sk_CONF_VALUE_value (sktmp, i);
if (!strcmp (oval->name, "fips_mode"))
{
int m;
if (!X509V3_get_value_bool (oval, &m))
{
EVPerr (EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE);
return 0;
}
if (m > 0)
{
#ifdef OPENSSL_FIPS
if (!FIPS_mode () && !FIPS_mode_set (1))
{
EVPerr (EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_SETTING_FIPS_MODE);
return 0;
}
#else
EVPerr (EVP_F_ALG_MODULE_INIT, EVP_R_FIPS_MODE_NOT_SUPPORTED);
return 0;
#endif
}
}
else
{
EVPerr (EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION);
ERR_add_error_data (4, "name=", oval->name, ", value=", oval->value);
}
}
return 1;
}
static int oid_module_init(CONF_IMODULE *md, const CONF *cnf)
{
int i;
const char *oid_section;
STACK_OF(CONF_VALUE) *sktmp;
CONF_VALUE *oval;
oid_section = CONF_imodule_get_value(md);
if (!(sktmp = NCONF_get_section(cnf, oid_section))) {
ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION);
return 0;
}
for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
oval = sk_CONF_VALUE_value(sktmp, i);
if (!do_create(oval->value, oval->name)) {
ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ADDING_OBJECT);
return 0;
}
}
return 1;
}
static int stbl_module_init(CONF_IMODULE *md, const CONF *cnf)
{
int i;
const char *stbl_section;
STACK_OF(CONF_VALUE) *sktmp;
CONF_VALUE *mval;
stbl_section = CONF_imodule_get_value(md);
if ((sktmp = NCONF_get_section(cnf, stbl_section)) == NULL) {
ASN1err(ASN1_F_STBL_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION);
return 0;
}
for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
mval = sk_CONF_VALUE_value(sktmp, i);
if (!do_tcreate(mval->value, mval->name)) {
ASN1err(ASN1_F_STBL_MODULE_INIT, ASN1_R_INVALID_VALUE);
return 0;
}
}
return 1;
}
static int ssl_module_init(CONF_IMODULE *md, const CONF *cnf)
{
size_t i, j, cnt;
int rv = 0;
const char *ssl_conf_section;
STACK_OF(CONF_VALUE) *cmd_lists;
ssl_conf_section = CONF_imodule_get_value(md);
cmd_lists = NCONF_get_section(cnf, ssl_conf_section);
if (sk_CONF_VALUE_num(cmd_lists) <= 0) {
if (cmd_lists == NULL)
CONFerr(CONF_F_SSL_MODULE_INIT, CONF_R_SSL_SECTION_NOT_FOUND);
else
CONFerr(CONF_F_SSL_MODULE_INIT, CONF_R_SSL_SECTION_EMPTY);
ERR_add_error_data(2, "section=", ssl_conf_section);
goto err;
}
cnt = sk_CONF_VALUE_num(cmd_lists);
ssl_module_free(md);
ssl_names = OPENSSL_zalloc(sizeof(*ssl_names) * cnt);
if (ssl_names == NULL)
goto err;
ssl_names_count = cnt;
for (i = 0; i < ssl_names_count; i++) {
struct ssl_conf_name_st *ssl_name = ssl_names + i;
CONF_VALUE *sect = sk_CONF_VALUE_value(cmd_lists, (int)i);
STACK_OF(CONF_VALUE) *cmds = NCONF_get_section(cnf, sect->value);
if (sk_CONF_VALUE_num(cmds) <= 0) {
if (cmds == NULL)
CONFerr(CONF_F_SSL_MODULE_INIT,
CONF_R_SSL_COMMAND_SECTION_NOT_FOUND);
else
CONFerr(CONF_F_SSL_MODULE_INIT,
CONF_R_SSL_COMMAND_SECTION_EMPTY);
ERR_add_error_data(4, "name=", sect->name, ", value=", sect->value);
goto err;
}
ssl_name->name = OPENSSL_strdup(sect->name);
if (ssl_name->name == NULL)
goto err;
cnt = sk_CONF_VALUE_num(cmds);
ssl_name->cmds = OPENSSL_zalloc(cnt * sizeof(struct ssl_conf_cmd_st));
if (ssl_name->cmds == NULL)
goto err;
ssl_name->cmd_count = cnt;
for (j = 0; j < cnt; j++) {
const char *name;
CONF_VALUE *cmd_conf = sk_CONF_VALUE_value(cmds, (int)j);
struct ssl_conf_cmd_st *cmd = ssl_name->cmds + j;
/* Skip any initial dot in name */
name = strchr(cmd_conf->name, '.');
if (name != NULL)
name++;
else
name = cmd_conf->name;
cmd->cmd = OPENSSL_strdup(name);
cmd->arg = OPENSSL_strdup(cmd_conf->value);
if (cmd->cmd == NULL || cmd->arg == NULL)
goto err;
}
}
rv = 1;
err:
if (rv == 0)
ssl_module_free(md);
return rv;
}